xmldataset
xmldataset: xml parsing made easy 🗃️ (by spurin)
bleach
Bleach is an allowed-list-based HTML sanitizing library that escapes or strips markup and attributes (by mozilla)
xmldataset | bleach | |
---|---|---|
- | 6 | |
77 | 2,619 | |
- | 0.6% | |
0.0 | 6.1 | |
almost 4 years ago | 25 days ago | |
Python | Python | |
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
xmldataset
Posts with mentions or reviews of xmldataset.
We have used some of these posts to build our list of alternatives
and similar projects.
We haven't tracked posts mentioning xmldataset yet.
Tracking mentions began in Dec 2020.
bleach
Posts with mentions or reviews of bleach.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-06-06.
-
What's your favorite alternative to bleach for sanitizing HTML?
I noticed via the changelog for Django 4.2.2 that bleach is deprecated (Django removed mention of it from their docs).
-
I wrote a markdown to html converter
I don't know a golang library for it but https://github.com/mozilla/bleach is a python lib that escapes all the nasty javascript inputs.
-
Django-tinymce and HTML Injection
bleach it!
-
Serialize Django Data for JavaScript
This is an excellent point; I should have addressed safety in my article. I'll point out that in my use case, I'm using `safe` on data I create and not any user-generated data.
You should never use `safe` on user data unless you use something like bleach (https://github.com/mozilla/bleach) to sanitize the data. Even then, you should use caution.
-
Rich text field and django rest framework
Use bleach to sanitize it https://bleach.readthedocs.io/en/latest/
- mutation XSS via allowed math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe,
What are some alternatives?
When comparing xmldataset and bleach you can also consider the following projects:
xmltodict - Python module that makes working with XML feel like you are working with JSON
lxml - The lxml XML toolkit for Python
MarkupSafe - Safely add untrusted strings to HTML/XML markup.
xhtml2pdf - A library for converting HTML into PDFs using ReportLab
selectolax - Python binding to Modest and Lexbor engines (fast HTML5 parser with CSS selectors).
html5lib - Standards-compliant library for parsing and serializing HTML documents and fragments in Python
cssutils