Comment 12 for bug 1958539
Revision history for this message
| frenzy (frenzy-madness) wrote Re: Consider deprecating/removing clean_html() in favor of bleach? | #12 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
I already have some responses and their sentiment is overall positive. Responders either consider the proposed alternatives or they don't need the output from clean_html to be secure. For the second group, we should make sure that the cleaner will be useful for them with minimal changes to their codebases.
Also, another possible alternative is pybluemonday which uses lxml only in benchmarks and might be another replacement.