sanitizing html with python

by Jörg Baach — last modified Mar 07, 2011 05:24 PM

I need to sanititze html input before rendering on a page. Use case is a rich text editor. How can I prevent xss attacks?

A search for 'htmllaundry xss' it didn't show good examples, and the tests don't seem to cover lots of attacks, so I am not too sure about it.

Most informative (but somewhat old) google hit so far:

Add comment

You can add a comment by filling out the form below. Plain text formatting.

Name

Comment

Captcha

Question: What is 23 plus 19?
Your answer:

Updates...: Compiling python extensions in windows 10 Sep 06, 2018; thunderbird white background for text messages May 12, 2018; A problem with neo4j's db.schema()? Apr 25, 2018; neo4j full text indexing - limited to 32k Mar 20, 2017; Installing python buildout with readline Feb 25, 2017; Fonts on Ubuntu - revamped Jan 24, 2017; plone: removing (portlet)renderers from the cache Jun 02, 2015; A comparison of five ebook readers Nov 29, 2014; neo4j performance compared to graphagus Oct 07, 2014; Embed pdf viewer in firefox (29+) using mozplugger May 19, 2014; more…