Have you looked into htmllaundry? I believe you can use the 'sanitize'
method as a preparer for your field data.
On Dec 10, 2013 10:02 PM, "Kristian" <[email protected]> wrote:

> I'm using deforms richtextwidget which uses tinymce. Tinymce post html to
> the server.
>
> I guess this html is not magically cleaned by the validator ?
>
> I found bleach which can be used to whitelist some html tags. Any other
> suggestions ?
>
> Then I store the data provided by tinymce in a sqlalchemy database. Which
> sanitize automatically without whitelisting any tags. How can my HTML be
> stored in the database without being further escaped ?
>
> Thanks,
> Kristian
>
> --
> You received this message because you are subscribed to the Google Groups
> "pylons-discuss" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> Visit this group at http://groups.google.com/group/pylons-discuss.
> For more options, visit https://groups.google.com/groups/opt_out.
>

-- 
You received this message because you are subscribed to the Google Groups 
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to