2.3 KiB
2.3 KiB
saningi-html todo
Current:
- basic cli argparsing working (stdin -> sanizization -> stdout)
- Modes implemented:
- strict
- loose
- passthrough
- profiles in a seperate .py file
To implement:
things not yet implemented in the program NOTE: That things which are in italic text are already implemented!
url filtering:
- [x] block external URL in strict mode (eg a link with href to some porn site or something)
- [x] allow relative paths: - eg "/path/to/my/awesome/post.html"
- [x] apply to any of these:
- a
- img
- link href
- [x] add custom attribute filter function
- [x] load dotenv (chore for profiles.py) ; do this someday when implementing JSON configs. Or dotenv stuff : PRIO:HIGH
Expland strict mode:
- Allow these:
- html, head, body
- title
- meta (with restrictions)
- link (for css only)
- table, tr, td, th
- any of crucuial html tags
- restrict metas (allow):
- allow only charset, name, content
- restrict metas (dont allow):
- base
- meta http-equiv
passthrough safety
- [x] add stderr warning for user
Add some logging:
- debugging with --debug
- print what was removed, to stderr
Config files:
- allow custom JSON/YAML/yadayadayada configurations
- pass in through CLI with flag --config "file.idk"
Fixes:
Content of tag staying after removal of tag
When running strict/loose:
(venv) rattatwinko@kubuntu:~/Documents/sanigi-html$ echo "<html><body><h1>Heading</h1><script>var=j;</script></body></html>" | python3 src/main.py --mode strict
[ DEBUG@2026-04-20 07:54:57 ]: called sanitizer! using this as args:
<html><body><h1>Heading</h1><script>var=j;</script></body></html>
['p', 'b', 'i', 'u', 'em', 'strong', 'ul', 'ol', 'li', 'br', 'hr', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6']
[]
True
<h1>Heading</h1>**var=j;**
You can see that the <script> tag gets removed but doesnt bother with removing the contents of that tag. The remaining thing is : var=j; ; If this gets rendered its bad, cause it looks bad!
We need to fix this.
Plan for fixing this:
Lets maybe use bs4 for this, its fitting cause it can decompose HTML. Fixed!
Around 30 minutes later:
This issue is no longer relevant, it is fixed! using bs4.