I'm using deforms richtextwidget which uses tinymce. Tinymce post html to 
the server.

I guess this html is not magically cleaned by the validator ?

I found bleach which can be used to whitelist some html tags. Any other 
suggestions ?

Then I store the data provided by tinymce in a sqlalchemy database. Which 
sanitize automatically without whitelisting any tags. How can my HTML be 
stored in the database without being further escaped ?

Thanks,
Kristian

-- 
You received this message because you are subscribed to the Google Groups 
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to