gazpacho
bleach
Our great sponsors
gazpacho | bleach | |
---|---|---|
1 | 6 | |
730 | 2,615 | |
- | 0.7% | |
3.2 | 6.4 | |
5 months ago | 9 days ago | |
Python | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gazpacho
-
Ask HN: What are some tools / libraries you built yourself?
I've been working on gazpacho [1] for last two years.
It's a general purpose web scraping library for Python that replaces BeautifulSoup + requests for most projects.
Just surpassed ~2K downloads every week!
[1] https://github.com/maxhumber/gazpacho
bleach
-
What's your favorite alternative to bleach for sanitizing HTML?
I noticed via the changelog for Django 4.2.2 that bleach is deprecated (Django removed mention of it from their docs).
-
I wrote a markdown to html converter
I don't know a golang library for it but https://github.com/mozilla/bleach is a python lib that escapes all the nasty javascript inputs.
-
Django-tinymce and HTML Injection
bleach it!
-
Serialize Django Data for JavaScript
This is an excellent point; I should have addressed safety in my article. I'll point out that in my use case, I'm using `safe` on data I create and not any user-generated data.
You should never use `safe` on user data unless you use something like bleach (https://github.com/mozilla/bleach) to sanitize the data. Even then, you should use caution.
-
Rich text field and django rest framework
Use bleach to sanitize it https://bleach.readthedocs.io/en/latest/
- mutation XSS via allowed math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe,
What are some alternatives?
selectolax - Python binding to Modest and Lexbor engines (fast HTML5 parser with CSS selectors).
lxml - The lxml XML toolkit for Python
MarkupSafe - Safely add untrusted strings to HTML/XML markup.
html5lib - Standards-compliant library for parsing and serializing HTML documents and fragments in Python
xhtml2pdf - A library for converting HTML into PDFs using ReportLab
xmltodict - Python module that makes working with XML feel like you are working with JSON
untangle - Converts XML to Python objects
cssutils