django/utils/html.py

   1 "HTML utilities suitable for global use."
   2
   3 import re, string
   4
   5 # Configuration for urlize() function
   6 LEADING_PUNCTUATION  = ['(', '<', '&lt;']
   7 TRAILING_PUNCTUATION = ['.', ',', ')', '>', '\n', '&gt;']
   8
   9 # list of possible strings used for bullets in bulleted lists
  10 DOTS = ['&middot;', '*', '\xe2\x80\xa2', '&#149;', '&bull;', '&#8226;']
  11
  12 unencoded_ampersands_re = re.compile(r'&(?!(\w+|#\d+);)')
  13 word_split_re = re.compile(r'(\s+)')
  14 punctuation_re = re.compile('^(?P<lead>(?:%s)*)(?P<middle>.*?)(?P<trail>(?:%s)*)$' % \
  15     ('|'.join([re.escape(p) for p in LEADING_PUNCTUATION]),
  16     '|'.join([re.escape(p) for p in TRAILING_PUNCTUATION])))
  17 simple_email_re = re.compile(r'^\S+@[a-zA-Z0-9._-]+\.[a-zA-Z0-9._-]+$')
  18 link_target_attribute_re = re.compile(r'(<a [^>]*?)target=[^\s>]+')
  19 html_gunk_re = re.compile(r'(?:<br clear="all">|<i><\/i>|<b><\/b>|<em><\/em>|<strong><\/strong>|<\/?smallcaps>|<\/?uppercase>)', re.IGNORECASE)
  20 hard_coded_bullets_re = re.compile(r'((?:<p>(?:%s).*?[a-zA-Z].*?</p>\s*)+)' % '|'.join([re.escape(d) for d in DOTS]), re.DOTALL)
  21 trailing_empty_content_re = re.compile(r'(?:<p>(?:&nbsp;|\s|<br \/>)*?</p>\s*)+\Z')
  22
  23 def escape(html):
  24     "Returns the given HTML with ampersands, quotes and carets encoded"
  25     if not isinstance(html, basestring):
  26         html = str(html)
  27     return html.replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;')
  28
  29 def linebreaks(value):
  30     "Converts newlines into <p> and <br />s"
  31     value = re.sub(r'\r\n|\r|\n', '\n', value) # normalize newlines
  32     paras = re.split('\n{2,}', value)
  33     paras = ['<p>%s</p>' % p.strip().replace('\n', '<br />') for p in paras]
  34     return '\n\n'.join(paras)
  35
  36 def strip_tags(value):
  37     "Returns the given HTML with all tags stripped"
  38     return re.sub(r'<[^>]*?>', '', value)
  39
  40 def strip_entities(value):
  41     "Returns the given HTML with all entities (&something;) stripped"
  42     return re.sub(r'&(?:\w+|#\d);', '', value)
  43
  44 def fix_ampersands(value):
  45     "Returns the given HTML with all unencoded ampersands encoded correctly"
  46     return unencoded_ampersands_re.sub('&amp;', value)
  47
  48 def urlize(text, trim_url_limit=None, nofollow=False):
  49     """
  50     Converts any URLs in text into clickable links. Works on http://, https:// and
  51     www. links. Links can have trailing punctuation (periods, commas, close-parens)
  52     and leading punctuation (opening parens) and it'll still do the right thing.
  53
  54     If trim_url_limit is not None, the URLs in link text will be limited to
  55     trim_url_limit characters.
  56
  57     If nofollow is True, the URLs in link text will get a rel="nofollow" attribute.
  58     """
  59     trim_url = lambda x, limit=trim_url_limit: limit is not None and (x[:limit] + (len(x) >=limit and '...' or ''))  or x
  60     words = word_split_re.split(text)
  61     nofollow_attr = nofollow and ' rel="nofollow"' or ''
  62     for i, word in enumerate(words):
  63         match = punctuation_re.match(word)
  64         if match:
  65             lead, middle, trail = match.groups()
  66             if middle.startswith('www.') or ('@' not in middle and not middle.startswith('http://') and \
  67                     len(middle) > 0 and middle[0] in string.letters + string.digits and \
  68                     (middle.endswith('.org') or middle.endswith('.net') or middle.endswith('.com'))):
  69                 middle = '<a href="http://%s"%s>%s</a>' % (middle, nofollow_attr, trim_url(middle))
  70             if middle.startswith('http://') or middle.startswith('https://'):
  71                 middle = '<a href="%s"%s>%s</a>' % (middle, nofollow_attr, trim_url(middle))
  72             if '@' in middle and not middle.startswith('www.') and not ':' in middle \
  73                 and simple_email_re.match(middle):
  74                 middle = '<a href="mailto:%s">%s</a>' % (middle, middle)
  75             if lead + middle + trail != word:
  76                 words[i] = lead + middle + trail
  77     return ''.join(words)
  78
  79 def clean_html(text):
  80     """
  81     Cleans the given HTML. Specifically, it does the following:
  82         * Converts <b> and <i> to <strong> and <em>.
  83         * Encodes all ampersands correctly.
  84         * Removes all "target" attributes from <a> tags.
  85         * Removes extraneous HTML, such as presentational tags that open and
  86           immediately close and <br clear="all">.
  87         * Converts hard-coded bullets into HTML unordered lists.
  88         * Removes stuff like "<p>&nbsp;&nbsp;</p>", but only if it's at the
  89           bottom of the text.
  90     """
  91     from django.utils.text import normalize_newlines
  92     text = normalize_newlines(text)
  93     text = re.sub(r'<(/?)\s*b\s*>', '<\\1strong>', text)
  94     text = re.sub(r'<(/?)\s*i\s*>', '<\\1em>', text)
  95     text = fix_ampersands(text)
  96     # Remove all target="" attributes from <a> tags.
  97     text = link_target_attribute_re.sub('\\1', text)
  98     # Trim stupid HTML such as <br clear="all">.
  99     text = html_gunk_re.sub('', text)
 100     # Convert hard-coded bullets into HTML unordered lists.
 101     def replace_p_tags(match):
 102         s = match.group().replace('</p>', '</li>')
 103         for d in DOTS:
 104             s = s.replace('<p>%s' % d, '<li>')
 105         return '<ul>\n%s\n</ul>' % s
 106     text = hard_coded_bullets_re.sub(replace_p_tags, text)
 107     # Remove stuff like "<p>&nbsp;&nbsp;</p>", but only if it's at the bottom of the text.
 108     text = trailing_empty_content_re.sub('', text)
 109     return text
 110