[Zope-CMF] Making HTML 'safe'.
Chris Withers
chrisw@nipltd.com
Mon, 13 Jan 2003 11:51:14 +0000
Yuppie wrote:
>>> What do you propose?
>>
>> Don't know what you mean...
>
> Did I get you right that you propose to replace
> CMFDefault.utils.StrippingParser with the code of stripogram.html2safehtml?
Not really, stripogram is a package. I don't have any problems with that being
included in a CMF distro or zope.org's CVS for that matter.
I propose doing that and using stripogram.html2safehtml.
>> What patches are you refering to?
>
> StrippingParser uses the default sgmllib SGMLParser. html2safehtml uses
> its own HTMLParser.
HTMLParser is actually part of the python distro, it's just not documented. It's
included in stripogram to support versions of python before Guido decided to
include it. It was actually developed for ZPT as sgmllib's parser sucks in some
areas.
cheers,
Chris