1
0
mirror of https://github.com/janeczku/calibre-web synced 2024-11-28 04:19:59 +00:00

Make bleach mandatory

This commit is contained in:
Ozzie Isaacs 2024-06-15 08:18:27 +02:00
parent 7aa122e6cd
commit f7d5480811
3 changed files with 7 additions and 35 deletions

View File

@ -19,31 +19,18 @@
from . import logger
from lxml.etree import ParserError
log = logger.create()
try:
# at least bleach 6.0 is needed -> incomplatible change from list arguments to set arguments
from bleach import clean_text as clean_html
BLEACH = True
from bleach import clean as clean_html
except ImportError:
try:
BLEACH = False
from nh3 import clean as clean_html
except ImportError:
try:
BLEACH = False
from lxml.html.clean import clean_html
except ImportError:
clean_html = None
log = logger.create()
from nh3 import clean as clean_html
def clean_string(unsafe_text, book_id=0):
try:
if BLEACH:
safe_text = clean_html(unsafe_text, tags=set(), attributes=set())
else:
safe_text = clean_html(unsafe_text)
safe_text = clean_html(unsafe_text)
except ParserError as e:
log.error("Comments of book {} are corrupted: {}".format(book_id, e))
safe_text = ""

View File

@ -27,22 +27,6 @@ from shutil import copyfile
from uuid import uuid4
from markupsafe import escape, Markup # dependency of flask
from functools import wraps
# from lxml.etree import ParserError
#try:
# # at least bleach 6.0 is needed -> incomplatible change from list arguments to set arguments
# from bleach import clean_text as clean_html
# BLEACH = True
#except ImportError:
# try:
# BLEACH = False
# from nh3 import clean as clean_html
# except ImportError:
# try:
# BLEACH = False
# from lxml.html.clean import clean_html
# except ImportError:
# clean_html = None
from flask import Blueprint, request, flash, redirect, url_for, abort, Response
from flask_babel import gettext as _

View File

@ -13,9 +13,10 @@ SQLAlchemy>=1.3.0,<2.1.0
tornado>=6.3,<6.5
Wand>=0.4.4,<0.7.0
unidecode>=0.04.19,<1.4.0
lxml>=3.8.0,<5.2.0
lxml>=4.9.1,<5.2.0
flask-wtf>=0.14.2,<1.3.0
chardet>=3.0.0,<4.1.0
advocate>=1.0.0,<1.1.0
Flask-Limiter>=2.3.0,<3.6.0
regex>=2022.3.2,<2024.2.25
bleach>=6.0.0,<6.2.0