Limit tags from tinymce and use strip in bleach rather than replace

author Frédéric Perrin <frederic.perrin@resel.fr>

Sat, 12 Nov 2016 10:41:39 +0000 (10:41 +0000)

committer Frédéric Perrin <frederic.perrin@resel.fr>

Sat, 12 Nov 2016 10:41:39 +0000 (10:41 +0000)
author Frédéric Perrin <frederic.perrin@resel.fr>
Sat, 12 Nov 2016 10:41:39 +0000 (10:41 +0000)
committer Frédéric Perrin <frederic.perrin@resel.fr>
Sat, 12 Nov 2016 10:41:39 +0000 (10:41 +0000)
diff --git a/djsite/settings_common.py b/djsite/settings_common.py

index 101d83337fecb79b29c4ab5a55374dc12e96d124..6eed00b5bb133fd6ee78a3a8a47d51314d8087b9 100644 (file)
--- a/djsite/settings_common.py
+++ b/djsite/settings_common.py
@@ -99,4 +99,5 @@ TINYMCE_DEFAULT_CONFIG = {
      'theme_advanced_buttons2' : '',
      'theme_advanced_buttons3' : "",
      'plugins': 'table',
+    'valid_elements': 'a|b|strong|u|i|em|ul|ol|li|p|br'
  }
diff --git a/quotes/localmodels.py b/quotes/localmodels.py

index c09f7710361be183be7112d39f2396c45db73bfd..691ea8cc6421c13ad3c43bececf5f8e61d935e96 100644 (file)
--- a/quotes/localmodels.py
+++ b/quotes/localmodels.py
@@ -2,7 +2,8 @@ import tinymce.models
  import bleach
  
  def valid_html(value):
-    return bleach.clean(value, bleach.ALLOWED_TAGS + ['p', 'br'])
+    return bleach.clean(value, bleach.ALLOWED_TAGS + ['p', 'br'],
+                        strip=True, strip_comments=True)
  
  class HTMLField(tinymce.models.HTMLField):
      def pre_save(self, model_instance, add):
author	Frédéric Perrin <frederic.perrin@resel.fr>
	Sat, 12 Nov 2016 10:41:39 +0000 (10:41 +0000)
committer	Frédéric Perrin <frederic.perrin@resel.fr>
	Sat, 12 Nov 2016 10:41:39 +0000 (10:41 +0000)
djsite/settings_common.py		patch \| blob \| history
quotes/localmodels.py		patch \| blob \| history