Hi!
I need to implement functionality to make it possible to show youtube
videos.
So input looks like this:
<iframe width="560" height="349"
src="http://www.youtube.com/embed/uARLUg3QIvo?rel=0";
frameborder="0"
allowfullscreen></iframe>
<iframe>evil</iframe>
<iframe></iframe>
Default sanitizer shows this:
<iframe width="560" height="349"
src="http://www.youtube.com/embed/uARLUg3QIvo?rel=0"; frameborder="0"
allowfullscreen=""></iframe>
<iframe>evil</iframe>
<iframe></iframe>
What I thought I should try to do is to define my own sanitize_token
function that will mark this iframe as safe (return it), so here's what I
did (that's just example):
class HTMLSanitizerMixin(sanitizer.HTMLSanitizerMixin):
def sanitize_token(self, token):
from html5lib.constants import tokenTypes
if token.get('name') == 'iframe':
if token.get('type') == tokenTypes["StartTag"]:
data = token.get('data')
data_dict = dict(data)
url = data_dict.get('src', u'')
if url.startswith('http://www.youtube.com/'):
return token
return super(HTMLSanitizerMixin, self).sanitize_token(token)
I thought that would be ok, but here's what's going on now:
<iframe allowfullscreen="" frameborder="0" height="349"
src="http://www.youtube.com/embed/uARLUg3QIvo?rel=0"; width="560"></iframe>
<iframe>evil</iframe>
<iframe></iframe></iframe>
I mean, maybe that's because I didn't close /iframe or what? Can't
understand that.
Thank you for great library anyway)
--
You received this message because you are subscribed to the Google Groups
"html5lib-discuss" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/html5lib-discuss/-/OVU0aHZ0QXdwNFVK.
To post to this group, send an email to html5lib-discuss@googlegroups.com.
To unsubscribe from this group, send email to
html5lib-discuss+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/html5lib-discuss?hl=en-GB.
