Mercurial > genshi > genshi-test
comparison doc/filters.txt @ 510:ca7d707d51b0
Use syntax highlighting on all the other doc pages, too.
author | cmlenz |
---|---|
date | Wed, 06 Jun 2007 10:41:41 +0000 |
parents | a332cb9c70d5 |
children | 9f1d90d6abd4 |
comparison
equal
deleted
inserted
replaced
509:1997f7af845c | 510:ca7d707d51b0 |
---|---|
24 from form controls in your templates, and let the filter do all that work for | 24 from form controls in your templates, and let the filter do all that work for |
25 you. | 25 you. |
26 | 26 |
27 ``HTMLFormFiller`` takes a dictionary of data to populate the form with, where | 27 ``HTMLFormFiller`` takes a dictionary of data to populate the form with, where |
28 the keys should match the names of form elements, and the values determine the | 28 the keys should match the names of form elements, and the values determine the |
29 values of those controls. For example:: | 29 values of those controls. For example: |
30 | |
31 .. code-block:: pycon | |
30 | 32 |
31 >>> from genshi.filters import HTMLFormFiller | 33 >>> from genshi.filters import HTMLFormFiller |
32 >>> from genshi.template import MarkupTemplate | 34 >>> from genshi.template import MarkupTemplate |
33 | 35 |
34 >>> template = MarkupTemplate("""<form> | 36 >>> template = MarkupTemplate("""<form> |
88 HTML Sanitizer | 90 HTML Sanitizer |
89 ============== | 91 ============== |
90 | 92 |
91 The filter ``genshi.filters.html.HTMLSanitizer`` filter can be used to clean up | 93 The filter ``genshi.filters.html.HTMLSanitizer`` filter can be used to clean up |
92 user-submitted HTML markup, removing potentially dangerous constructs that could | 94 user-submitted HTML markup, removing potentially dangerous constructs that could |
93 be used for various kinds of abuse, such as cross-site scripting (XSS) attacks:: | 95 be used for various kinds of abuse, such as cross-site scripting (XSS) attacks: |
96 | |
97 .. code-block:: pycon | |
94 | 98 |
95 >>> from genshi.filters import HTMLSanitizer | 99 >>> from genshi.filters import HTMLSanitizer |
96 >>> from genshi.input import HTML | 100 >>> from genshi.input import HTML |
97 | 101 |
98 >>> html = HTML("""<div> | 102 >>> html = HTML("""<div> |
113 | 117 |
114 Inline ``style`` attributes are forbidden by default. If you allow them, the | 118 Inline ``style`` attributes are forbidden by default. If you allow them, the |
115 filter will still perform sanitization on the contents any encountered inline | 119 filter will still perform sanitization on the contents any encountered inline |
116 styles: the proprietary ``expression()`` function (supported only by Internet | 120 styles: the proprietary ``expression()`` function (supported only by Internet |
117 Explorer) is removed, and any property using an ``url()`` which a potentially | 121 Explorer) is removed, and any property using an ``url()`` which a potentially |
118 dangerous URL scheme (such as ``javascript:``) are also stripped out:: | 122 dangerous URL scheme (such as ``javascript:``) are also stripped out: |
123 | |
124 .. code-block:: pycon | |
119 | 125 |
120 >>> from genshi.filters import HTMLSanitizer | 126 >>> from genshi.filters import HTMLSanitizer |
121 >>> from genshi.input import HTML | 127 >>> from genshi.input import HTML |
122 | 128 |
123 >>> html = HTML("""<div> | 129 >>> html = HTML("""<div> |
140 =========== | 146 =========== |
141 | 147 |
142 The filter ``genshi.filters.transform.Transformer`` provides a convenient way to | 148 The filter ``genshi.filters.transform.Transformer`` provides a convenient way to |
143 transform or otherwise work with markup event streams. It allows you to specify | 149 transform or otherwise work with markup event streams. It allows you to specify |
144 which parts of the stream you're interested in with XPath expressions, and then | 150 which parts of the stream you're interested in with XPath expressions, and then |
145 attach a variety of transformations to the parts that match:: | 151 attach a variety of transformations to the parts that match: |
152 | |
153 .. code-block:: pycon | |
146 | 154 |
147 >>> from genshi.builder import tag | 155 >>> from genshi.builder import tag |
148 >>> from genshi.core import TEXT | 156 >>> from genshi.core import TEXT |
149 >>> from genshi.filters import Transformer | 157 >>> from genshi.filters import Transformer |
150 >>> from genshi.input import HTML | 158 >>> from genshi.input import HTML |
174 | 182 |
175 A number of commonly useful transformations are available for this filter. | 183 A number of commonly useful transformations are available for this filter. |
176 Please consult the API documentation a complete list. | 184 Please consult the API documentation a complete list. |
177 | 185 |
178 In addition, you can also perform custom transformations. For example, the | 186 In addition, you can also perform custom transformations. For example, the |
179 following defines a transformation that changes the name of a tag:: | 187 following defines a transformation that changes the name of a tag: |
188 | |
189 .. code-block:: pycon | |
180 | 190 |
181 >>> from genshi import QName | 191 >>> from genshi import QName |
182 >>> from genshi.filters.transform import ENTER, EXIT | 192 >>> from genshi.filters.transform import ENTER, EXIT |
183 | 193 |
184 >>> class RenameTransformation(object): | 194 >>> class RenameTransformation(object): |
195 A transformation can be any callable object that accepts an augmented event | 205 A transformation can be any callable object that accepts an augmented event |
196 stream. In this case we define a class, so that we can initialize it with the | 206 stream. In this case we define a class, so that we can initialize it with the |
197 tag name. | 207 tag name. |
198 | 208 |
199 Custom transformations can be applied using the `|` operator on the transformer | 209 Custom transformations can be applied using the `|` operator on the transformer |
200 instance:: | 210 instance: |
211 | |
212 .. code-block:: pycon | |
201 | 213 |
202 >>> xform = Transformer('body//em').apply(unicode.upper, TEXT) | 214 >>> xform = Transformer('body//em').apply(unicode.upper, TEXT) |
203 >>> xform |= RenameTransformation('u') | 215 >>> xform |= RenameTransformation('u') |
204 >>> print html | xform | 216 >>> print html | xform |
205 <html> | 217 <html> |
207 <body> | 219 <body> |
208 Some <u>BODY</u> text. | 220 Some <u>BODY</u> text. |
209 </body> | 221 </body> |
210 </html> | 222 </html> |
211 | 223 |
224 .. note:: The transformation filter was added in Genshi 0.5. | |
212 | 225 |
213 | 226 |
214 Translator | 227 Translator |
215 ========== | 228 ========== |
216 | 229 |
221 | 234 |
222 The ``Translator`` class also defines the ``extract`` class method, which can | 235 The ``Translator`` class also defines the ``extract`` class method, which can |
223 be used to extract localizable messages from a template. | 236 be used to extract localizable messages from a template. |
224 | 237 |
225 Please refer to the API documentation for more information on this filter. | 238 Please refer to the API documentation for more information on this filter. |
239 | |
240 .. note:: The translation filter was added in Genshi 0.4. |