Metadata-Version: 2.1 Name: MarkupSafe Version: 2.0.1 Summary: Safely add untrusted strings to HTML/XML markup. Home-page: https://palletsprojects.com/p/markupsafe/ Author: Armin Ronacher Author-email: armin.ronacher@active-4.com Maintainer: Pallets Maintainer-email: contact@palletsprojects.com License: BSD-3-Clause Project-URL: Donate, https://palletsprojects.com/donate Project-URL: Documentation, https://markupsafe.palletsprojects.com/ Project-URL: Changes, https://markupsafe.palletsprojects.com/changes/ Project-URL: Source Code, https://github.com/pallets/markupsafe/ Project-URL: Issue Tracker, https://github.com/pallets/markupsafe/issues/ Project-URL: Twitter, https://twitter.com/PalletsTeam Project-URL: Chat, https://discord.gg/pallets Platform: UNKNOWN Classifier: Development Status :: 5 - Production/Stable Classifier: Environment :: Web Environment Classifier: Intended Audience :: Developers Classifier: License :: OSI Approved :: BSD License Classifier: Operating System :: OS Independent Classifier: Programming Language :: Python Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content Classifier: Topic :: Text Processing :: Markup :: HTML Requires-Python: >=3.6 Description-Content-Type: text/x-rst License-File: LICENSE.rst MarkupSafe ========== MarkupSafe implements a text object that escapes characters so it is safe to use in HTML and XML. Characters that have special meanings are replaced so that they display as the actual characters. This mitigates injection attacks, meaning untrusted user input can safely be displayed on a page. Installing ---------- Install and update using `pip`_: .. code-block:: text pip install -U MarkupSafe .. _pip: https://pip.pypa.io/en/stable/quickstart/ Examples -------- .. code-block:: pycon >>> from markupsafe import Markup, escape >>> # escape replaces special characters and wraps in Markup >>> escape("") Markup('<script>alert(document.cookie);</script>') >>> # wrap in Markup to mark text "safe" and prevent escaping >>> Markup("Hello") Markup('hello') >>> escape(Markup("Hello")) Markup('hello') >>> # Markup is a str subclass >>> # methods and operators escape their arguments >>> template = Markup("Hello {name}") >>> template.format(name='"World"') Markup('Hello "World"') Donate ------ The Pallets organization develops and supports MarkupSafe and other popular packages. In order to grow the community of contributors and users, and allow the maintainers to devote more time to the projects, `please donate today`_. .. _please donate today: https://palletsprojects.com/donate Links ----- - Documentation: https://markupsafe.palletsprojects.com/ - Changes: https://markupsafe.palletsprojects.com/changes/ - PyPI Releases: https://pypi.org/project/MarkupSafe/ - Source Code: https://github.com/pallets/markupsafe/ - Issue Tracker: https://github.com/pallets/markupsafe/issues/ - Website: https://palletsprojects.com/p/markupsafe/ - Twitter: https://twitter.com/PalletsTeam - Chat: https://discord.gg/pallets