diff --git a/.eggs/README.txt b/.eggs/README.txt deleted file mode 100644 index 5d01668..0000000 --- a/.eggs/README.txt +++ /dev/null @@ -1,6 +0,0 @@ -This directory contains eggs that were downloaded by setuptools to build, test, and run plug-ins. - -This directory caches those eggs to prevent repeated downloads. - -However, it is safe to delete this directory. - diff --git a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/DESCRIPTION.rst b/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/DESCRIPTION.rst deleted file mode 100644 index dbd7951..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/DESCRIPTION.rst +++ /dev/null @@ -1,717 +0,0 @@ -====== -Bleach -====== - -.. image:: https://travis-ci.org/mozilla/bleach.svg?branch=master - :target: https://travis-ci.org/mozilla/bleach - -.. image:: https://badge.fury.io/py/bleach.svg - :target: http://badge.fury.io/py/bleach - -Bleach is an allowed-list-based HTML sanitizing library that escapes or strips -markup and attributes. - -Bleach can also linkify text safely, applying filters that Django's ``urlize`` -filter cannot, and optionally setting ``rel`` attributes, even on links already -in the text. - -Bleach is intended for sanitizing text from *untrusted* sources. If you find -yourself jumping through hoops to allow your site administrators to do lots of -things, you're probably outside the use cases. Either trust those users, or -don't. - -Because it relies on html5lib_, Bleach is as good as modern browsers at dealing -with weird, quirky HTML fragments. And *any* of Bleach's methods will fix -unbalanced or mis-nested tags. - -The version on GitHub_ is the most up-to-date and contains the latest bug -fixes. You can find full documentation on `ReadTheDocs`_. - -:Code: https://github.com/mozilla/bleach -:Documentation: https://bleach.readthedocs.io/ -:Issue tracker: https://github.com/mozilla/bleach/issues -:IRC: ``#bleach`` on irc.mozilla.org -:License: Apache License v2; see LICENSE file - - -Reporting Bugs -============== - -For regular bugs, please report them `in our issue tracker -`_. - -If you believe that you've found a security vulnerability, please `file a secure -bug report in our bug tracker -`_ -or send an email to *security AT mozilla DOT org*. - -For more information on security-related bug disclosure and the PGP key to use -for sending encrypted mail or to verify responses received from that address, -please read our wiki page at -``_. - - -Security -======== - -Bleach is a security-focused library. - -We have a responsible security vulnerability reporting process. Please use -that if you're reporting a security issue. - -Security issues are fixed in private. After we land such a fix, we'll do a -release. - -For every release, we mark security issues we've fixed in the ``CHANGES`` in -the **Security issues** section. We include any relevant CVE links. - - -Installing Bleach -================= - -Bleach is available on PyPI_, so you can install it with ``pip``:: - - $ pip install bleach - - -Upgrading Bleach -================ - -.. warning:: - - Before doing any upgrades, read through `Bleach Changes - `_ for backwards - incompatible changes, newer versions, etc. - - -Basic use -========= - -The simplest way to use Bleach is: - -.. code-block:: python - - >>> import bleach - - >>> bleach.clean('an example') - u'an <script>evil()</script> example' - - >>> bleach.linkify('an http://example.com url') - u'an http://example.com url - - -Code of conduct -=============== - -This project and repository is governed by Mozilla's code of conduct and -etiquette guidelines. For more details please see the `Mozilla Community -Participation Guidelines -`_ and -`Developer Etiquette Guidelines -`_. - - -.. _html5lib: https://github.com/html5lib/html5lib-python -.. _GitHub: https://github.com/mozilla/bleach -.. _ReadTheDocs: https://bleach.readthedocs.io/ -.. _PyPI: http://pypi.python.org/pypi/bleach - - -Bleach changes -============== - -Version 3.1.0 (January 9th, 2019) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -* Add ``recognized_tags`` argument to the linkify ``Linker`` class. This - fixes issues when linkifying on its own and having some tags get escaped. - It defaults to a list of HTML5 tags. Thank you, Chad Birch! (#409) - -**Bug fixes** - -* Add ``six>=1.9`` to requirements. Thank you, Dave Shawley (#416) - -* Fix cases where attribute names could have invalid characters in them. - (#419) - -* Fix problems with ``LinkifyFilter`` not being able to match links - across ``&``. (#422) - -* Fix ``InputStreamWithMemory`` when the ``BleachHTMLParser`` is - parsing ``meta`` tags. (#431) - -* Fix doctests. (#357) - - -Version 3.0.2 (October 11th, 2018) ----------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -None - -**Bug fixes** - -* Merge ``Characters`` tokens after sanitizing them. This fixes issues in the - ``LinkifyFilter`` where it was only linkifying parts of urls. (#374) - - -Version 3.0.1 (October 9th, 2018) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -* Support Python 3.7. It supported