Maybe this would work:
if not XML(text).xml() == XML(text, sanitize=True).xml():
[send error message]
The idea is if there's nothing illegal, then the sanitized version should
be the same as the non-sanitized (or look at some of these
solutions<http://stackoverflow.com/questions/699468/python-html-sanitizer-scrubber-filter>).
You could make a custom
validator<http://web2py.com/books/default/chapter/29/7#Custom-validators>for
the text field and use something like this as the test.
Anthony
On Thursday, June 28, 2012 9:01:30 PM UTC-4, cheer10s wrote:
>
> Hello I am using Santize=True with some HTML permitted. For any invalid
> characters or HTML added such as <embed> or <iframe>, how can I produce a
> response error message rather than escaping the code and adding it to the
> database? So it just doesn't let you post it if there is any invalid markup
>
> Any ideas
>
>
> *cheers
>
> Thank You :-)
>
