Commit 8515e0ac authored by Arnaud Fontaine's avatar Arnaud Fontaine

PortalTransforms: safe_html: Changes in b255c894 were not actually applied so...

PortalTransforms: safe_html: Changes in b255c894 were not actually applied so merge FS module and portal_transforms/safe_html.
parent 3c171644
......@@ -24,6 +24,12 @@
<key> <string>data</string> </key>
<value>
<dictionary>
<item>
<key> <string>class_blacklist</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>default_encoding</string> </key>
<value> <string>utf-8</string> </value>
......@@ -35,13 +41,13 @@
<item>
<key> <string>inputs</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>nasty_tags</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
<item>
......@@ -52,10 +58,28 @@
<key> <string>remove_javascript</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>stripped_attributes</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAU=</string> </persistent>
</value>
</item>
<item>
<key> <string>stripped_combinations</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAY=</string> </persistent>
</value>
</item>
<item>
<key> <string>style_whitelist</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAc=</string> </persistent>
</value>
</item>
<item>
<key> <string>valid_tags</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAg=</string> </persistent>
</value>
</item>
</dictionary>
......@@ -78,40 +102,64 @@
<key> <string>data</string> </key>
<value>
<dictionary>
<item>
<key> <string>class_blacklist</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAk=</string> </persistent>
</value>
</item>
<item>
<key> <string>default_encoding</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAU=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAo=</string> </persistent>
</value>
</item>
<item>
<key> <string>disable_transform</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAY=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAs=</string> </persistent>
</value>
</item>
<item>
<key> <string>inputs</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAc=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAw=</string> </persistent>
</value>
</item>
<item>
<key> <string>nasty_tags</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAg=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAA0=</string> </persistent>
</value>
</item>
<item>
<key> <string>remove_javascript</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAk=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAA4=</string> </persistent>
</value>
</item>
<item>
<key> <string>stripped_attributes</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAA8=</string> </persistent>
</value>
</item>
<item>
<key> <string>stripped_combinations</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAABA=</string> </persistent>
</value>
</item>
<item>
<key> <string>style_whitelist</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAABE=</string> </persistent>
</value>
</item>
<item>
<key> <string>valid_tags</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAo=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAABI=</string> </persistent>
</value>
</item>
</dictionary>
......@@ -156,6 +204,21 @@
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<list/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
......@@ -172,7 +235,7 @@
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
......@@ -184,19 +247,27 @@
<dictionary>
<item>
<key> <string>applet</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>embed</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>meta</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>object</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>script</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>style</string> </key>
<value> <int>1</int> </value>
</item>
</dictionary>
</value>
......@@ -204,7 +275,71 @@
</dictionary>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<record id="5" aka="AAAAAAAAAAU=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<list>
<string>lang</string>
<string>valign</string>
<string>halign</string>
<string>border</string>
<string>frame</string>
<string>rules</string>
<string>cellspacing</string>
<string>cellpadding</string>
<string>bgcolor</string>
</list>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="6" aka="AAAAAAAAAAY=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary>
<item>
<key> <string>table th td</string> </key>
<value> <string>width height</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="7" aka="AAAAAAAAAAc=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<list>
<string>text-align</string>
<string>list-style-type</string>
<string>float</string>
</list>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="8" aka="AAAAAAAAAAg=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
......@@ -216,295 +351,363 @@
<dictionary>
<item>
<key> <string>a</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>abbr</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>acronym</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>address</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>area</string> </key>
<value> <string>1</string> </value>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>article</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>aside</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>audio</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>b</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>base</string> </key>
<value> <string>0</string> </value>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>bdo</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>big</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>blockquote</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>body</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>br</string> </key>
<value> <string>0</string> </value>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>canvas</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>caption</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>cite</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>code</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>col</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>colgroup</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>command</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>datalist</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>dd</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>del</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>details</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>dfn</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>dialog</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>div</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>dl</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>dt</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>em</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>figure</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>font</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>footer</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>h1</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>h2</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>h3</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>h4</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>h5</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>h6</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>head</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>header</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>hgroup</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>hr</string> </key>
