forked from forks/microblog.pub
Tweak HTML sanitization and media proxy
This commit is contained in:
parent
77720b61af
commit
84a6d0c498
2 changed files with 8 additions and 2 deletions
8
app.py
8
app.py
|
@ -254,7 +254,13 @@ def proxy(scheme: str, url: str) -> Any:
|
|||
for chunk in resp.raw.stream(decode_content=False):
|
||||
yield chunk
|
||||
|
||||
return Response(data(), headers=dict(resp.raw.headers))
|
||||
resp_headers = {
|
||||
k: v
|
||||
for k, v in dict(resp.raw.headers).items()
|
||||
if k.lower()
|
||||
in ["content-type", "etag", "cache-control", "expires", "date", "last-modified"]
|
||||
}
|
||||
return Response(data(), headers=resp_headers)
|
||||
|
||||
|
||||
@app.route("/media/<media_id>")
|
||||
|
|
|
@ -93,7 +93,7 @@ ALLOWED_TAGS = [
|
|||
|
||||
def clean_html(html):
|
||||
try:
|
||||
return bleach.clean(html, tags=ALLOWED_TAGS)
|
||||
return bleach.clean(html, tags=ALLOWED_TAGS, strip=True)
|
||||
except Exception:
|
||||
return ""
|
||||
|
||||
|
|
Loading…
Reference in a new issue