Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clean HTML in feeds of "dangerous" tags (#645) #648

Closed
wants to merge 6 commits into from
Closed

Conversation

ralsina
Copy link
Member

@ralsina ralsina commented Sep 2, 2013

No description provided.

@arusahni
Copy link
Contributor

arusahni commented Sep 3, 2013

Just ran it against my code. The output looks fine. 👍

That being said, YouTube videos, on account of them using iframes, are stripped out. I understand there are security concerns for having embeds and iframes in the feed, but is there any way to have it fall back to using some placeholder text so readers know there is something there? I'm using the ReStructured Text directive.

@ralsina
Copy link
Member Author

ralsina commented Sep 3, 2013

@arusahni that makes sense. I am moving this into the v6.1 so we can think it further.

@Kwpolska
Copy link
Member

What is the status of this?

@ralsina
Copy link
Member Author

ralsina commented Feb 23, 2014

Well. I am not sure it's a good idea to do it or not.

@Kwpolska
Copy link
Member

IMO it is, provided that you do what @arusahni suggested: prepend a warning, and possibly even replace all the dangerous things with another warning.

@ralsina ralsina modified the milestones: v6.5.0, v6.4.0 Feb 26, 2014
@da2x
Copy link
Contributor

da2x commented Mar 12, 2014

Is this still needed with the new RSS_PLAIN option?

@ralsina
Copy link
Member Author

ralsina commented Mar 12, 2014

I'd say yes, this would allow a HTML feed, with formatting, but without the "forbidden" elements.

@ralsina ralsina modified the milestones: v7.0.0, v6.5.0 Mar 22, 2014
@ralsina ralsina modified the milestones: v7.1.0, v7.0.0 Apr 20, 2014
@Kwpolska Kwpolska modified the milestones: v7.2.0, v7.3.0 Nov 2, 2014
@ralsina ralsina modified the milestones: v8.0.0, v7.3.0 Jan 13, 2015
@ralsina
Copy link
Member Author

ralsina commented Jun 5, 2015

This is clearly not happening.

@ralsina ralsina closed this Jun 5, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants