python-ox/ox/html.py

# -*- coding: utf-8 -*-
# vi:si:et:sw=4:sts=4:ts=4
# GPL 2008
import re
import string
from htmlentitydefs import name2codepoint


# Configuration for add_links() function
LEADING_PUNCTUATION  = ['(', '<', '&lt;']
TRAILING_PUNCTUATION = ['.', ',', ')', '>', '\n', '&gt;', "'", '"']

# list of possible strings used for bullets in bulleted lists
DOTS = ['&middot;', '*', '\xe2\x80\xa2', '&#149;', '&bull;', '&#8226;']

unencoded_ampersands_re = re.compile(r'&(?!(\w+|#\d+);)')
word_split_re = re.compile(r'(\s+)')
punctuation_re = re.compile('^(?P<lead>(?:%s)*)(?P<middle>.*?)(?P<trail>(?:%s)*)$' % \
    ('|'.join([re.escape(x) for x in LEADING_PUNCTUATION]),
    '|'.join([re.escape(x) for x in TRAILING_PUNCTUATION])))
simple_email_re = re.compile(r'^\S+@[a-zA-Z0-9._-]+\.[a-zA-Z0-9._-]+$')
link_target_attribute_re = re.compile(r'(<a [^>]*?)target=[^\s>]+')
html_gunk_re = re.compile(r'(?:<br clear="all">|<i><\/i>|<b><\/b>|<em><\/em>|<strong><\/strong>|<\/?smallcaps>|<\/?uppercase>)', re.IGNORECASE)
hard_coded_bullets_re = re.compile(r'((?:<p>(?:%s).*?[a-zA-Z].*?</p>\s*)+)' % '|'.join([re.escape(x) for x in DOTS]), re.DOTALL)
trailing_empty_content_re = re.compile(r'(?:<p>(?:&nbsp;|\s|<br \/>)*?</p>\s*)+\Z')
del x # Temporary variable

def escape(html):
    '''
    Returns the given HTML with ampersands, quotes and carets encoded

    >>> escape('html "test" & <brothers>')
    'html &quot;test&quot; &amp; &lt;brothers&gt;'
    '''
    if not isinstance(html, basestring):
        html = str(html)
    return html.replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&apos;')

def linebreaks(value):
    '''
    Converts newlines into <p> and <br />
    '''
    value = re.sub(r'\r\n|\r|\n', '\n', value) # normalize newlines
    paras = re.split('\n{2,}', value)
    paras = ['<p>%s</p>' % p.strip().replace('\n', '<br />') for p in paras]
    return '\n\n'.join(paras)

def strip_tags(value):
    """
    Returns the given HTML with all tags stripped
    
    >>> strip_tags('some <h2>title</h2> <script>asdfasdf</script>')
    'some title asdfasdf'
    """
    return re.sub(r'<[^>]*?>', '', value)

stripTags = strip_tags

def strip_spaces_between_tags(value):
    "Returns the given HTML with spaces between tags normalized to a single space"
    return re.sub(r'>\s+<', '> <', value)

def strip_entities(value):
    "Returns the given HTML with all entities (&something;) stripped"
    return re.sub(r'&(?:\w+|#\d);', '', value)

def fix_ampersands(value):
    "Returns the given HTML with all unencoded ampersands encoded correctly"
    return unencoded_ampersands_re.sub('&amp;', value)

def add_links(text, trim_url_limit=None, nofollow=False):
    """
    Converts any URLs in text into clickable links. Works on http://, https:// and
    www. links. Links can have trailing punctuation (periods, commas, close-parens)
    and leading punctuation (opening parens) and it'll still do the right thing.

    If trim_url_limit is not None, the URLs in link text will be limited to
    trim_url_limit characters.

    If nofollow is True, the URLs in link text will get a rel="nofollow" attribute.
    """
    trim_url = lambda x, limit=trim_url_limit: limit is not None and (x[:limit] + (len(x) >=limit and '...' or ''))  or x
    words = word_split_re.split(text)
    nofollow_attr = nofollow and ' rel="nofollow"' or ''
    for i, word in enumerate(words):
        match = punctuation_re.match(word)
        if match:
            lead, middle, trail = match.groups()
            if middle.startswith('www.') or ('@' not in middle and not middle.startswith('http://') and \
                    len(middle) > 0 and middle[0] in string.letters + string.digits and \
                    (middle.endswith('.org') or middle.endswith('.net') or middle.endswith('.com'))):
                middle = '<a href="http://%s"%s>%s</a>' % (middle, nofollow_attr, trim_url(middle))
            if middle.startswith('http://') or middle.startswith('https://'):
                middle = '<a href="%s"%s>%s</a>' % (middle, nofollow_attr, trim_url(middle))
            if '@' in middle and not middle.startswith('www.') and not ':' in middle \
              and simple_email_re.match(middle):
                middle = '<a href="mailto:%s">%s</a>' % (middle, middle)
            if lead + middle + trail != word:
                words[i] = lead + middle + trail
    return ''.join(words)

urlize = add_links

def clean_html(text):
    """
    Cleans the given HTML. Specifically, it does the following:
        * Converts <b> and <i> to <strong> and <em>.
        * Encodes all ampersands correctly.
        * Removes all "target" attributes from <a> tags.
        * Removes extraneous HTML, such as presentational tags that open and
          immediately close and <br clear="all">.
        * Converts hard-coded bullets into HTML unordered lists.
        * Removes stuff like "<p>&nbsp;&nbsp;</p>", but only if it's at the
          bottom of the text.
    """
    from text import normalize_newlines
    text = normalize_newlines(text)
    text = re.sub(r'<(/?)\s*b\s*>', '<\\1strong>', text)
    text = re.sub(r'<(/?)\s*i\s*>', '<\\1em>', text)
    text = fix_ampersands(text)
    # Remove all target="" attributes from <a> tags.
    text = link_target_attribute_re.sub('\\1', text)
    # Trim stupid HTML such as <br clear="all">.
    text = html_gunk_re.sub('', text)
    # Convert hard-coded bullets into HTML unordered lists.
    def replace_p_tags(match):
        s = match.group().replace('</p>', '</li>')
        for d in DOTS:
            s = s.replace('<p>%s' % d, '<li>')
        return '<ul>\n%s\n</ul>' % s
    text = hard_coded_bullets_re.sub(replace_p_tags, text)
    # Remove stuff like "<p>&nbsp;&nbsp;</p>", but only if it's at the bottom of the text.
    text = trailing_empty_content_re.sub('', text)
    return text

# This pattern matches a character entity reference (a decimal numeric
# references, a hexadecimal numeric reference, or a named reference).
charrefpat = re.compile(r'&(#(\d+|x[\da-fA-F]+)|[\w.:-]+);?')

def decode_html(html):
    """
    >>> decode_html('me &amp; you and &#36;&#38;%')
    u'me & you and $&%'
    >>> decode_html('&#x80;')
    u'€'
    >>> decode_html('Anniversary of Daoud&apos;s Republic')
    u'Anniversary of Daoud's Republic'
    """
    if type(html) != unicode:
        html = unicode(html)[:]
    if type(html) is unicode:
        uchr = unichr
    else:
        uchr = lambda value: value > 255 and unichr(value) or chr(value)
    def entitydecode(match, uchr=uchr):
        entity = match.group(1)
        if entity == '#x80':
            return u'€'
        elif entity.startswith('#x'):
            return uchr(int(entity[2:], 16))
        elif entity.startswith('#'):
            return uchr(int(entity[1:]))
        elif entity in name2codepoint:
            return uchr(name2codepoint[entity])
        elif entity == 'apos':
            return "'"
        else:
            return match.group(0)
    return charrefpat.sub(entitydecode, html).replace(u'\xa0', ' ')

def highlight(text, query, hlClass="hl"):
    """
    >>> highlight('me &amp; you and &#36;&#38;%', 'and')
    'me &amp; you <span class="hl">and</span> &#36;&#38;%'
    """
    if query:
        text = text.replace('<br />', '|')
        query = re.escape(query).replace('\ ', '.')
        m = re.compile("(%s)" % query, re.IGNORECASE).findall(text)
        for i in m:
            text = re.sub("(%s)" % re.escape(i).replace('\ ', '.'), '<span class="%s">\\1</span>' % hlClass, text)
        text = text.replace('|', '<br />')
    return text

def escape_html(value):
    '''
    >>> escape_html(u'<script> foo')
    u'&lt;script&gt; foo'
    >>> escape_html(u'&lt;script&gt; foo')
    u'&lt;script&gt; foo'
    '''
    return escape(decode_html(value))

def sanitize_html(html, tags=None, wikilinks=False):
    '''
    >>> sanitize_html('http://foo.com, bar')
    '<a href="http://foo.com">http://foo.com</a>, bar'
    >>> sanitize_html('http://foo.com/foobar?foo, bar')
    '<a href="http://foo.com/foobar?foo">http://foo.com/foobar?foo</a>, bar'
    >>> sanitize_html('(see: www.foo.com)')
    '(see: <a href="http://www.foo.com">www.foo.com</a>)'
    >>> sanitize_html('foo@bar.com')
    '<a href="mailto:foo@bar.com">foo@bar.com</a>'
    >>> sanitize_html(sanitize_html('foo@bar.com'))
    '<a href="mailto:foo@bar.com">foo@bar.com</a>'
    >>> sanitize_html('<a href="http://foo.com" onmouseover="alert()">foo</a>')
    '<a href="http://foo.com">foo</a>'
    >>> sanitize_html('<a href="javascript:alert()">foo</a>')
    '&lt;a href="javascript:alert()"&gt;foo'
    >>> sanitize_html('[http://foo.com foo]')
    '<a href="http://foo.com">foo</a>'
    >>> sanitize_html('<rtl>foo</rtl>')
    '<div style="direction: rtl">foo</div>'
    >>> sanitize_html('<script>alert()</script>')
    '&lt;script&gt;alert()&lt;/script&gt;'
    >>> sanitize_html('\'foo\' < \'bar\' && "foo" > "bar"')
    '\'foo\' &lt; \'bar\' &amp;&amp; "foo" &gt; "bar"'
    >>> sanitize_html('<b>foo')
    '<b>foo</b>'
    >>> sanitize_html('<b>foo</b></b>')
    '<b>foo</b>'
    >>> sanitize_html('Anniversary of Daoud&apos;s Republic')
    'Anniversary of Daoud&apos;s Republic'
    '''
    if not tags:
        tags = [
            # inline formatting
            'b', 'code', 'i', 's', 'sub', 'sup', 'u',
            # block formatting
            'blockquote', 'h1', 'h2', 'h3', 'p', 'pre',
            # lists
            'li', 'ol', 'ul',
            # tables
            'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr',
            # other
            'a', 'br', 'img',
            # special
            'rtl', '[]'
        ]
    parse = {
        'a': {
            '<a [^<>]*?href="((https?:\/\/|\/|mailto:).+?)".*?>': '<a href="{1}">',
            '<\/a>': '</a>'
        },
        'img': {
            '<img [^<>]*?src="((https?:\/\/|\/).+?)".*?>': '<img src="{1}">'
        },
        'rtl': {
            '<rtl>': '<div style="direction: rtl">',
            '<\/rtl>': '</div>'
        },
        '*': lambda tag: {'<(/?' + tag + ') ?/?>':'<{1}>'}
    }
    matches = []

    #makes parse_html output the same value if run twice
    html = decode_html(html)

    if '[]' in tags:
        html = re.sub(
                re.compile('\[((https?:\/\/|\/).+?) (.+?)\]', re.IGNORECASE),
                '<a href="\\1">\\3</a>', html);
        tags = filter(lambda tag: tag != '[]', tags)

    def replace_match(match, value, replace):
        i = 1
        for m in match.groups():
            value = value.replace('{%d}'%i, m)
            i += 1
        matches.append(value)
        return '\t%d\t' % len(matches)

    for tag in tags:
        p = parse.get(tag, parse['*'](tag))
        for replace in p:
            html = re.sub(
                re.compile(replace, re.IGNORECASE),
                lambda match: replace_match(match, p[replace][:], replace),
                html
            )
    html = escape(html)
    for i in range(0, len(matches)):
        html = html.replace('\t%d\t'%(i+1), matches[i])
    html = html.replace('\n\n', '<br/><br/>')
    html = add_links(html)
    return  sanitize_fragment(html)

