paramecio/paramecio2fm
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Multiple fixes, changed beautifoul soup dependency for bleach from mozilla

Browse source
This commit is contained in:
absurdo 2023-12-20 01:46:48 +01:00
parent 5339ba4b4c
commit c85fed0df1
3 changed files with 22 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

19
paramecio2/libraries/db/corefields.py
View file

@ -1,7 +1,8 @@
from paramecio2.libraries.db.webmodel import PhangoField
from paramecio2.libraries.db import coreforms
from paramecio2.libraries.i18n import I18n
from bs4 import BeautifulSoup
#from bs4 import BeautifulSoup
import bleach
class IntegerField(PhangoField):
@ -212,9 +213,12 @@ class HTMLField(TextField):
This check method use beautifulsoap for clean and format html code
"""
# leach.clean('<p>"trial"</p><script></script>', tags=('p'))
"""
soup=BeautifulSoup(value, features='html.parser')
for tag in soup.findAll(True):
if tag.name not in self.trusted_tags:
tag.hidden=True
@ -227,7 +231,18 @@ class HTMLField(TextField):
return value
"""
value=bleach.clean('<p>"trial"</p><script></script>', tags=self.trusted_tags)
if self.escape:
return value.replace('"', '&quot;')
else:
return value
class ForeignKeyField(IntegerField):
"""Subclass of IntegerField for create Foreign keys

6
paramecio2/tests/fields_test.py
View file

@ -59,15 +59,15 @@ def test_test_htmlfield():
field=corefields.HTMLField('html')
assert field.check('<p>"trial"</p><script></script>')=='"trial"'
assert field.check('<p>"trial"</p><script></script>')=='&lt;p&gt;"trial"&lt;/p&gt;&lt;script&gt;&lt;/script&gt;'
field.escape=True
assert field.check('<p>"trial"</p><script></script>')=='&quot;trial&quot;'
assert field.check('<p>"trial"</p><script></script>')=='&lt;p&gt;&quot;trial&quot;&lt;/p&gt;&lt;script&gt;&lt;/script&gt;'
field.trusted_tags=['p']
assert field.check('<p>"trial"</p><script></script>')=='<p>&quot;trial&quot;</p>'
assert field.check('<p>"trial"</p><script></script>')=='<p>&quot;trial&quot;</p>&lt;script&gt;&lt;/script&gt;'
#field.
def test_test_foreignkeyfield():

4
setup.py
View file

@ -13,7 +13,7 @@ if sys.version_info < (3, 8):
# If you install passlib and bcrypt, the password system will use bcrypt by default, if not, will use native crypt libc
setup(name='paramecio2',
version='2.0.28',
version='2.0.29',
description='Simple Web Framework based in flask and Mako.',
long_description='This framework is a simple framework used for create web apps. Paramecio is modular and fast. By default have a module called admin that can be used for create admin sites',
author='Antonio de la Rosa Caballero',
@ -21,7 +21,7 @@ setup(name='paramecio2',
url='https://bitbucket.org/paramecio/paramecio2fm/',
packages=['paramecio2'],
include_package_data=True,
install_requires=['flask', 'pymysql', 'sqlalchemy', 'colorama', 'python-slugify', 'mako', 'pillow', 'arrow', 'beautifulsoup4'],
install_requires=['flask', 'pymysql', 'sqlalchemy', 'colorama', 'python-slugify', 'mako', 'pillow', 'arrow', 'bleach'],
entry_points={'console_scripts': [
'paramecio2 = paramecio2.console:start', 'paramecio2db = paramecio2.libraries.db.dbadmin:start', 'paramecio2lang = paramecio2.libraries.check_i18n:start',
]},