Skip sanitization for videos in html5lib
https://stackoverflow.com/questions/2951123
-
22-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
I am using a wmd-editor in django, much like this one in which I am typing. I would like to allow the users to embed videos in it. For that I am using the Markdown video extension here. The problem is that I am also sanitizing user input using html5lib sanitization and it doesn't allow object tags which are required to embed the videos.
One solution could be to check the input for urls of well-known video sites and skip the sanitization in those cases. Is there a better solution?
Solução
A better solution would be to append 'object' to html5lib.sanitizer.HTMLSanitizer.acceptable_elements. A great solution would be to subclass html5lib.sanitizer.HTMLSanitizer so you can conditionally accept or remove the object in sanitize_token.
The implementation seems clear enough to tackle.