Python 3.7 just fine, but we added 3.7 to - the list of Python environments we test so this is now officially supported. - (#377) - -**Bug fixes** - -* Fix ``list`` object has no attribute ``lower`` in ``clean``. (#398) -* Fix ``abbr`` getting escaped in ``linkify``. (#400) - - -Version 3.0.0 (October 3rd, 2018) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -* A bunch of functions were moved from one module to another. - - These were moved from ``bleach.sanitizer`` to ``bleach.html5lib_shim``: - - * ``convert_entity`` - * ``convert_entities`` - * ``match_entity`` - * ``next_possible_entity`` - * ``BleachHTMLSerializer`` - * ``BleachHTMLTokenizer`` - * ``BleachHTMLParser`` - - These functions and classes weren't documented and aren't part of the - public API, but people read code and might be using them so we're - considering it an incompatible API change. - - If you're using them, you'll need to update your code. - -**Features** - -* Bleach no longer depends on html5lib. html5lib==1.0.1 is now vendored into - Bleach. You can remove it from your requirements file if none of your other - requirements require html5lib. - - This means Bleach will now work fine with other libraries that depend on - html5lib regardless of what version of html5lib they require. (#386) - -**Bug fixes** - -* Fixed tags getting added when using clean or linkify. This was a - long-standing regression from the Bleach 2.0 rewrite. (#280, #392) - -* Fixed ```` getting replaced with a string. Now it gets escaped or - stripped depending on whether it's in the allowed tags or not. (#279) - - -Version 2.1.4 (August 16th, 2018) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -* Dropped support for Python 3.3. (#328) - -**Features** - -None - -**Bug fixes** - -* Handle ambiguous ampersands in correctly. (#359) - - -Version 2.1.3 (March 5th, 2018) -------------------------------- - -**Security fixes** - -* Attributes that have URI values weren't properly sanitized if the - values contained character entities. Using character entities, it - was possible to construct a URI value with a scheme that was not - allowed that would slide through unsanitized. - - This security issue was introduced in Bleach 2.1. Anyone using - Bleach 2.1 is highly encouraged to upgrade. - - https://bugzilla.mozilla.org/show_bug.cgi?id=1442745 - -**Backwards incompatible changes** - -None - -**Features** - -None - -**Bug fixes** - -* Fixed some other edge cases for attribute URI value sanitizing and - improved testing of this code. - - -Version 2.1.2 (December 7th, 2017) ----------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -None - -**Bug fixes** - -* Support html5lib-python 1.0.1. (#337) - -* Add deprecation warning for supporting html5lib-python < 1.0. - -* Switch to semver. - - -Version 2.1.1 (October 2nd, 2017) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -None - -**Bug fixes** - -* Fix ``setup.py`` opening files when ``LANG=``. (#324) - - -Version 2.1 (September 28th, 2017) ----------------------------------- - -**Security fixes** - -* Convert control characters (backspace particularly) to "?" preventing - malicious copy-and-paste situations. (#298) - - See ``_ for more details. - - This affects all previous versions of Bleach. Check the comments on that - issue for ways to alleviate the issue if you can't upgrade to Bleach 2.1. - - -**Backwards incompatible changes** - -* Redid versioning. ``bleach.VERSION`` is no longer available. Use the string - version at ``bleach.__version__`` and parse it with - ``pkg_resources.parse_version``. (#307) - -* clean, linkify: linkify and clean should only accept text types; thank you, - Janusz! (#292) - -* clean, linkify: accept only unicode or utf-8-encoded str (#176) - - -**Features** - - -**Bug fixes** - -* ``bleach.clean()`` no longer unescapes entities including ones that are missing - a ``;`` at the end which can happen in urls and other places. (#143) - -* linkify: fix http links inside of mailto links; thank you, sedrubal! (#300) - -* clarify security policy in docs (#303) - -* fix dependency specification for html5lib 1.0b8, 1.0b9, and 1.0b10; thank you, - Zoltán! (#268) - -* add Bleach vs. html5lib comparison to README; thank you, Stu Cox! (#278) - -* fix KeyError exceptions on tags without href attr; thank you, Alex Defsen! - (#273) - -* add test website and scripts to test ``bleach.clean()`` output in browser; - thank you, Greg Guthe! - - -Version 2.0 (March 8th, 2017) ------------------------------ - -**Security fixes** - -* None - - -**Backwards incompatible changes** - -* Removed support for Python 2.6. #206 - -* Removed support for Python 3.2. #224 - -* Bleach no longer supports html5lib < 0.99999999 (8 9s). - - This version is a rewrite to use the new sanitizing API since the old - one was dropped in html5lib 0.99999999 (8 9s). - - If you're using 0.9999999 (7 9s) upgrade to 0.99999999 (8 9s) or higher. - - If you're using 1.0b8 (equivalent to 0.9999999 (7 9s)), upgrade to 1.0b9 - (equivalent to 0.99999999 (8 9s)) or higher. - -* ``bleach.clean`` and