b1-66er/microblog.pub
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tweak HTML sanitization and media proxy

Browse Source
This commit is contained in:
Thomas Sileo
2019-08-18 15:36:59 +02:00
parent 77720b61af
commit 84a6d0c498
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app.py
View File

@@ -254,7 +254,13 @@ def proxy(scheme: str, url: str) -> Any:
for chunk in resp.raw.stream(decode_content=False):
yield chunk
return Response(data(), headers=dict(resp.raw.headers))
resp_headers = {
k: v
for k, v in dict(resp.raw.headers).items()
if k.lower()
in ["content-type", "etag", "cache-control", "expires", "date", "last-modified"]
}
return Response(data(), headers=resp_headers)
@app.route("/media/<media_id>")

2
utils/template_filters.py
View File

@@ -93,7 +93,7 @@ ALLOWED_TAGS = [
def clean_html(html):
try:
return bleach.clean(html, tags=ALLOWED_TAGS)
return bleach.clean(html, tags=ALLOWED_TAGS, strip=True)
except Exception:
return ""