This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

Let your users input html into your textareas without losing any sleep. django-secure-input sanitizes user’s input and allows only some tags to be interpreted as html and escapes the rest. By default, <script> tags are not allowed.

Requirements/Installing

django-secure-input requires Python 2.6-2.7 or 3.2+. It also requires Django >= 1.4 and bleach.

The easiest way to install django-secure-input is using pip:

pip install django-secure-input

The add it to your install apps:

INSTALLED_APP += ('secure_input')

Fields

Use one of our provided custom form fields in your forms and you are all set.

SafeCharFieldInput
Textarea that allows saving html.
WYSIWYGField
wysiwyg widget
MiniWYSIWYGField
wysiwyg widget (limiited tools)

Defaults settings

The defaults provided by our validation method can be overwritten, to set your own overwrite this on your settings.py file:

ALLOWED_TAGS: Tuple of allowed tags, for example: (‘p’, ‘h2’, ‘h3’).

ALLOWED_STYLES: Tuple of inline style allowable in your html, for
example: (‘font’, ‘font-size’, ‘color’).
ALLOWED_ATTRIBUTES: A dict of tags -> attributes, for example:
{‘a’: [‘href’, ‘title’], ‘*’: [‘class’]}

Example

Simplest way to start using our custom fields:

from django import forms
from secure_input.fields import MiniWYSIWYGField

class MySecureForm(forms.ModelForm):
    text = MiniWYSIWYGField()

    class Meta:
        model = MyModel

Template

Make sure to include the following css and js files in the template where you are rendering your form.

In your template {{ form.media.css }}:

- <link href="{{ STATIC_URL }}secure_input/bootstrap/css/bootstrap.css" rel="stylesheet" type="css/text">
- <link href="{{ STATIC_URL }}secure_input/font-awesome/css/font-awesome.css" rel="stylesheet" type="css/text">
- <link href="{{ STATIC_URL }}secure_input/css/basicEditor.css" rel="stylesheet" type="css/text">

and {{form.media.js }}:

- <script src="{{ STATIC_URL }}secure_input/js/libs/jquery.js" type="text/javascript"></script>
- <script src="{{ STATIC_URL }}secure_input/bootstrap/js/bootstrap.min.js" type="text/javascript"></script>
- <script src="{{ STATIC_URL }}secure_input/bootstrap-wysiwyg/external/jquery.hotkeys.js" type="text/javascript"></script>
- <script src="{{ STATIC_URL }}secure_input/bootstrap-wysiwyg/bootstrap-wysiwyg.js" type="text/javascript"></script>
- <script src="{{ STATIC_URL }}secure_input/js/plugin.js" type="text/javascript"></script>

Finally, you need to initialize the js plugin:

$("#commentForm").secureInput();

Documentation

Additional documentation on using django-secure-input is available on Read The Docs.

Running the Tests

You can run the tests with via:

python setup.py test

or:

python runtests.py

License

django-secure-input is released under the BSD License. See the LICENSE file for more details.

Contributing

If you think you’ve found a bug or are interested in contributing to this project check out django-secure-input on Github.

Development sponsored by RochApps, LLC.

Release History

Release History

0.9.3

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.9.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.9.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.9.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
django-secure-input-0.9.3.tar.gz (575.6 kB) Copy SHA256 Checksum SHA256 Source Mar 20, 2014

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting