search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fixed #7496 -- It's now possible to pickle SortedDicts with pickle protocol 2
[django.git] / django / utils / html.py
blob9b3fad8b033633dcb9b13adec16a03e98bc1f8e7
1 """HTML utilities suitable for global use."""
2
3 import re
4 import string
5
6 from django.utils.safestring import SafeData, mark_safe
7 from django.utils.encoding import force_unicode
8 from django.utils.functional import allow_lazy
9 from django.utils.http import urlquote
10
11 # Configuration for urlize() function.
12 LEADING_PUNCTUATION = ['(', '<', '&lt;']
13 TRAILING_PUNCTUATION = ['.', ',', ')', '>', '\n', '&gt;']
14
15 # List of possible strings used for bullets in bulleted lists.
16 DOTS = ['&middot;', '*', '\xe2\x80\xa2', '&#149;', '&bull;', '&#8226;']
17
18 unencoded_ampersands_re = re.compile(r'&(?!(\w+|#\d+);)')
19 word_split_re = re.compile(r'(\s+)')
20 punctuation_re = re.compile('^(?P<lead>(?:%s)*)(?P<middle>.*?)(?P<trail>(?:%s)*)$' % \
21 ('|'.join([re.escape(x) for x in LEADING_PUNCTUATION]),
22 '|'.join([re.escape(x) for x in TRAILING_PUNCTUATION])))
23 simple_email_re = re.compile(r'^\S+@[a-zA-Z0-9._-]+\.[a-zA-Z0-9._-]+$')
24 link_target_attribute_re = re.compile(r'(<a [^>]*?)target=[^\s>]+')
25 html_gunk_re = re.compile(r'(?:<br clear="all">|<i><\/i>|<b><\/b>|<em><\/em>|<strong><\/strong>|<\/?smallcaps>|<\/?uppercase>)', re.IGNORECASE)
26 hard_coded_bullets_re = re.compile(r'((?:<p>(?:%s).*?[a-zA-Z].*?</p>\s*)+)' % '|'.join([re.escape(x) for x in DOTS]), re.DOTALL)
27 trailing_empty_content_re = re.compile(r'(?:<p>(?:&nbsp;|\s|<br \/>)*?</p>\s*)+\Z')
28 del x # Temporary variable
29
30 def escape(html):
31 """Returns the given HTML with ampersands, quotes and carets encoded."""
32 return mark_safe(force_unicode(html).replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&#39;'))
33 escape = allow_lazy(escape, unicode)
34
35 def conditional_escape(html):
36 """
37 Similar to escape(), except that it doesn't operate on pre-escaped strings.
38 """
39 if isinstance(html, SafeData):
40 return html
41 else:
42 return escape(html)
43
44 def linebreaks(value, autoescape=False):
45 """Converts newlines into <p> and <br />s."""
46 value = re.sub(r'\r\n|\r|\n', '\n', force_unicode(value)) # normalize newlines
47 paras = re.split('\n{2,}', value)
48 if autoescape:
49 paras = [u'<p>%s</p>' % escape(p.strip()).replace('\n', '<br />') for p in paras]
50 else:
51 paras = [u'<p>%s</p>' % p.strip().replace('\n', '<br />') for p in paras]
52 return u'\n\n'.join(paras)
53 linebreaks = allow_lazy(linebreaks, unicode)
54
55 def strip_tags(value):
56 """Returns the given HTML with all tags stripped."""
57 return re.sub(r'<[^>]*?>', '', force_unicode(value))
58 strip_tags = allow_lazy(strip_tags)
59
60 def strip_spaces_between_tags(value):
61 """Returns the given HTML with spaces between tags removed."""
62 return re.sub(r'>\s+<', '><', force_unicode(value))
63 strip_spaces_between_tags = allow_lazy(strip_spaces_between_tags, unicode)
64
65 def strip_entities(value):
66 """Returns the given HTML with all entities (&something;) stripped."""
67 return re.sub(r'&(?:\w+|#\d+);', '', force_unicode(value))
68 strip_entities = allow_lazy(strip_entities, unicode)
69
70 def fix_ampersands(value):
71 """Returns the given HTML with all unencoded ampersands encoded correctly."""