def sanitize_fragment(html):
    import html5lib
    return html5lib.parseFragment(html).toxml().decode('utf-8')
add some functions 2008-04-27 16:54:37 +00:00			`# -- coding: utf-8 --`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`# vi:si:et:sw=4:sts=4:ts=4`
move and rename some 2008-07-06 13:00:06 +00:00			`# GPL 2008`
add some functions 2008-04-27 16:54:37 +00:00			`import re`
			`import string`
add htmldecode, trimString, import missing chardet 2008-04-28 09:50:34 +00:00			`from htmlentitydefs import name2codepoint`
add some functions 2008-04-27 16:54:37 +00:00

cleanup 2012-05-27 11:50:10 +00:00			`# Configuration for add_links() function`
add some functions 2008-04-27 16:54:37 +00:00			`LEADING_PUNCTUATION = ['(', '<', '<']`
			`TRAILING_PUNCTUATION = ['.', ',', ')', '>', '\n', '>', "'", '"']`

			`# list of possible strings used for bullets in bulleted lists`
			`DOTS = ['·', '*', '\xe2\x80\xa2', '', '•', '•']`

			`unencoded_ampersands_re = re.compile(r'&(?!(\w+\|#\d+);)')`
			`word_split_re = re.compile(r'(\s+)')`
			`punctuation_re = re.compile('^(?P<lead>(?:%s))(?P<middle>.?)(?P<trail>(?:%s)*)$' % \`
			`('\|'.join([re.escape(x) for x in LEADING_PUNCTUATION]),`
			`'\|'.join([re.escape(x) for x in TRAILING_PUNCTUATION])))`
			`simple_email_re = re.compile(r'^\S+@[a-zA-Z0-9._-]+\.[a-zA-Z0-9._-]+$')`
			`link_target_attribute_re = re.compile(r'(<a [^>]*?)target=[^\s>]+')`
			`html_gunk_re = re.compile(r'(?:<br clear="all">\|<i><\/i>\|<b><\/b>\|<em><\/em>\|<strong><\/strong>\|<\/?smallcaps>\|<\/?uppercase>)', re.IGNORECASE)`
			`hard_coded_bullets_re = re.compile(r'((?:<p>(?:%s).?[a-zA-Z].?</p>\s*)+)' % '\|'.join([re.escape(x) for x in DOTS]), re.DOTALL)`
			`trailing_empty_content_re = re.compile(r'(?:<p>(?: \|\s\|<br \/>)?</p>\s)+\Z')`
			`del x # Temporary variable`

			`def escape(html):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`'''`
			`Returns the given HTML with ampersands, quotes and carets encoded`
add test and cleanup some errors found while doing so 2008-05-05 18:12:27 +00:00
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`>>> escape('html "test" & <brothers>')`
			`'html "test" & <brothers>'`
			`'''`
			`if not isinstance(html, basestring):`
apos not in name2codepoint, also decode that 2012-04-24 17:00:48 +00:00			`html = str(html)`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`return html.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''')`
add some functions 2008-04-27 16:54:37 +00:00
			`def linebreaks(value):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`'''`
			`Converts newlines into <p> and <br />`
			`'''`
			`value = re.sub(r'\r\n\|\r\|\n', '\n', value) # normalize newlines`
			`paras = re.split('\n{2,}', value)`
			`paras = ['<p>%s</p>' % p.strip().replace('\n', '<br />') for p in paras]`
			`return '\n\n'.join(paras)`
add some functions 2008-04-27 16:54:37 +00:00
cleanup 2012-05-27 11:50:10 +00:00			`def strip_tags(value):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"""`
			`Returns the given HTML with all tags stripped`

cleanup 2012-05-27 11:50:10 +00:00			`>>> strip_tags('some <h2>title</h2> <script>asdfasdf</script>')`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`'some title asdfasdf'`
			`"""`
			`return re.sub(r'<[^>]*?>', '', value)`
cleanup 2012-05-27 11:50:10 +00:00
			`stripTags = strip_tags`

