-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Display hyperlinks #79
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider the use of bleach (https://pypi.org/project/bleach/) instead of a custom Sanitizer class in views.py. The argument: sanitization is a security issue, and a failure to sanitize properly will lead to a security vulnerability.
Your code does look clean -- and I can't see a bug in it -- but that isn't a guarantee. :-)
For the purposes of logging bad comments bleach doesn't seem to tell you if it found any unwanted tags in the input string, and we can't just do Lastly, I'd argue that my custom class depends on the builtin HTMLParser so if we depend on the parent class to be able to find all HTML tags I feel like that would be secure enough? Also a plus because its a builtin? (one less dependency) ;) |
It would be sad to lose precise logging. I don't think that reducing dependencies is an argument. This is a security-related function. I would prefer that someone who is likely to be paying close attention to threats be doing updates. That's actually a benefit. I don't have an absolute preference on this since you've already completed the work, but if I were to have done this, I would have used bleach. Writing code to do something when there is an already maintained package that already does it is (a) slower and (b) a risk. |
Agreed on that point, bleach will be maintained for longer than I will be around to maintain this. So switched to bleach. Although on that point about 'faster', yes its faster to implement bleach, but I did some testing and found that bleach is actually consistently 10-20x slower than a custom parser class when sanitizing. Good thing is that it only needs to be run once, and as long as thousands of comments don't suddenly flood the server it should be fine, we're not at a point where that would be a bottleneck. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: The whitespace fixes make paragraphs happen but does not fix indentation. That is being left for markdown.
Displays links as hyperlinks within clues and student comments and replies.
Also sanitize incoming text before displaying links to prevent against unwanted attacks.
If a potential bad comment is found, it is logged into the debug logger at WARNING level in the following format:
A set of pre-chosen tags can be allowed through by adding them into the
self.allowed
attribute of the newHTMLSanitizer
class.