friends were rewritten - - ``clean`` was reimplemented as an html5lib filter and happens at a different - step in the HTML parsing -> traversing -> serializing process. Because of - that, there are some differences in clean's output as compared with previous - versions. - - Amongst other things, this version will add end tags even if the tag in - question is to be escaped. - -* ``bleach.clean`` and friends attribute callables now take three arguments: - tag, attribute name and attribute value. Previously they only took attribute - name and attribute value. - - All attribute callables will need to be updated. - -* ``bleach.linkify`` was rewritten - - ``linkify`` was reimplemented as an html5lib Filter. As such, it no longer - accepts a ``tokenizer`` argument. - - The callback functions for adjusting link attributes now takes a namespaced - attribute. - - Previously you'd do something like this:: - - def check_protocol(attrs, is_new): - if not attrs.get('href', '').startswith('http:', 'https:')): - return None - return attrs - - Now it's more like this:: - - def check_protocol(attrs, is_new): - if not attrs.get((None, u'href'), u'').startswith(('http:', 'https:')): - # ^^^^^^^^^^^^^^^ - return None - return attrs - - Further, you need to make sure you're always using unicode values. If you - don't then html5lib will raise an assertion error that the value is not - unicode. - - All linkify filters will need to be updated. - -* ``bleach.linkify`` and friends had a ``skip_pre`` argument--that's been - replaced with a more general ``skip_tags`` argument. - - Before, you might do:: - - bleach.linkify(some_text, skip_pre=True) - - The equivalent with Bleach 2.0 is:: - - bleach.linkify(some_text, skip_tags=['pre']) - - You can skip other tags, too, like ``style`` or ``script`` or other places - where you don't want linkification happening. - - All uses of linkify that use ``skip_pre`` will need to be updated. - - -**Changes** - -* Supports Python 3.6. - -* Supports html5lib >= 0.99999999 (8 9s). - -* There's a ``bleach.sanitizer.Cleaner`` class that you can instantiate with your - favorite clean settings for easy reuse. - -* There's a ``bleach.linkifier.Linker`` class that you can instantiate with your - favorite linkify settings for easy reuse. - -* There's a ``bleach.linkifier.LinkifyFilter`` which is an htm5lib filter that - you can pass as a filter to ``bleach.sanitizer.Cleaner`` allowing you to clean - and linkify in one pass. - -* ``bleach.clean`` and friends can now take a callable as an attributes arg value. - -* Tons of bug fixes. - -* Cleaned up tests. - -* Documentation fixes. - - -Version 1.5 (November 4th, 2016) --------------------------------- - -**Security fixes** - -* None - -**Backwards incompatible changes** - -* clean: The list of ``ALLOWED_PROTOCOLS`` now defaults to http, https and - mailto. - - Previously it was a long list of protocols something like ed2k, ftp, http, - https, irc, mailto, news, gopher, nntp, telnet, webcal, xmpp, callto, feed, - urn, aim, rsync, tag, ssh, sftp, rtsp, afs, data. #149 - -**Changes** - -* clean: Added ``protocols`` to arguments list to let you override the list of - allowed protocols. Thank you, Andreas Malecki! #149 - -* linkify: Fix a bug involving periods at the end of an email address. Thank you, - Lorenz Schori! #219 - -* linkify: Fix linkification of non-ascii ports. Thank you Alexandre, Macabies! - #207 - -* linkify: Fix linkify inappropriately removing node tails when dropping nodes. - #132 - -* Fixed a test that failed periodically. #161 - -* Switched from nose to py.test. #204 - -* Add test matrix for all supported Python and html5lib versions. #230 - -* Limit to html5lib ``>=0.999,!=0.9999,!=0.99999,<0.99999999`` because 0.9999 - and 0.99999 are busted. - -* Add support for ``python setup.py test``. #97 - - -Version 1.4.3 (May 23rd, 2016) ------------------------------- - -**Security fixes** - -* None - -**Changes** - -* Limit to html5lib ``>=0.999,<0.99999999`` because of impending change to - sanitizer api. #195 - - -Version 1.4.2 (September 11, 2015) ----------------------------------- - -**Changes** - -* linkify: Fix hang in linkify with ``parse_email=True``. #124 - -* linkify: Fix crash in linkify when removing a link that is a first-child. #136 - -* Updated TLDs. - -* linkify: Don't remove exterior brackets when linkifying. #146 - - -Version 1.4.1 (December 15, 2014) ---------------------------------- - -**Changes** - -* Consistent order of attributes in output. - -* Python 3.4 support. - - -Version 1.4 (January 12, 2014) ------------------------------- - -**Changes** - -* linkify: Update linkify to use etree type Treewalker instead of simpletree. - -* Updated html5lib to version ``>=0.999``. - -* Update all code to be compatible with Python 3 and 2 using six. - -* Switch to Apache License. - - -Version 1.3 ------------ - -* Used by Python 3-only fork. - - -Version 1.2.2 (May 18, 2013) ----------------------------- - -* Pin html5lib to version 0.95 for now due to major API break. - - -Version 1.2.1 (February 19, 