[sagenb] 143/179: Revert "Merge pull request #100 from jasongrout/sanitize-published"
felix salfelder
felix-guest at moszumanska.debian.org
Tue May 6 12:05:21 UTC 2014
This is an automated email from the git hooks/post-receive script.
felix-guest pushed a commit to branch master
in repository sagenb.
commit 0db3a73117112dacf21bab5e7ccb7794ca621a99
Author: Keshav Kini <keshav.kini at gmail.com>
Date: Tue Jun 25 08:14:43 2013 -0700
Revert "Merge pull request #100 from jasongrout/sanitize-published"
We didn't realize that this code actually sanitizes all published
worksheets by default.
This reverts commit 848c2ccd84c3e45fb442b8e683b3178b476f672a, reversing
changes made to fc3e5fdc73cc7cb1f3142159a15969b0d4edc9a2.
---
sagenb/data/sage/html/notebook/cell.html | 8 ++--
sagenb/data/sage/html/notebook/text_cell.html | 2 +-
sagenb/notebook/cell.py | 57 ++++++---------------------
3 files changed, 16 insertions(+), 51 deletions(-)
diff --git a/sagenb/data/sage/html/notebook/cell.html b/sagenb/data/sage/html/notebook/cell.html
index a2fcdbd..0027932 100644
--- a/sagenb/data/sage/html/notebook/cell.html
+++ b/sagenb/data/sage/html/notebook/cell.html
@@ -96,20 +96,20 @@ INPUT:
<div class="cell_output_{{ "print_" if do_print else '' }}{{ cell.cell_output_type() }}"
id="cell_output_{{ cell.id() }}">
{% if cell.introspect() %}
- {{ cell.output_text(0, html=true, sanitize=publish) }}
+ {{ cell.output_text(0, html=true) }}
{% else %}
- {{ cell.output_text(wrap_, html=true, sanitize=publish) }}
+ {{ cell.output_text(wrap_, html=true) }}
{% endif %}
</div>
{% if not do_print %}
<div class="cell_output_{{ 'print_' if do_print else '' }}nowrap_{{ cell.cell_output_type() }}"
id="cell_output_nowrap_{{ cell.id() }}">
- {{ cell.output_text(0, html=true, sanitize=publish) }}
+ {{ cell.output_text(0, html=true) }}
</div>
{% endif %}
<div class="cell_output_html_{{ cell.cell_output_type() }}"
id="cell_output_html_{{ cell.id() }}">
- {{ cell.output_html(sanitize=publish) }}
+ {{ cell.output_html() }}
</div>
</div>
</td>
diff --git a/sagenb/data/sage/html/notebook/text_cell.html b/sagenb/data/sage/html/notebook/text_cell.html
index 8e00d76..dffc6bc 100644
--- a/sagenb/data/sage/html/notebook/text_cell.html
+++ b/sagenb/data/sage/html/notebook/text_cell.html
@@ -25,7 +25,7 @@ INPUT:
</script>
{% endif %}
<div class="text_cell" id="cell_text_{{ cell.id() }}">
- {{ cell.plain_text(sanitize=publish) }}
+ {{ cell.plain_text() }}
</div>
{% if JEDITABLE_TINYMCE and not cell.worksheet().is_published() and not cell.worksheet().docbrowser() and not do_print and not publish %}
<script type="text/javascript">
diff --git a/sagenb/notebook/cell.py b/sagenb/notebook/cell.py
index 4a89ef1..8bf1809 100644
--- a/sagenb/notebook/cell.py
+++ b/sagenb/notebook/cell.py
@@ -47,27 +47,6 @@ re_script = re.compile(r'<script[^>]*?>.*?</script>', re.DOTALL | re.I)
# Whether to enable editing of :class:`TextCell`s with TinyMCE.
JEDITABLE_TINYMCE = True
-try:
- from lxml.html.clean import Cleaner
- from lxml.etree import XMLSyntaxError
- class SageCleaner(Cleaner):
- def allow_element(self, el):
- # Added this one test for mathjax <script> tags
- if el.tag=='script' and el.get('type')=='math/tex' and not el.get('src'):
- return True
- return super(SageCleaner, self).allow_element(el)
-
- html_cleaner = SageCleaner(style=True, add_nofollow=True,
- remove_tags=('base', 'basefont', 'bdo', 'body', 'isindex', 'noscript'))
- def clean_html(text):
- try:
- return html_cleaner.clean_html(text)
- except XMLSyntaxError:
- return ''
-except ImportError:
- def clean_html(text):
- # looks ugly, but gets the job done
- return text.replace('<', '<')
###########################
# Generic (abstract) cell #
@@ -585,7 +564,7 @@ class TextCell(Cell_generic):
editing = editing, publish = publish)
- def plain_text(self, prompts=False, sanitize=False):
+ def plain_text(self, prompts=False):
ur"""
Returns a plain text version of this text cell.
@@ -607,10 +586,7 @@ class TextCell(Cell_generic):
sage: C.plain_text()
u'\u011b\u0161\u010d\u0159\u017e\xfd\xe1\xed\xe9\u010f\u010e'
"""
- if sanitize:
- return clean_html(self._text)
- else:
- return self._text
+ return self._text
def edit_text(self):
"""
@@ -1690,7 +1666,7 @@ class Cell(Cell_generic):
except AttributeError:
return None
- def output_html(self, sanitize=False):
+ def output_html(self):
"""
Returns this compute cell's HTML output.
@@ -1708,10 +1684,7 @@ class Cell(Cell_generic):
u'<strong>5</strong>'
"""
try:
- if sanitize:
- return clean_html(self._out_html)
- else:
- return self._out_html
+ return self._out_html
except AttributeError:
self._out_html = ''
return ''
@@ -1745,7 +1718,7 @@ class Cell(Cell_generic):
urls = urls.replace(s, begin + s[7:-1] + end)
return urls
- def output_text(self, ncols=0, html=True, raw=False, allow_interact=True, sanitize=False):
+ def output_text(self, ncols=0, html=True, raw=False, allow_interact=True):
ur"""
Returns this compute cell's output text.
@@ -1762,9 +1735,6 @@ class Cell(Cell_generic):
- ``allow_interact`` - a boolean (default: True); whether to
allow :func:`sagenb.notebook.interact.interact`\ ion
- - ``sanitize`` - a boolean (default: False); whether to sanitize
- the html (if html is selected)
-
OUTPUT:
- a string
@@ -1789,7 +1759,7 @@ class Cell(Cell_generic):
"""
if allow_interact and hasattr(self, '_interact_output'):
# Get the input template
- z = self.output_text(ncols, html, raw, allow_interact=False, sanitize=sanitize)
+ z = self.output_text(ncols, html, raw, allow_interact=False)
if not INTERACT_TEXT in z or not INTERACT_HTML in z:
return z
if ncols:
@@ -1797,7 +1767,7 @@ class Cell(Cell_generic):
try:
# Fill in the output template
output, html = self._interact_output
- output = self.parse_html(output, ncols, sanitize=sanitize)
+ output = self.parse_html(output, ncols)
z = z.replace(INTERACT_TEXT, output)
z = z.replace(INTERACT_HTML, html)
return z
@@ -1825,7 +1795,7 @@ class Cell(Cell_generic):
return s
if html:
- s = self.parse_html(s, ncols, sanitize=sanitize)
+ s = self.parse_html(s, ncols)
if (not is_interact and not self.is_html() and len(s.strip()) > 0 and
'<div class="docstring">' not in s):
@@ -1833,7 +1803,7 @@ class Cell(Cell_generic):
return s.strip('\n')
- def parse_html(self, s, ncols, sanitize=False):
+ def parse_html(self, s, ncols):
r"""
Parses HTML for output, escaping and wrapping HTML and
removing script elements.
@@ -1844,8 +1814,6 @@ class Cell(Cell_generic):
- ``ncols`` - an integer; the number of word wrap columns
- - ``sanitize`` - a boolean; sanitize the html
-
OUTPUT:
- a string
@@ -1863,14 +1831,11 @@ class Cell(Cell_generic):
return word_wrap(escape(x), ncols)
def format_html(x):
- t = self.process_cell_urls(x)
- if sanitize:
- t = clean_html(t)
- return t
+ return self.process_cell_urls(x)
# If there is an error in the output, specially format it.
if not self.is_interactive_cell():
- s = format_exception(s, ncols)
+ s = format_exception(format_html(s), ncols)
# Everything not wrapped in <html> ... </html> should be
# escaped and word wrapped.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-science/packages/sagenb.git
More information about the debian-science-commits
mailing list