Login

CleanCharField

Author:
DvD
Posted:
September 28, 2007
Language:
Python
Version:
.96
Tags:
validator newforms forms html sanitize profanities
Score:
-2 (after 2 ratings)

I was about to start an online community but every time you allow people to post something as a comment you never know what they come up to, especially regarding profanities.

So I come up with this idea, I put together some code from the old style form validators and the new newform style, plus some code to sanitize HTML from snippet number 169, and the final result is a CharField that only accept values without swear words, profanities, curses and bad html.

Cheers.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
from django import newforms as forms
from django.conf import settings
from django.newforms.fields import EMPTY_VALUES
from django.utils.translation import ugettext as _, ungettext

from utils.BeautifulSoup import BeautifulSoup, Comment


class CleanCharField(forms.CharField):
	valid_tags= settings.VALID_TAGS.split()
	valid_attrs= settings.VALID_ATTRS.split()

	def clean(self, value):
		"""
			Checks that the given string has no profanities in it. This does a simple
			check for whether each profanity exists within the string, so 'fuck' will
			catch 'motherfucker' as well. Raises a ValidationError such as:
			Watch your mouth! The words "f--k" and "s--t" are not allowed here.
		"""
		value= value.lower() # normalize
		words_seen= [w for w in settings.PROFANITIES_LIST if w in value]
		if words_seen:
			from django.utils.text import get_text_list
			plural= len(words_seen)
			raise forms.ValidationError, ungettext("Watch your mouth! The word %s is not allowed here.",
				"Watch your mouth! The words %s are not allowed here.", plural) % \
				get_text_list(['"%s%s%s"' % (i[0], '-'*(len(i)-2), i[-1]) for i in words_seen], _('and'))
		"""
			Cleans non-allowed HTML from the input
		"""
		value= super(CleanCharField, self).clean(value)
		soup= BeautifulSoup(value)
		for comment in soup.findAll(text=lambda text: isinstance(text, Comment)):
			comment.extract()
		for tag in soup.findAll(True):
			if tag.name not in self.valid_tags:
				tag.hidden= True
				tag.attrs= [(attr, val) for attr, val in tag.attrs if attr in self.valid_attrs]
		return soup.renderContents().decode('utf8')


settings.py:
PROFANITIES_LIST = ('asshat', 'asshead', 'asshole', 'cunt', 'fuck', 'gook', 'nigger', 'shit',)
VALID_TAGS= 'p i strong b u a h1 h2 h3 pre br img'
VALID_ATTRS= 'href src'

More like this

  1. shortcut for saving newforms to model by james_027 7 years, 10 months ago
  2. Sanitize HTML filter by henriklied 8 years, 3 months ago
  3. Sanitize text field HTML (here from the Dojo Toolkit Editor2 widget) by akaihola 8 years, 3 months ago
  4. Sanitize HTML filter with tag/attribute whitelist and XSS protection by harrym 6 years ago
  5. Upload a file using newforms by mboersma 8 years, 4 months ago

Comments

Please login first before commenting.