HTML cleaner from lxml project

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for frenzymadness from gravatar.com frenzymadness Avatar for hroncok from gravatar.com hroncok

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Project description

lxml_html_clean

Motivation

This project was initially a part of lxml. Because HTML cleaner is designed as blocklist-based, many reports about possible security vulnerabilities were filed for lxml and that make the project problematic for security-sensitive environments. Therefore we decided to extract the problematic part to a separate project.

Important: the HTML Cleaner in lxml_html_clean is not considered appropriate for security sensitive environments. See e.g. bleach for an alternative.

This project uses functions from Python's urllib.parse for URL parsing which do not validate inputs. For more information on potential security risks, refer to the URL parsing security documentation. A maliciously crafted URL could potentially bypass the allowed hosts check in Cleaner.

Installation

You can install this project directly via pip install lxml_html_clean or as an extra of lxml via pip install lxml[html_clean]. Both ways install this project together with lxml itself.

Security

For discussions regarding security-related issues or any sensitive reports, please contact us privately. You can reach out to lbalhar(at)redhat.com or frenzy.madness(at)gmail.com to ensure your concerns are addressed confidentially and securely.

Documentation

https://lxml-html-clean.readthedocs.io/

License

BSD-3-Clause

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for frenzymadness from gravatar.com frenzymadness Avatar for hroncok from gravatar.com hroncok

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

0.3.1

This version

0.3.0

0.2.2

0.2.1

0.2.0

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

lxml_html_clean-0.3.0.tar.gz (20.8 kB view details)

Uploaded Source

Built Distribution

lxml_html_clean-0.3.0-py3-none-any.whl (13.9 kB view details)

Uploaded Python 3

File details

Details for the file lxml_html_clean-0.3.0.tar.gz.

File metadata

  • Download URL: lxml_html_clean-0.3.0.tar.gz
  • Upload date:
  • Size: 20.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.12.6

File hashes

Hashes for lxml_html_clean-0.3.0.tar.gz
Algorithm Hash digest
SHA256 c355c5e738d27dfb8fc474896ab5973b4c54d6c22f472582bee8357081989276
MD5 756aec6edbd284ddf078029a8950e48c
BLAKE2b-256 a969fd08fb5e2f2da4efe92f8be979130c84475f700e49d8d8d173aa64c65a8a

See more details on using hashes here.

Provenance

File details

Details for the file lxml_html_clean-0.3.0-py3-none-any.whl.

File metadata

File hashes

Hashes for lxml_html_clean-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 cc5e34412158040959c9d0b3681b3ad49276ac02eb8c576afd43e351b127b3ef
MD5 4c2bc324941259d73c0d8a0a25c2b584
BLAKE2b-256 157d52511b6d0f3e2bee4e62db69cc559ca9ffa6ec726b28dced9e786ae49c05

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page