72 return unencoded_ampersands_re.sub('&amp;', force_unicode(value))
73 fix_ampersands = allow_lazy(fix_ampersands, unicode)
74
75 def urlize(text, trim_url_limit=None, nofollow=False, autoescape=False):
76 """
77 Converts any URLs in text into clickable links.
78
79 Works on http://, https://, www. links and links ending in .org, .net or
80 .com. Links can have trailing punctuation (periods, commas, close-parens)
81 and leading punctuation (opening parens) and it'll still do the right
82 thing.
83
84 If trim_url_limit is not None, the URLs in link text longer than this limit
85 will truncated to trim_url_limit-3 characters and appended with an elipsis.
86
87 If nofollow is True, the URLs in link text will get a rel="nofollow"
88 attribute.
89
90 If autoescape is True, the link text and URLs will get autoescaped.
91 """
92 trim_url = lambda x, limit=trim_url_limit: limit is not None and (len(x) > limit and ('%s...' % x[:max(0, limit - 3)])) or x
93 safe_input = isinstance(text, SafeData)
94 words = word_split_re.split(force_unicode(text))
95 nofollow_attr = nofollow and ' rel="nofollow"' or ''
96 for i, word in enumerate(words):
97 match = None
98 if '.' in word or '@' in word or ':' in word:
99 match = punctuation_re.match(word)
100 if match:
101 lead, middle, trail = match.groups()
102 # Make URL we want to point to.
103 url = None
104 if middle.startswith('http://') or middle.startswith('https://'):
105 url = urlquote(middle, safe='/&=:;#?+*')
106 elif middle.startswith('www.') or ('@' not in middle and \
107 middle and middle[0] in string.ascii_letters + string.digits and \
108 (middle.endswith('.org') or middle.endswith('.net') or middle.endswith('.com'))):
109 url = urlquote('http://%s' % middle, safe='/&=:;#?+*')
110 elif '@' in middle and not ':' in middle and simple_email_re.match(middle):
111 url = 'mailto:%s' % middle
112 nofollow_attr = ''
113 # Make link.
114 if url:
115 trimmed = trim_url(middle)
116 if autoescape and not safe_input:
117 lead, trail = escape(lead), escape(trail)
118 url, trimmed = escape(url), escape(trimmed)
119 middle = '<a href="%s"%s>%s</a>' % (url, nofollow_attr, trimmed)
120 words[i] = mark_safe('%s%s%s' % (lead, middle, trail))
121 else:
122 if safe_input:
123 words[i] = mark_safe(word)
124 elif autoescape:
125 words[i] = escape(word)
126 elif safe_input:
127 words[i] = mark_safe(word)
128 elif autoescape:
129 words[i] = escape(word)
130 return u''.join(words)
131 urlize = allow_lazy(urlize, unicode)
132
133 def clean_html(text):
134 """
135 Clean the given HTML. Specifically, do the following:
136 * Convert <b> and <i> to <strong> and <em>.
137 * Encode all ampersands correctly.
138 * Remove all "target" attributes from <a> tags.
139 * Remove extraneous HTML, such as presentational tags that open and
140 immediately close and <br clear="all">.
141 * Convert hard-coded bullets into HTML unordered lists.
142 * Remove stuff like "<p>&nbsp;&nbsp;</p>", but only if it's at the
143 bottom of the text.
144 """
145 from django.utils.text import normalize_newlines
146 text = normalize_newlines(force_unicode(text))
147 text = re.sub(r'<(/?)\s*b\s*>', '<\\1strong>', text)
148 text = re.sub(r'<(/?)\s*i\s*>', '<\\1em>', text)
149 text = fix_ampersands(text)
150 # Remove all target="" attributes from <a> tags.
151 text = link_target_attribute_re.sub('\\1', text)
152 # Trim stupid HTML such as <br clear="all">.
153 text = html_gunk_re.sub('', text)
154 # Convert hard-coded bullets into HTML unordered lists.
155 def replace_p_tags(match):
156 s = match.group().replace('</p>', '</li>')
157 for d in DOTS:
158 s = s.replace('<p>%s' % d, '<li>')
159 return u'<ul>\n%s\n</ul>' % s
160 text = hard_coded_bullets_re.sub(replace_p_tags, text)
161 # Remove stuff like "<p>&nbsp;&nbsp;</p>", but only if it's at the bottom
162 # of the text.
163 text = trailing_empty_content_re.sub('', text)
164 return text
165 clean_html = allow_lazy(clean_html, unicode)
Mirror of the django web framework