1
#! /usr/bin/env python3
2
# -*- coding: utf-8 -*-
4
# Copyright 2013, Marten de Vries
6
# This file is part of OpenTeacher.
8
# OpenTeacher is free software: you can redistribute it and/or modify
9
# it under the terms of the GNU General Public License as published by
10
# the Free Software Foundation, either version 3 of the License, or
11
# (at your option) any later version.
13
# OpenTeacher is distributed in the hope that it will be useful,
14
# but WITHOUT ANY WARRANTY; without even the implied warranty of
15
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
# GNU General Public License for more details.
18
# You should have received a copy of the GNU General Public License
19
# along with OpenTeacher. If not, see <http://www.gnu.org/licenses/>.
21
class SafeHtmlCheckerModule:
22
def __init__(self, moduleManager, *args, **kwargs):
23
super().__init__(*args, **kwargs)
24
self._mm = moduleManager
26
self.type = "safeHtmlChecker"
28
self._mm.mods(type="javaScriptEvaluator"),
30
self.javaScriptImplementation = True
32
def isSafeHtml(self, html):
33
"""Checks if it's safe to load an untrusted piece of ``html``
34
into a user's browser. Uses a tag whitelist.
37
return self._js.global_["isSafeHtml"](html)
40
self._modules = next(iter(self._mm.mods(type="modules")))
41
self._js = self._modules.default(type="javaScriptEvaluator").createEvaluator()
42
with open(self._mm.resourcePath("safeHtmlChecker.js"), encoding='UTF-8') as f:
44
self._js.eval(self.code)
55
def init(moduleManager):
56
return SafeHtmlCheckerModule(moduleManager)