Login

keeptags: strip all HTML tags from output except a specified list of elements

Author:
chrominance
Posted:
June 24, 2007
Language:
Python
Version:
.96
Tags:
filter html escape
Score:
5 (after 5 ratings)

Django has several filters designed to sanitize HTML output, but they're either too broad (striptags, escape) or too narrow (removetags) to use when you want to allow a specified set of HTML tags in your output. Thus keeptags was born. Some of the code is essentially ripped from the Django removetags function. It's not perfect--for example, it doesn't touch attributes inside elements at all--but otherwise it works well.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
def keeptags(value, tags):
    """
    Strips all [X]HTML tags except the space seperated list of tags 
    from the output.
    
    Usage: keeptags:"strong em ul li"
    """
    import re
    from django.utils.html import strip_tags, escape
    tags = [re.escape(tag) for tag in tags.split()]
    tags_re = '(%s)' % '|'.join(tags)
    singletag_re = re.compile(r'<(%s\s*/?)>' % tags_re)
    starttag_re = re.compile(r'<(%s)(\s+[^>]+)>' % tags_re)
    endtag_re = re.compile(r'<(/%s)>' % tags_re)
    value = singletag_re.sub('##~~~\g<1>~~~##', value)
    value = starttag_re.sub('##~~~\g<1>\g<3>~~~##', value)
    value = endtag_re.sub('##~~~\g<1>~~~##', value)
    value = strip_tags(value)
    value = escape(value)
    recreate_re = re.compile('##~~~([^~]+)~~~##')
    value = recreate_re.sub('<\g<1>>', value)
    return value

More like this

  1. Django filter stack to cleanup WYSIWYG output by jbergantine 4 years ago
  2. Add CSS class template filter by lazerscience 4 years, 9 months ago
  3. wordbreak filter by soniiic 6 years, 4 months ago
  4. YUI Loader as Django middleware by akaihola 7 years, 4 months ago
  5. escape() -- works on dictionaries/lists by zeeg 8 years, 3 months ago

Comments

Please login first before commenting.