askiiart/microblog.pub
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Tweak HTML sanitization and media proxy

Browse source
This commit is contained in:
Thomas Sileo 2019-08-18 15:36:59 +02:00
parent 77720b61af
commit 84a6d0c498
2 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app.py
View file

@ -254,7 +254,13 @@ def proxy(scheme: str, url: str) -> Any:
for chunk in resp.raw.stream(decode_content=False): for chunk in resp.raw.stream(decode_content=False):
yield chunk yield chunk
return Response(data(), headers=dict(resp.raw.headers)) resp_headers = {
k: v
for k, v in dict(resp.raw.headers).items()
if k.lower()
in ["content-type", "etag", "cache-control", "expires", "date", "last-modified"]
}
return Response(data(), headers=resp_headers)
@app.route("/media/<media_id>") @app.route("/media/<media_id>")

2
utils/template_filters.py
View file

@ -93,7 +93,7 @@ ALLOWED_TAGS = [
def clean_html(html): def clean_html(html):
try: try:
return bleach.clean(html, tags=ALLOWED_TAGS) return bleach.clean(html, tags=ALLOWED_TAGS, strip=True)
except Exception: except Exception:
return "" return ""