pyquery
A jquery-like library for python (by gawel)
bleach
Bleach is an allowed-list-based HTML sanitizing library that escapes or strips markup and attributes (by mozilla)
Our great sponsors
pyquery | bleach | |
---|---|---|
- | 6 | |
2,271 | 2,618 | |
- | 0.8% | |
4.8 | 6.4 | |
24 days ago | 11 days ago | |
Python | Python | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pyquery
Posts with mentions or reviews of pyquery.
We have used some of these posts to build our list of alternatives
and similar projects.
We haven't tracked posts mentioning pyquery yet.
Tracking mentions began in Dec 2020.
bleach
Posts with mentions or reviews of bleach.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-06-06.
-
What's your favorite alternative to bleach for sanitizing HTML?
I noticed via the changelog for Django 4.2.2 that bleach is deprecated (Django removed mention of it from their docs).
-
I wrote a markdown to html converter
I don't know a golang library for it but https://github.com/mozilla/bleach is a python lib that escapes all the nasty javascript inputs.
-
Django-tinymce and HTML Injection
bleach it!
-
Serialize Django Data for JavaScript
This is an excellent point; I should have addressed safety in my article. I'll point out that in my use case, I'm using `safe` on data I create and not any user-generated data.
You should never use `safe` on user data unless you use something like bleach (https://github.com/mozilla/bleach) to sanitize the data. Even then, you should use caution.
-
Rich text field and django rest framework
Use bleach to sanitize it https://bleach.readthedocs.io/en/latest/
- mutation XSS via allowed math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe,
What are some alternatives?
When comparing pyquery and bleach you can also consider the following projects:
lxml - The lxml XML toolkit for Python
xmltodict - Python module that makes working with XML feel like you are working with JSON
MarkupSafe - Safely add untrusted strings to HTML/XML markup.
selectolax - Python binding to Modest and Lexbor engines (fast HTML5 parser with CSS selectors).
xhtml2pdf - A library for converting HTML into PDFs using ReportLab
html5lib - Standards-compliant library for parsing and serializing HTML documents and fragments in Python
cssutils