2013) ---------------------------------- - -* ``clean()`` no longer considers ``feed:`` an acceptable protocol due to - inconsistencies in browser behavior. - - -Version 1.2 (January 28, 2013) ------------------------------- - -* ``linkify()`` has changed considerably. Many keyword arguments have been - replaced with a single callbacks list. Please see the documentation for more - information. - -* Bleach will no longer consider unacceptable protocols when linkifying. - -* ``linkify()`` now takes a tokenizer argument that allows it to skip - sanitization. - -* ``delinkify()`` is gone. - -* Removed exception handling from ``_render``. ``clean()`` and ``linkify()`` may - now throw. - -* ``linkify()`` correctly ignores case for protocols and domain names. - -* ``linkify()`` correctly handles markup within an tag. - - -Version 1.1.5 -------------- - - -Version 1.1.4 -------------- - - -Version 1.1.3 (July 10, 2012) ------------------------------ - -* Fix parsing bare URLs when parse_email=True. - - -Version 1.1.2 (June 1, 2012) ----------------------------- - -* Fix hang in style attribute sanitizer. (#61) - -* Allow ``/`` in style attribute values. - - -Version 1.1.1 (February 17, 2012) ---------------------------------- - -* Fix tokenizer for html5lib 0.9.5. - - -Version 1.1.0 (October 24, 2011) --------------------------------- - -* ``linkify()`` now understands port numbers. (#38) - -* Documented character encoding behavior. (#41) - -* Add an optional target argument to ``linkify()``. - -* Add ``delinkify()`` method. (#45) - -* Support subdomain whitelist for ``delinkify()``. (#47, #48) - - -Version 1.0.4 (September 2, 2011) ---------------------------------- - -* Switch to SemVer git tags. - -* Make ``linkify()`` smarter about trailing punctuation. (#30) - -* Pass ``exc_info`` to logger during rendering issues. - -* Add wildcard key for attributes. (#19) - -* Make ``linkify()`` use the ``HTMLSanitizer`` tokenizer. (#36) - -* Fix URLs wrapped in parentheses. (#23) - -* Make ``linkify()`` UTF-8 safe. (#33) - - -Version 1.0.3 (June 14, 2011) ------------------------------ - -* ``linkify()`` works with 3rd level domains. (#24) - -* ``clean()`` supports vendor prefixes in style values. (#31, #32) - -* Fix ``linkify()`` email escaping. - - -Version 1.0.2 (June 6, 2011) ----------------------------- - -* ``linkify()`` supports email addresses. - -* ``clean()`` supports callables in attributes filter. - - -Version 1.0.1 (April 12, 2011) ------------------------------- - -* ``linkify()`` doesn't drop trailing slashes. (#21) -* ``linkify()`` won't linkify 'libgl.so.1'. (#22) - - diff --git a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/PKG-INFO b/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/PKG-INFO deleted file mode 100644 index 3dc103e..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/PKG-INFO +++ /dev/null @@ -1,747 +0,0 @@ -Metadata-Version: 2.0 -Name: bleach -Version: 3.1.0 -Summary: An easy safelist-based HTML-sanitizing tool. -Home-page: https://github.com/mozilla/bleach -Author: Will Kahn-Greene -Author-email: willkg@mozilla.com -License: Apache Software License -Description-Content-Type: UNKNOWN -Platform: UNKNOWN -Classifier: Development Status :: 5 - Production/Stable -Classifier: Environment :: Web Environment -Classifier: Intended Audience :: Developers -Classifier: License :: OSI Approved :: Apache Software License -Classifier: Operating System :: OS Independent -Classifier: Programming Language :: Python -Classifier: Programming Language :: Python :: 2 -Classifier: Programming Language :: Python :: 2.7 -Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.4 -Classifier: Programming Language :: Python :: 3.5 -Classifier: Programming Language :: Python :: 3.6 -Classifier: Programming Language :: Python :: 3.7 -Classifier: Programming Language :: Python :: Implementation :: CPython -Classifier: Programming Language :: Python :: Implementation :: PyPy -Classifier: Topic :: Software Development :: Libraries :: Python Modules -Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.* -Requires-Dist: six (>=1.9.0) -Requires-Dist: webencodings - -====== -Bleach -====== - -.. image:: https://travis-ci.org/mozilla/bleach.svg?branch=master - :target: https://travis-ci.org/mozilla/bleach - -.. image:: https://badge.fury.io/py/bleach.svg - :target: http://badge.fury.io/py/bleach - -Bleach is an allowed-list-based HTML sanitizing library that escapes or strips -markup and attributes. - -Bleach can also linkify text safely, applying filters that Django's ``urlize`` -filter cannot, and optionally setting ``rel`` attributes, even on links already -in the text. - -Bleach is intended for sanitizing text from *untrusted* sources. If you find -yourself jumping through hoops to allow your site administrators to do lots of -things, you're probably outside the use cases. Either trust those users, or -don't. - -Because it relies on html5lib_, Bleach is as good as modern browsers at dealing -with weird, quirky HTML fragments. And *any* of Bleach's methods will fix -unbalanced