replace all CammelCase with under_score in ox 2012-08-14 14:12:43 +00:00			`def strip_spaces_between_tags(value):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"Returns the given HTML with spaces between tags normalized to a single space"`
			`return re.sub(r'>\s+<', '> <', value)`
add some functions 2008-04-27 16:54:37 +00:00
replace all CammelCase with under_score in ox 2012-08-14 14:12:43 +00:00			`def strip_entities(value):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"Returns the given HTML with all entities (&something;) stripped"`
			`return re.sub(r'&(?:\w+\|#\d);', '', value)`
add some functions 2008-04-27 16:54:37 +00:00
replace all CammelCase with under_score in ox 2012-08-14 14:12:43 +00:00			`def fix_ampersands(value):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"Returns the given HTML with all unencoded ampersands encoded correctly"`
			`return unencoded_ampersands_re.sub('&', value)`
add some functions 2008-04-27 16:54:37 +00:00
cleanup 2012-05-27 11:50:10 +00:00			`def add_links(text, trim_url_limit=None, nofollow=False):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"""`
			`Converts any URLs in text into clickable links. Works on http://, https:// and`
			`www. links. Links can have trailing punctuation (periods, commas, close-parens)`
			`and leading punctuation (opening parens) and it'll still do the right thing.`

			`If trim_url_limit is not None, the URLs in link text will be limited to`
			`trim_url_limit characters.`

			`If nofollow is True, the URLs in link text will get a rel="nofollow" attribute.`
			`"""`
			`trim_url = lambda x, limit=trim_url_limit: limit is not None and (x[:limit] + (len(x) >=limit and '...' or '')) or x`
			`words = word_split_re.split(text)`
			`nofollow_attr = nofollow and ' rel="nofollow"' or ''`
			`for i, word in enumerate(words):`
			`match = punctuation_re.match(word)`
			`if match:`
			`lead, middle, trail = match.groups()`
			`if middle.startswith('www.') or ('@' not in middle and not middle.startswith('http://') and \`
			`len(middle) > 0 and middle[0] in string.letters + string.digits and \`
			`(middle.endswith('.org') or middle.endswith('.net') or middle.endswith('.com'))):`
			`middle = '<a href="http://%s"%s>%s</a>' % (middle, nofollow_attr, trim_url(middle))`
			`if middle.startswith('http://') or middle.startswith('https://'):`
			`middle = '<a href="%s"%s>%s</a>' % (middle, nofollow_attr, trim_url(middle))`
			`if '@' in middle and not middle.startswith('www.') and not ':' in middle \`
			`and simple_email_re.match(middle):`
			`middle = '<a href="mailto:%s">%s</a>' % (middle, middle)`
			`if lead + middle + trail != word:`
			`words[i] = lead + middle + trail`
			`return ''.join(words)`
add some functions 2008-04-27 16:54:37 +00:00
cleanup 2012-05-27 11:50:10 +00:00			`urlize = add_links`

			`def clean_html(text):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"""`
			`Cleans the given HTML. Specifically, it does the following:`
			`* Converts <b> and <i> to <strong> and <em>.`
			`* Encodes all ampersands correctly.`
			`* Removes all "target" attributes from <a> tags.`
			`* Removes extraneous HTML, such as presentational tags that open and`
			`immediately close and <br clear="all">.`
			`* Converts hard-coded bullets into HTML unordered lists.`
			`* Removes stuff like "<p>  </p>", but only if it's at the`
			`bottom of the text.`
			`"""`
replace all CammelCase with under_score in ox 2012-08-14 14:12:43 +00:00			`from text import normalize_newlines`
			`text = normalize_newlines(text)`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`text = re.sub(r'<(/?)\sb\s>', '<\\1strong>', text)`
			`text = re.sub(r'<(/?)\si\s>', '<\\1em>', text)`
replace all CammelCase with under_score in ox 2012-08-14 14:12:43 +00:00			`text = fix_ampersands(text)`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`# Remove all target="" attributes from <a> tags.`
			`text = link_target_attribute_re.sub('\\1', text)`
			`# Trim stupid HTML such as <br clear="all">.`
			`text = html_gunk_re.sub('', text)`
			`# Convert hard-coded bullets into HTML unordered lists.`
			`def replace_p_tags(match):`
			`s = match.group().replace('</p>', '</li>')`
			`for d in DOTS:`
			`s = s.replace('<p>%s' % d, '<li>')`
			`return '<ul>\n%s\n</ul>' % s`
			`text = hard_coded_bullets_re.sub(replace_p_tags, text)`
			`# Remove stuff like "<p>  </p>", but only if it's at the bottom of the text.`
			`text = trailing_empty_content_re.sub('', text)`
			`return text`
add some functions 2008-04-27 16:54:37 +00:00
add htmldecode, trimString, import missing chardet 2008-04-28 09:50:34 +00:00			`# This pattern matches a character entity reference (a decimal numeric`
			`# references, a hexadecimal numeric reference, or a named reference).`
			`charrefpat = re.compile(r'&(#(\d+\|x[\da-fA-F]+)\|[\w.:-]+);?')`

cleanup 2012-05-27 11:50:10 +00:00			`def decode_html(html):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"""`
cleanup 2012-05-27 11:50:10 +00:00			`>>> decode_html('me & you and $&%')`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`u'me & you and $&%'`
cleanup 2012-05-27 11:50:10 +00:00			`>>> decode_html('')`
episodes without director where series does not have a creator, fix euro entity 2011-10-18 12:25:13 +00:00			`u'€'`
cleanup 2012-05-27 11:50:10 +00:00			`>>> decode_html('Anniversary of Daoud's Republic')`
apos not in name2codepoint, also decode that 2012-04-24 17:00:48 +00:00			`u'Anniversary of Daoud's Republic'`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"""`
			`if type(html) != unicode:`
			`html = unicode(html)[:]`
			`if type(html) is unicode:`
			`uchr = unichr`
add htmldecode, trimString, import missing chardet 2008-04-28 09:50:34 +00:00			`else:`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`uchr = lambda value: value > 255 and unichr(value) or chr(value)`
			`def entitydecode(match, uchr=uchr):`
			`entity = match.group(1)`
episodes without director where series does not have a creator, fix euro entity 2011-10-18 12:25:13 +00:00			`if entity == '#x80':`
			`return u'€'`
			`elif entity.startswith('#x'):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`return uchr(int(entity[2:], 16))`
			`elif entity.startswith('#'):`
			`return uchr(int(entity[1:]))`
			`elif entity in name2codepoint:`
			`return uchr(name2codepoint[entity])`
apos not in name2codepoint, also decode that 2012-04-24 17:00:48 +00:00			`elif entity == 'apos':`
			`return "'"`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`else:`
			`return match.group(0)`
			`return charrefpat.sub(entitydecode, html).replace(u'\xa0', ' ')`
add htmldecode, trimString, import missing chardet 2008-04-28 09:50:34 +00:00
add some functions 2008-04-27 16:54:37 +00:00			`def highlight(text, query, hlClass="hl"):`
vi:si:et:sw=4:sts=4:ts=4 2008-06-19 09:21:21 +00:00			`"""`
			`>>> highlight('me & you and $&%', 'and')`
			`'me & you <span class="hl">and</span> $&%'`
			`"""`
			`if query:`
			`text = text.replace('<br />', '\|')`
			`query = re.escape(query).replace('\ ', '.')`
			`m = re.compile("(%s)" % query, re.IGNORECASE).findall(text)`
			`for i in m:`
			`text = re.sub("(%s)" % re.escape(i).replace('\ ', '.'), '<span class="%s">\\1</span>' % hlClass, text)`
			`text = text.replace('\|', '<br />')`
			`return text`
add some functions 2008-04-27 16:54:37 +00:00
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`def escape_html(value):`
			`'''`
			`>>> escape_html(u'<script> foo')`
			`u'<script> foo'`
			`>>> escape_html(u'<script> foo')`
			`u'<script> foo'`
			`'''`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`return escape(decode_html(value))`
escape_html/parse_html 2012-02-21 15:44:50 +00:00
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`def sanitize_html(html, tags=None, wikilinks=False):`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'''`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('http://foo.com, bar')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<a href="http://foo.com">http://foo.com</a>, bar'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('http://foo.com/foobar?foo, bar')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<a href="http://foo.com/foobar?foo">http://foo.com/foobar?foo</a>, bar'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('(see: www.foo.com)')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'(see: <a href="http://www.foo.com">www.foo.com</a>)'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('foo@bar.com')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<a href="mailto:foo@bar.com">foo@bar.com</a>'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html(sanitize_html('foo@bar.com'))`
			`'<a href="mailto:foo@bar.com">foo@bar.com</a>'`
			`>>> sanitize_html('<a href="http://foo.com" onmouseover="alert()">foo</a>')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<a href="http://foo.com">foo</a>'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('<a href="javascript:alert()">foo</a>')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<a href="javascript:alert()">foo'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('[http://foo.com foo]')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<a href="http://foo.com">foo</a>'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('<rtl>foo</rtl>')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<div style="direction: rtl">foo</div>'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('<script>alert()</script>')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<script>alert()</script>'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('\'foo\' < \'bar\' && "foo" > "bar"')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'\'foo\' < \'bar\' && "foo" > "bar"'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('<b>foo')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<b>foo</b>'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('<b>foo</b></b>')`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<b>foo</b>'`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`>>> sanitize_html('Anniversary of Daoud's Republic')`
apos not in name2codepoint, also decode that 2012-04-24 17:00:48 +00:00			`'Anniversary of Daoud's Republic'`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'''`
			`if not tags:`
			`tags = [`
			`# inline formatting`
			`'b', 'code', 'i', 's', 'sub', 'sup', 'u',`
			`# block formatting`
			`'blockquote', 'h1', 'h2', 'h3', 'p', 'pre',`
			`# lists`
			`'li', 'ol', 'ul',`
			`# tables`
			`'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr',`
			`# other`
			`'a', 'br', 'img',`
			`# special`
			`'rtl', '[]'`
			`]`
			`parse = {`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`'a': {`
			`'<a [^<>]?href="((https?:\/\/\|\/\|mailto:).+?)".?>': '<a href="{1}">',`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`'<\/a>': '</a>'`
			`},`
			`'img': {`
			`'<img [^<>]?src="((https?:\/\/\|\/).+?)".?>': '<img src="{1}">'`
			`},`
			`'rtl': {`
			`'<rtl>': '<div style="direction: rtl">',`
			`'<\/rtl>': '</div>'`
			`},`
			`'*': lambda tag: {'<(/?' + tag + ') ?/?>':'<{1}>'}`
			`}`
			`matches = []`

