search

ui / django-html_sanitizer

A set of HTML input sanitization or cleaning utilities for django models, forms and templates
MIT License
65 stars 25 forks source link

Incompatible with new bleach #13

Open kitterma opened 7 years ago

kitterma commented 7 years ago

In order to adapt to the API changes in the current html5lib release, bleach is making substantial changes of its own:

https://github.com/mozilla/bleach

It does not appear to me that django-html_sanitizer is compatible with the bleach changes. If I run test.py in python2.7 with the new bleach I get:

python tests.py Traceback (most recent call last): File "tests.py", line 6, in from sanitizer.templatetags.sanitizer import (sanitize, sanitize_allow, ImportError: No module named templatetags.sanitizer

The new bleach is expected to be released next week.

kitterma commented 7 years ago

bleach 2.0 is released now, so I guess that means this is more urgent.

selwin commented 7 years ago

Could you please open a PR for this?

kitterma commented 7 years ago

I don't understand what you are asking me to do (sorry). What do you want in the pull request? As far as I know, there's no code available for django-html_sanitizer to address the incompatibility.

stinky2nine commented 7 years ago

@selwin, I think @kitterma is asking django-html_sanitizer maintainers to add support for bleach v2.0.