<value> <string>0</string> </value>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>html</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>i</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>img</string> </key>
<value> <string>0</string> </value>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>ins</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>kbd</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>keygen</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>li</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>map</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>mark</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>meta</string> </key>
<value> <string>0</string> </value>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>meter</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>nav</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>ol</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>output</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>p</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>pre</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>progress</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>q</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>rp</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>rt</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>ruby</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>samp</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>section</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>small</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>span</string> </key>
<value> <string>1</string> </value>
<key> <string>source</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>strong</string> </key>
<value> <string>1</string> </value>
<key> <string>span</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>style</string> </key>
<value> <string>1</string> </value>
<key> <string>strong</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>sub</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>summary</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>sup</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>table</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>tbody</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>td</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>test</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>tfoot</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>th</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>thead</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>time</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>tr</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>tt</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>u</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>ul</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>var</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>video</string> </key>
<value> <string>1</string> </value>
<value> <int>1</int> </value>
</item>
</dictionary>
</value>
......@@ -512,7 +715,26 @@
</dictionary>
</pickle>
</record>
<record id="5" aka="AAAAAAAAAAU=">
<record id="9" aka="AAAAAAAAAAk=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<list>
<string>list</string>
<string>class_blacklist</string>
<string>These class names are not allowed in class attributes.</string>
</list>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="10" aka="AAAAAAAAAAo=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
......@@ -531,7 +753,7 @@
</dictionary>
</pickle>
</record>
<record id="6" aka="AAAAAAAAAAY=">
<record id="11" aka="AAAAAAAAAAs=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
......@@ -550,7 +772,7 @@
</dictionary>
</pickle>
</record>
<record id="7" aka="AAAAAAAAAAc=">
<record id="12" aka="AAAAAAAAAAw=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
......@@ -569,7 +791,7 @@
</dictionary>
</pickle>
</record>
<record id="8" aka="AAAAAAAAAAg=">
<record id="13" aka="AAAAAAAAAA0=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
......@@ -592,7 +814,7 @@
</dictionary>
</pickle>
</record>
<record id="9" aka="AAAAAAAAAAk=">
<record id="14" aka="AAAAAAAAAA4=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
......@@ -615,7 +837,68 @@
</dictionary>
</pickle>
</record>
<record id="10" aka="AAAAAAAAAAo=">
<record id="15" aka="AAAAAAAAAA8=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<list>
<string>list</string>
<string>stripped_attributes</string>
<string>These attributes are stripped from any tag.</string>
</list>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="16" aka="AAAAAAAAABA=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<list>
<string>dict</string>
<string>stripped_combinations</string>
<string>These attributes are stripped from any tag.</string>
<tuple>
<string>tag</string>
<string>value</string>
</tuple>
</list>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="17" aka="AAAAAAAAABE=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<list>
<string>list</string>
<string>style_whitelist</string>
<string>These CSS styles are allowed in style attributes.</string>
</list>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="18" aka="AAAAAAAAABI=">
<pickle>
<global name="PersistentList" module="persistent.list"/>
</pickle>
......
......@@ -1775,8 +1775,8 @@ class TestDocument(TestDocumentMixin):
self.assertTrue('<title>' in entire_html)
self.assertTrue('<body>' in entire_html)
self.assertTrue('<head>' in entire_html)
self.assertTrue('<style' in entire_html)
self.assertTrue('#FFAA44' in entire_html)
self.assertTrue('<style' not in entire_html)
self.assertTrue('#FFAA44' not in entire_html)
self.assertTrue('charset=utf-8' in entire_html)
self.assertTrue('javascript' not in entire_html)
self.assertTrue('alert("da");' not in entire_html)
......
......@@ -37,6 +37,7 @@ VALID_TAGS = {
'dl': 1,
'dt': 1,
'em': 1,
'font': 1,
'h1': 1,
'h2': 1,
'h3': 1,
......@@ -120,9 +121,13 @@ VALID_TAGS['rt'] = 1
VALID_TAGS['ruby'] = 1
VALID_TAGS['section'] = 1
VALID_TAGS['source'] = 1
VALID_TAGS['summary'] = 1
VALID_TAGS['time'] = 1
VALID_TAGS['video'] = 1
# Selenium tests
VALID_TAGS['test'] = 1
# add some tags to nasty.
NASTY_TAGS['style'] = 1 # this helps improve Word HTML cleanup.
NASTY_TAGS['meta'] = 1 # allowed by parsers, but can cause unexpected behavior
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment