- How do I perform HTML decoding/encoding using Python/Django?
I have a string that is HTML encoded:
'''<img class="size-medium wp-image-113"\ style="margin-left: 15px;" title="su1"\ src="http://blah.org/wp-content/uploads/2008/10/su1-300x194.jpg"\ alt="" width="300" height="194" />'''I want to change that to:
<img class="size-medium wp-image-113" style="margin-left: 15px;" title="su1" src="http://blah.org/wp-content/uploads/2008/10/su1-300x194.jpg" alt="" width="300" height="194" />I want this to register as HTML so that it is rendered as an image by the browser instead of being displayed as text.
The string is stored like that because I am using a web-scraping tool called
BeautifulSoup, it "scans" a web-page and gets certain content from it, then returns the string in that format.I've found how to do this in C# but not in Python. Can someone help me out?
Related
- how can use antiXss but accepting xml?
i want prevent xss attack by use antixss from nuget.but when i want save my data in form , i convert that data to xml in javascript.then anti xss dose not accept because it have "<" or ">".how can i prevent xss but accept xml?
for (i = 0; i < context.Request.Form.Count; i++) { if (context.Request[context.Request.Form.AllKeys[i]].Trim() != AntiXss.XmlEncode(context.Request[context.Request.Form.AllKeys[i]]).Trim()) { s = s + context.Request.Form.AllKeys[i] + ":" + context.Request[context.Request.Form.AllKeys[i]] + ","; } } if (s != "") Response.Redirect("/FrmPresentation/App_Pages/ErrorLog/WarningRedirectPage.aspx"); - cypress runner ignoring charset="windows-1252" html tag
I'm testing a page which is windows-1252 encoded, it has the following meta tags in the html:
<html><head> <title>Meta-SSC</title> <meta http-equiv="Content-Type" content="text/html"> <meta charset="windows-1252">But cypress runner won't catch it, and can't correctly display characters like á, é, etc., like this:
My test are failing because of this.
On the other hand, when testing it on chrome (Version 72.0.3626.121 Official Build 32-bit running on windows 10) or firefox (65.0.2 64bits) it works ok:
Any idea how could I troubleshoot it?
Found this issue at Cypress' github that might be related.
- Parse string into HTML
I'm trying to recreate a blog CRUD application in which a user can create posts by inputting text into a
textareaof a<form>. From here the input is stored in Postgresql as the typetextfor later use. I'd like to parse that string of text into HTML.The issue I am having:
User inputs a string of what would be formatted into HTML. The program would take this string and format it into raw HTML.
What input is expected:
<h2>Title here</h2><p>some text here</p>What is should be formatted to:
Title here
some text here
How it is displayed:
<h2>Title here </h2><p>some text here </p>What I have done:
I've read about using a WYSIWYG text editors like CKEditor and TinyMCE. I even used CKEditor but when I save the input into the database it's rendered as a string not the HTML I want, which makes sense. I've also used modules such as HTML5lib, html and BeautifulSoup but it's still rendering as
'<h2>Title here</h2><p>some text here</p>'with the single quotations. So it's still a string. I want to escape the first and last quotes but not every single one between.Basically I am trying to reproduce this very text editor on Stackoverflow. I am storing the input as a Postgresql
textdata type. I figured it's optimal to format the string into HTML when it is retrieved from the database, and not before it is stored (wrong?). I have even implemented a class to do so, like:class Post(): body = db.Column(db.Text)def to_html(self, body): '''format string of chars to HTML. Return HTML''' # ...Then in the html template I could (I'm using Jinja to do this):
{{ Post.to_html(body) }}I believe I am confused about encoding/decoding text and html.
- How to prevent client side HTML encoding with jsRender from encoding already encoded string from server
This is a tough one to explain, so please bear with me. I am using a combination of server-side encoding using the ASP.NET
HttpUtility.HtmlEncode()method and client-side encoding with jsRender (awesome rendering library by the way.)When I use either of these by themselves it works fine. The character
<would become<but it would still display as<in the browser which is good because sometimes there are legitimate cases where these characters are used and need to be displayed to the user correctly, but not executed by the browser.The problem is when I encode server-side and then also encode that same string client-side it now displays the encoded string in the browser. You are probably asking yourself why would I want to do it in both places. The reason for that is that I prefer to do it server side but I like having the client-side there too in case a developer forgets to do it server-side or vice versa as a failsafe.
Is there any way to have it encode in both places and still have it display as the non encoded string in the browser?