1346 | | At this point we allow users to post plain text comments, but those comments can't include niceties such as hyperlinks or HTML inline formatting (emphasis, etc). A very naive application would simply accept HTML tags in the input, and pass those tags through to the output. That is generally a bad thing, however, as it opens up your site to cross-site scripting (XSS) attacks, which can undermine any security measures you try put into effect (including SSL). And because this is generally not the behavior you want, Genshi XML-escapes everything by default, which makes it safe to include in (X)HTML output. |
| 1346 | At this point we allow users to post plain text comments, but those comments can't include niceties such as hyperlinks or HTML inline formatting (emphasis, etc). A very naive application would simply accept HTML tags in the input, and pass those tags through to the output. That is generally a bad thing, however, as it [http://neomeme.net/2007/05/26/reddit-hacked/ opens up] your site to [http://ha.ckers.org/cross-site-scripting.html cross-site scripting] (XSS) attacks, which can undermine any security measures you try put into effect (including SSL). And because this is generally not the behavior you want, Genshi XML-escapes everything by default, which makes it safe to include in (X)HTML output. |
1367 | | '''TODO: Mention Markup class''' |
1368 | | |
1369 | | So at this point our users can include HTML tags in their comments, and it will be rendered as HTML. But as noted above, that approach is very dangerous for most real-world applications, so we've got more work to do: |
1370 | | we need to sanitize the markup in the comment so that only markup that can be considered safe is let through. Genshi provide a stream filter to help us here: [wiki:Documentation/filters.html#html-sanitizer HTMLSanitizer]. |
1371 | | |
1372 | | In `geddit/controller.py`, first add the imports for the `HTML` function and the `HTMLSanitizer` filter, so that the imports at the top of the file look something like this: |
| 1367 | '''Note:''' Genshi also provides the `genshi.core.Markup` class, which is just a special string class that flags its content as safe for being included in HTML/XML output for Genshi. So instead of wrapping the comment text inside a call to the `HTML()` function, you could also use `Markup(comment.content)`, which would avoid the reparsing of the content, but at the cost of that content not being subject to stream filters and different serialization methods. |
| 1368 | |
| 1369 | So at this point our users can include HTML tags in their comments, and the comments will be rendered as HTML. But as noted above, that approach is very dangerous for most real-world applications, so we've got more work to do: we need to sanitize the markup in the comment so that only markup that can be considered safe is let through. Genshi provides a stream filter to help us here: [wiki:Documentation/filters.html#html-sanitizer HTMLSanitizer]. |
| 1370 | |
| 1371 | To add sanitization, first add the imports for the `HTML` function and the `HTMLSanitizer` filter to `geddit/controller.py`, so that the imports at the top of that file look something like this: |