Hello,
I have a spot on my site where i want a user to be able to input HTML
formatted text, with limitations to accepted tags. I would also like
to use a WYSIWYG editor. The trouble that I'm having is that users
like to write the stuff in Microsoft Word and paste it into the
editor. When that happens all sorts of "crap" gets inserted into the
HTML. I want to remove this from the HTML completely.
I was looking at gluon.sanitizer and found this:
from gluon.sanitizer import sanitize
request.vars.story = sanitize(request.vars.dedication)
logging.info("cleaned dedication is: %s" %
request.vars.dedication)
trouble is that it escapes the HTML that i don't want. There is a
method in sanitizer called strip(), but it really just escapes. would
it be bad to extend the functionality of sanitizer to provide an
option to remove the dis-allowed items rather than escaping them?
(i've tried to make both nicEdit and OpenWYSIWYG editors strip for me,
but neither works well - nicEdit misses some formatting, and
OpenWYSIWYG removes *all* formating, even permitted formatting)
Thanks,
Christian