			`#makes parse_html output the same value if run twice`
parse_html->sanitize_html, add links, allow mailto 2012-05-27 11:38:58 +00:00			`html = decode_html(html)`
escape_html/parse_html 2012-02-21 15:44:50 +00:00
			`if '[]' in tags:`
			`html = re.sub(`
			`re.compile('\[((https?:\/\/\|\/).+?) (.+?)\]', re.IGNORECASE),`
			`'<a href="\\1">\\3</a>', html);`
			`tags = filter(lambda tag: tag != '[]', tags)`

			`def replace_match(match, value, replace):`
			`i = 1`
			`for m in match.groups():`
			`value = value.replace('{%d}'%i, m)`
			`i += 1`
			`matches.append(value)`
			`return '\t%d\t' % len(matches)`

			`for tag in tags:`
			`p = parse.get(tag, parse['*'](tag))`
			`for replace in p:`
			`html = re.sub(`
			`re.compile(replace, re.IGNORECASE),`
			`lambda match: replace_match(match, p[replace][:], replace),`
			`html`
			`)`
			`html = escape(html)`
			`for i in range(0, len(matches)):`
			`html = html.replace('\t%d\t'%(i+1), matches[i])`
			`html = html.replace('\n\n', '<br/><br/>')`
cleanup 2012-05-27 11:50:10 +00:00			`html = add_links(html)`
escape_html/parse_html 2012-02-21 15:44:50 +00:00			`return sanitize_fragment(html)`

			`def sanitize_fragment(html):`
			`import html5lib`
			`return html5lib.parseFragment(html).toxml().decode('utf-8')`