Latest version
Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Built by experienced developers, it takes care of much of the hassle of Web development, so you can focus on writing your app without needing to reinvent the wheel. If you find the official tutorial too much, a gentler introduction can be found in the Django Girls tutorial on building and deploying a blog, or the sample chapters of Django for Beginners which cover the building of three Django sites. Mozilla also has a comprehensive though slightly more advanced guide to Django. Django also provides an optional administrative create, read, update and delete interface that is generated dynamically through introspection and configured via admin models. Some well known sites that use Django include PBS, Instagram, Mozilla, The Washington Times, Disqus, Bitbucket, and Nextdoor. Add the Mozilla library to our list of installed apps. To do this, add mozilladjangooidc to the INSTALLEDAPPS array. Make sure you add it after django.contrib.auth. This is important because the Mozilla library extends Django’s built-in authentication, so the Django authentication app must be loaded before the Mozilla OIDC app.
Released:
Easily use bleach with Django models and templates
Project description
Bleach is a Python module that takes any HTML input, and returnsvalid, sanitised HTML that contains only an allowed subset of HTML tags,attributes and styles. django-bleach is a Django app that makes usingbleach extremely easy.
Setup
Install django-bleach via pip:
Add django-bleach to your INSTALLED_APPS:
Select some sensible defaults for the allowed tags, attributes and styles;and the behaviour when unknown tags are encountered. Each of these areoptional, and default to using the bleach defaults. See thebleach documentation:
Select the default widget for bleach fields. This defaults todjango.forms.Textarea, but you will probably want to replace it with aWYSIWYG editor, or something similar:
I use django-ckeditor in my projects, but what you use is up to you.
Usage
Firefox Download
In your models
django-bleach provides three ways of creating bleached output. The simplestway of including user-editable HTML content that is automatically sanitised isby using the BleachField model field:
BleachField takes the following arguments, to customise the output ofbleach. See the bleach documentation for their use:
- allowed_tags
- allowed_attributes
- allowed_styles
- strip_tags
- strip_comments
In addition to the bleach-specific arguments, the BleachField model fieldaccepts all of the normal field attributes. Behind the scenes, it is aTextField, and accepts all the same arguments as the default TextField does.
The BleachField model field makes use of the BleachField form field to doall of the work. It provides no sanitisation facilities itself. This isconsidered a bug, but a clean solution has not yet been implemented. Any pullrequests fixing this will be gratefully applied. As long as the BleachFieldmodel field is only used with BleachField form fields, there will be noproblem. If this is not the case, sanitised HTML can not be guaranteed.
In your forms
A BleachField form field is provided. This field sanitises HTML input fromthe user, and presents safe, clean HTML to your Django application. This iswhere most of the work is done.
In your templates
If you have a piece of content from somewhere that needs to be printed in atemplate, you can use the bleach filter:
If filter has no arguments it uses default settings defined in yourapplication settings. You can override allowed tags by specifying themas a parameter to the filter:
There is also bleach_linkify which uses the linkify function of bleachwhich converts URL-like strings in an HTML fragment to links
This function converts strings that look like URLs, domain names and emailaddresses in text that may be an HTML fragment to links, while preserving:
- links already in the string
- urls found in attributes
- email addresses
Release historyRelease notifications | RSS feed
0.6.1
0.6.0
0.5.3
0.5.2
0.5.1
0.5.0
0.4.1
0.4.0
Django Mozilla
0.3.0
0.2.1
0.2.0
0.1.5
0.1.4
0.1.3
0.1.2
0.1.1
0.1.0
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
| Filename, size | File type | Python version | Upload date | Hashes |
|---|---|---|---|---|
| Filename, size django_bleach-0.6.1-py2.py3-none-any.whl (14.2 kB) | File type Wheel | Python version py2.py3 | Upload date | Hashes |
| Filename, size django-bleach-0.6.1.tar.gz (20.2 kB) | File type Source | Python version None | Upload date | Hashes |
Mozilla-django-oidc Keycloak
Hashes for django_bleach-0.6.1-py2.py3-none-any.whl
| Algorithm | Hash digest |
|---|---|
| SHA256 | 59de95cd98f924992313821ab7f94cd64a03aa900ca980bd3b062d8aef1a7954 |
| MD5 | 9dc4447e6bd6035767c2864f5685ac9c |
| BLAKE2-256 | dfcf2bf277fb6e3ca840ff6ca0c0e856bc4dd4a20e3dde31777a8f0f3c2f5f98 |
Django Framework Python
CloseHashes for django-bleach-0.6.1.tar.gz
| Algorithm | Hash digest |
|---|---|
| SHA256 | 674709c26040618aff0741ce8261fd151e5ead405bd50568c2034662d69daac3 |
| MD5 | 4f6f5300af49e284fe40fd76eef6b1c3 |
| BLAKE2-256 | fe7e930decd45f50d7a8b4c97948442f4d0e4f8f6eea344b2b4541e836af3ae0 |