CC/octomode
12
0
Fork 0
Code Issues 18 Pull Requests Projects Releases Wiki Activity

adding escape() and Markup()

Browse Source
This commit is contained in:
manetta 2022-02-22 10:44:18 +01:00
parent e257d5359e
commit 7db66e0f6b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
octomode.py
View File

@ -5,7 +5,7 @@ from urllib.request import urlopen
from urllib.parse import urlencode from urllib.parse import urlencode
# To sanitize Flask input fields # To sanitize Flask input fields
from flask import escape from markupsafe import Markup, escape
# To sanitize Markdown input # To sanitize Markdown input
import markdown import markdown
@ -79,9 +79,9 @@ def md_to_html(md_pad_content):
# Sanitize the Markdown # Sanitize the Markdown
# html = bleach.clean(html) # html = bleach.clean(html)
# Another way to Sanitize # Another built-in Flask way to sanitize
from markupsafe import Markup html = escape(html)
html = Markup(html) # Maybe not safe enough? html = Markup(html)
return html return html