or mis-nested tags. - -The version on GitHub_ is the most up-to-date and contains the latest bug -fixes. You can find full documentation on `ReadTheDocs`_. - -:Code: https://github.com/mozilla/bleach -:Documentation: https://bleach.readthedocs.io/ -:Issue tracker: https://github.com/mozilla/bleach/issues -:IRC: ``#bleach`` on irc.mozilla.org -:License: Apache License v2; see LICENSE file - - -Reporting Bugs -============== - -For regular bugs, please report them `in our issue tracker -`_. - -If you believe that you've found a security vulnerability, please `file a secure -bug report in our bug tracker -`_ -or send an email to *security AT mozilla DOT org*. - -For more information on security-related bug disclosure and the PGP key to use -for sending encrypted mail or to verify responses received from that address, -please read our wiki page at -``_. - - -Security -======== - -Bleach is a security-focused library. - -We have a responsible security vulnerability reporting process. Please use -that if you're reporting a security issue. - -Security issues are fixed in private. After we land such a fix, we'll do a -release. - -For every release, we mark security issues we've fixed in the ``CHANGES`` in -the **Security issues** section. We include any relevant CVE links. - - -Installing Bleach -================= - -Bleach is available on PyPI_, so you can install it with ``pip``:: - - $ pip install bleach - - -Upgrading Bleach -================ - -.. warning:: - - Before doing any upgrades, read through `Bleach Changes - `_ for backwards - incompatible changes, newer versions, etc. - - -Basic use -========= - -The simplest way to use Bleach is: - -.. code-block:: python - - >>> import bleach - - >>> bleach.clean('an example') - u'an <script>evil()</script> example' - - >>> bleach.linkify('an http://example.com url') - u'an http://example.com url - - -Code of conduct -=============== - -This project and repository is governed by Mozilla's code of conduct and -etiquette guidelines. For more details please see the `Mozilla Community -Participation Guidelines -`_ and -`Developer Etiquette Guidelines -`_. - - -.. _html5lib: https://github.com/html5lib/html5lib-python -.. _GitHub: https://github.com/mozilla/bleach -.. _ReadTheDocs: https://bleach.readthedocs.io/ -.. _PyPI: http://pypi.python.org/pypi/bleach - - -Bleach changes -============== - -Version 3.1.0 (January 9th, 2019) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -* Add ``recognized_tags`` argument to the linkify ``Linker`` class. This - fixes issues when linkifying on its own and having some tags get escaped. - It defaults to a list of HTML5 tags. Thank you, Chad Birch! (#409) - -**Bug fixes** - -* Add ``six>=1.9`` to requirements. Thank you, Dave Shawley (#416) - -* Fix cases where attribute names could have invalid characters in them. - (#419) - -* Fix problems with ``LinkifyFilter`` not being able to match links - across ``&``. (#422) - -* Fix ``InputStreamWithMemory`` when the ``BleachHTMLParser`` is - parsing ``meta`` tags. (#431) - -* Fix doctests. (#357) - - -Version 3.0.2 (October 11th, 2018) ----------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -None - -**Bug fixes** - -* Merge ``Characters`` tokens after sanitizing them. This fixes issues in the - ``LinkifyFilter`` where it was only linkifying parts of urls. (#374) - - -Version 3.0.1 (October 9th, 2018) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -* Support Python 3.7. It supported Python 3.7 just fine, but we added 3.7 to - the list of Python environments we test so this is now officially supported. - (#377) - -**Bug fixes** - -* Fix ``list`` object has no attribute ``lower`` in ``clean``. (#398) -* Fix ``abbr`` getting escaped in ``linkify``. (#400) - - -Version 3.0.0 (October 3rd, 2018) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -* A bunch of functions were moved from one module to another. - - These were moved from ``bleach.sanitizer`` to ``bleach.html5lib_shim``: - - * ``convert_entity`` - * ``convert_entities`` - * ``match_entity`` - * ``next_possible_entity`` - * ``BleachHTMLSerializer`` - * ``BleachHTMLTokenizer`` - * ``BleachHTMLParser`` - - These functions and classes weren't documented and aren't part of the - public API, but people read code and might be using them so we're - considering it an incompatible API change. - - If you're using them, you'll need to update your code. - -**Features** - -* Bleach no longer depends on html5lib. html5lib==1.0.1 is now vendored into - Bleach. You can remove it from your requirements file if none of your other - requirements require html5lib. - - This means Bleach will now work fine with other libraries that depend on - html5lib regardless of what version of html5lib they require. (#386) - -**Bug fixes** - -* Fixed tags getting added when using clean or linkify. This was a - long-standing regression from the Bleach 2.0 rewrite. (#280, #392) - -* Fixed ```` getting replaced with a string. Now it gets escaped or - stripped depending on whether it's in the allowed tags or not. (#279) - - -Version 2.1.4 (August 16th, 2018) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -* Dropped support for Python 3.3. (#328) - -**Features** - -None - -**Bug fixes** - -* Handle ambiguous ampersands in correctly. (#359) - - -Version 2.1.3 (March 5th, 2018) -------------------------------- - -**Security fixes** - -* Attributes that have URI values weren't properly sanitized if the - values contained character entities. Using character entities, it - was possible to construct a URI value with a scheme that was not - allowed that would slide through unsanitized. - - This security issue was introduced in Bleach 2.1. Anyone using - Bleach 2.1 is highly encouraged to upgrade. - - https://bugzilla.mozilla.org/show_bug.cgi?id=1442745 - -**Backwards incompatible changes** - -None - -**Features** - -None - -**Bug fixes** - -* Fixed some other edge cases for attribute URI value sanitizing and - improved testing of this code. - - -Version 2.1.2 (December 7th, 2017) ----------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -None - -**Bug fixes** - -* Support html5lib-python 1.0.1. (#337) - -* Add deprecation warning for supporting html5lib-python < 1.0. - -* Switch to semver. - - -Version 2.1.1 (October 2nd, 2017) ---------------------------------- - -**Security fixes** - -None - -**Backwards incompatible changes** - -None - -**Features** - -None - -**Bug fixes** - -* Fix ``setup.py`` opening files when ``LANG=``. (#324) - - -Version 2.1 (September 28th, 2017) ----------------------------------- - -**Security fixes** - -* Convert control characters (backspace particularly) to "?" preventing - malicious copy-and-paste situations. (#298) - - See ``_ for more details. - - This affects all previous versions of Bleach. Check the comments on that - issue for ways to alleviate the issue if you can't upgrade to Bleach 2.1. - - -**Backwards incompatible changes** - -* Redid versioning. ``bleach.VERSION`` is no longer available. Use the string - version at ``bleach.__version__`` and parse it with - ``pkg_resources.parse_version``. (#307) - -* clean, linkify: linkify and clean should only accept text types; thank you, - Janusz! (#292) - -* clean, linkify: accept only unicode or utf-8-encoded str (#176) - - -**Features** - - -**Bug fixes** - -* ``bleach.clean()`` no longer unescapes entities including ones that are missing - a ``;`` at the end which can happen in urls and other places. (#143) - -* linkify: fix http links inside of mailto links; thank you, sedrubal! (#300) - -* clarify security policy in docs (#303) - -* fix dependency specification for html5lib 1.0b8, 1.0b9, and 1.0b10; thank you, - Zoltán! (#268) - -* add Bleach vs. html5lib comparison to README; thank you, Stu Cox! (#278) - -* fix KeyError exceptions on tags without href attr; thank you, Alex Defsen! - (#273) - -* add test website and scripts to test ``bleach.clean()`` output in browser; - thank you, Greg Guthe! - - -Version 2.0 (March 8th, 2017) ------------------------------ - -**Security fixes** - -* None - - -**Backwards incompatible changes** - -* Removed support for Python 2.6. #206 - -* Removed support for Python 3.2. #224 - -* Bleach no longer supports html5lib < 0.99999999 (8 9s). - - This version is a rewrite to use the new sanitizing API since the old - one was dropped in html5lib 0.99999999 (8 9s). - - If you're using 0.9999999 (7 9s) upgrade to 0.99999999 (8 9s) or higher. - - If you're using 1.0b8 (equivalent to 0.9999999 (7 9s)), upgrade to 1.0b9 - (equivalent to 0.99999999 (8 9s)) or higher. - -* ``bleach.clean`` and friends were rewritten - - ``clean`` was reimplemented as an html5lib filter and happens at a different - step in the HTML parsing -> traversing -> serializing process. Because of - that, there are some differences in clean's output as compared with previous - versions. - - Amongst other things, this version will add end tags even if the tag in - question is to be escaped. - -* ``bleach.clean`` and friends attribute callables now take three arguments: - tag, attribute name and attribute value. Previously they only took attribute - name and attribute value. - - All attribute callables will need to be updated. - -* ``bleach.linkify`` was rewritten - - ``linkify`` was reimplemented as an html5lib Filter. As such, it no longer - accepts a ``tokenizer`` argument. - - The callback functions for adjusting link attributes now takes a namespaced - attribute. - - Previously you'd do something like this:: - - def check_protocol(attrs, is_new): - if not attrs.get('href', '').startswith('http:', 'https:')): - return None - return attrs - - Now it's more like this:: - - def check_protocol(attrs, is_new): - if not attrs.get((None, u'href'), u'').startswith(('http:', 'https:')): - # ^^^^^^^^^^^^^^^ - return None - return attrs - - Further, you need to make sure you're always using unicode values. If you - don't then html5lib will raise an assertion error that the value is not - unicode. - - All linkify filters will need to be updated. - -* ``bleach.linkify`` and friends had a ``skip_pre`` argument--that's been - replaced with a more general ``skip_tags`` argument. - - Before, you might do:: - - bleach.linkify(some_text, skip_pre=True) - - The equivalent with Bleach 2.0 is:: - - bleach.linkify(some_text, skip_tags=['pre']) - - You can skip other tags, too, like ``style`` or ``script`` or other places - where you don't want linkification happening. - - All uses of linkify that use ``skip_pre`` will need to be updated. - - -**Changes** - -* Supports Python 3.6. - -* Supports html5lib >= 0.99999999 (8 9s). - -* There's a ``bleach.sanitizer.Cleaner`` class that you can instantiate with your - favorite clean settings for easy reuse. - -* There's a ``bleach.linkifier.Linker`` class that you can instantiate with your - favorite linkify settings for easy reuse. - -* There's a ``bleach.linkifier.LinkifyFilter`` which is an htm5lib filter that - you can pass as a filter to ``bleach.sanitizer.Cleaner`` allowing you to clean - and linkify in one pass. - -* ``bleach.clean`` and friends can now take a callable as an attributes arg value. - -* Tons of bug fixes. - -* Cleaned up tests. - -* Documentation fixes. - - -Version 1.5 (November 4th, 2016) --------------------------------- - -**Security fixes** - -* None - -**Backwards incompatible changes** - -* clean: The list of ``ALLOWED_PROTOCOLS`` now defaults to http, https and - mailto. - - Previously it was a long list of protocols something like ed2k, ftp, http, - https, irc, mailto, news, gopher, nntp, telnet, webcal, xmpp, callto, feed, - urn, aim, rsync, tag, ssh, sftp, rtsp, afs, data. #149 - -**Changes** - -* clean: Added ``protocols`` to arguments list to let you override the list of - allowed protocols. Thank you, Andreas Malecki! #149 - -* linkify: Fix a bug involving periods at the end of an email address. Thank you, - Lorenz Schori! #219 - -* linkify: Fix linkification of non-ascii ports. Thank you Alexandre, Macabies! - #207 - -* linkify: Fix linkify inappropriately removing node tails when dropping nodes. - #132 - -* Fixed a test that failed periodically. #161 - -* Switched from nose to py.test. #204 - -* Add test matrix for all supported Python and html5lib versions. #230 - -* Limit to html5lib ``>=0.999,!=0.9999,!=0.99999,<0.99999999`` because 0.9999 - and 0.99999 are busted. - -* Add support for ``python setup.py test``. #97 - - -Version 1.4.3 (May 23rd, 2016) ------------------------------- - -**Security fixes** - -* None - -**Changes** - -* Limit to html5lib ``>=0.999,<0.99999999`` because of impending change to - sanitizer api. #195 - - -Version 1.4.2 (September 11, 2015) ----------------------------------- - -**Changes** - -* linkify: Fix hang in linkify with ``parse_email=True``. #124 - -* linkify: Fix crash in linkify when removing a link that is a first-child. #136 - -* Updated TLDs. - -* linkify: Don't remove exterior brackets when linkifying. #146 - - -Version 1.4.1 (December 15, 2014) ---------------------------------- - -**Changes** - -* Consistent order of attributes in output. - -* Python 3.4 support. - - -Version 1.4 (January 12, 2014) ------------------------------- - -**Changes** - -* linkify: Update linkify to use etree type Treewalker instead of simpletree. - -* Updated html5lib to version ``>=0.999``. - -* Update all code to be compatible with Python 3 and 2 using six. - -* Switch to Apache License. - - -Version 1.3 ------------ - -* Used by Python 3-only fork. - - -Version 1.2.2 (May 18, 2013) ----------------------------- - -* Pin html5lib to version 0.95 for now due to major API break. - - -Version 1.2.1 (February 19, 2013) ---------------------------------- - -* ``clean()`` no longer considers ``feed:`` an acceptable protocol due to - inconsistencies in browser behavior. - - -Version 1.2 (January 28, 2013) ------------------------------- - -* ``linkify()`` has changed considerably. Many keyword arguments have been - replaced with a single callbacks list. Please see the documentation for more - information. - -* Bleach will no longer consider unacceptable protocols when linkifying. - -* ``linkify()`` now takes a tokenizer argument that allows it to skip - sanitization. - -* ``delinkify()`` is gone. - -* Removed exception handling from ``_render``. ``clean()`` and ``linkify()`` may - now throw. - -* ``linkify()`` correctly ignores case for protocols and domain names. - -* ``linkify()`` correctly handles markup within an tag. - - -Version 1.1.5 -------------- - - -Version 1.1.4 -------------- - - -Version 1.1.3 (July 10, 2012) ------------------------------ - -* Fix parsing bare URLs when parse_email=True. - - -Version 1.1.2 (June 1, 2012) ----------------------------- - -* Fix hang in style attribute sanitizer. (#61) - -* Allow ``/`` in style attribute values. - - -Version 1.1.1 (February 17, 2012) ---------------------------------- - -* Fix tokenizer for html5lib 0.9.5. - - -Version 1.1.0 (October 24, 2011) --------------------------------- - -* ``linkify()`` now understands port numbers. (#38) - -* Documented character encoding behavior. (#41) - -* Add an optional target argument to ``linkify()``. - -* Add ``delinkify()`` method. (#45) - -* Support subdomain whitelist for ``delinkify()``. (#47, #48) - - -Version 1.0.4 (September 2, 2011) ---------------------------------- - -* Switch to SemVer git tags. - -* Make ``linkify()`` smarter about trailing punctuation. (#30) - -* Pass ``exc_info`` to logger during rendering issues. - -* Add wildcard key for attributes. (#19) - -* Make ``linkify()`` use the ``HTMLSanitizer`` tokenizer. (#36) - -* Fix URLs wrapped in parentheses. (#23) - -* Make ``linkify()`` UTF-8 safe. (#33) - - -Version 1.0.3 (June 14, 2011) ------------------------------ - -* ``linkify()`` works with 3rd level domains. (#24) - -* ``clean()`` supports vendor prefixes in style values. (#31, #32) - -* Fix ``linkify()`` email escaping. - - -Version 1.0.2 (June 6, 2011) ----------------------------- - -* ``linkify()`` supports email addresses. - -* ``clean()`` supports callables in attributes filter. - - -Version 1.0.1 (April 12, 2011) ------------------------------- - -* ``linkify()`` doesn't drop trailing slashes. (#21) -* ``linkify()`` won't linkify 'libgl.so.1'. (#22) - - diff --git a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/RECORD b/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/RECORD deleted file mode 100644 index 0b7b34a..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/RECORD +++ /dev/null @@ -1,58 +0,0 @@ -bleach/__init__.py,sha256=xqjsAZ1mu74blG1cXJmqmrLOUUvKtHDP9p4tp4b6UNo,3775 -bleach/callbacks.py,sha256=SRPRKUioBvShXqHUi1zE2Qdvm60wciab5i5lnu3cnng,804 -bleach/html5lib_shim.py,sha256=AiWMOgkE8VO7MaTNnT7eCDLopLLlN25A02xPOfRC45w,17929 -bleach/linkifier.py,sha256=-VgnMsvtyXOgf35JXP9EI7mgpWtzbGUuSrbBABfzuas,19596 -bleach/sanitizer.py,sha256=bG85erYo9DHNMVe8mS33weChAwm3VdOW8jMn1KfkSuQ,20882 -bleach/utils.py,sha256=xehkBK0bogKXZ26LFFT6zeAJo0sZ4TZKQGZq7SBAFUI,1115 -bleach/_vendor/README.rst,sha256=bQJ4-KbxFcntTIrbmbmJSkTwNoLv2HqkWK_OE8WArHs,1257 -bleach/_vendor/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 -bleach/_vendor/pip_install_vendor.sh,sha256=ZrS4exm9McHoXsmpgOFHP9li6KVCN5aBeEq7G64CODY,90 -bleach/_vendor/vendor.txt,sha256=jvInrceXXdsUKKFJg9qSQTjsJOK_X3s10AVKA_hlplk,186 -bleach/_vendor/html5lib/__init__.py,sha256=q1D20NqqzRVgmTHW2xiVtaQT2eKna-iit3tL62Yn5OI,1145 -bleach/_vendor/html5lib/_ihatexml.py,sha256=3LBtJMlzgwM8vpQiU1TvGmEEmNH72sV0yD8yS53y07A,16705 -bleach/_vendor/html5lib/_inputstream.py,sha256=WtC-hb3nS7Du6XvdL9JACOQgD5ydPKb7f9z0q4OIvRM,32499 -bleach/_vendor/html5lib/_tokenizer.py,sha256=JFZ4kiYfas1f62q2bdXH8Ch5DtXAWEZg0KYkRF4boRQ,76568 -bleach/_vendor/html5lib/_utils.py,sha256=UHC4fXEZRJ0YM44Z4DeLem66auCjb08vSPcN6Y714Iw,4003 -bleach/_vendor/html5lib/constants.py,sha256=4lmZWLtEPRLnl8NzftOoYTJdo6jpeMtP6dqQC0g_bWQ,83518 -bleach/_vendor/html5lib/html5parser.py,sha256=eeMsctZUonbJZPegB_CElFye2lGufMcMsxQxsJtf7Mg,118951 -bleach/_vendor/html5lib/serializer.py,sha256=cmZQjjaXThEe2_6yzDqeb3yXS_hUggv0cCa2VBD9e2Y,15746 -bleach/_vendor/html5lib/_trie/__init__.py,sha256=8VR1bcgD2OpeS2XExpu5yBhP_Q1K-lwKbBKICBPf1kU,289 -bleach/_vendor/html5lib/_trie/_base.py,sha256=uJHVhzif9S0MJXgy9F98iEev5evi_rgUk5BmEbUSp8c,930 -bleach/_vendor/html5lib/_trie/datrie.py,sha256=rGMj61020CBiR97e4kyMyqn_FSIJzgDcYT2uj7PZkoo,1166 -bleach/_vendor/html5lib/_trie/py.py,sha256=zg7RZSHxJ8mLmuI_7VEIV8AomISrgkvqCP477AgXaG0,1763 -bleach/_vendor/html5lib/filters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 -bleach/_vendor/html5lib/filters/alphabeticalattributes.py,sha256=lViZc2JMCclXi_5gduvmdzrRxtO5Xo9ONnbHBVCsykU,919 -bleach/_vendor/html5lib/filters/base.py,sha256=z-IU9ZAYjpsVsqmVt7kuWC63jR11hDMr6CVrvuao8W0,286 -bleach/_vendor/html5lib/filters/inject_meta_charset.py,sha256=egDXUEHXmAG9504xz0K6ALDgYkvUrC2q15YUVeNlVQg,2945 -bleach/_vendor/html5lib/filters/lint.py,sha256=upXATs6By7cot7o0bnNqR15sPq2Fn6Vnjvoy3gyO_rY,3631 -bleach/_vendor/html5lib/filters/optionaltags.py,sha256=8lWT75J0aBOHmPgfmqTHSfPpPMp01T84NKu0CRedxcE,10588 -bleach/_vendor/html5lib/filters/sanitizer.py,sha256=V6_cpCq9EXgXkL1CblWEUxSgHy466Hy8k0453x8PSs8,26236 -bleach/_vendor/html5lib/filters/whitespace.py,sha256=8eWqZxd4UC4zlFGW6iyY6f-2uuT8pOCSALc3IZt7_t4,1214 -bleach/_vendor/html5lib/treeadapters/__init__.py,sha256=18hyI-at2aBsdKzpwRwa5lGF1ipgctaTYXoU9En2ZQg,650 -bleach/_vendor/html5lib/treeadapters/genshi.py,sha256=CH27pAsDKmu4ZGkAUrwty7u0KauGLCZRLPMzaO3M5vo,1715 -bleach/_vendor/html5lib/treeadapters/sax.py,sha256=BKS8woQTnKiqeffHsxChUqL4q2ZR_wb5fc9MJ3zQC8s,1776 -bleach/_vendor/html5lib/treebuilders/__init__.py,sha256=AysSJyvPfikCMMsTVvaxwkgDieELD5dfR8FJIAuq7hY,3592 -bleach/_vendor/html5lib/treebuilders/base.py,sha256=JEFLxUEsluRl7vY-6cnAk44HxgCAkaj4GpEOBpg8tao,14567 -bleach/_vendor/html5lib/treebuilders/dom.py,sha256=SY3MsijXyzdNPc8aK5IQsupBoM8J67y56DgNtGvsb9g,8835 -bleach/_vendor/html5lib/treebuilders/etree.py,sha256=R0zaNrdtPel3XHV8PUVcQzVnMuiOm_8fpZof7tU7ips,12752 -bleach/_vendor/html5lib/treebuilders/etree_lxml.py,sha256=9V0dXxbJYYq-Skgb5-_OL2NkVYpjioEb4CHajo0e9yI,14122 -bleach/_vendor/html5lib/treewalkers/__init__.py,sha256=yhXxHpjlSqfQyUag3v8-vWjMPriFBU8YRAPNpDgBTn8,5714 -bleach/_vendor/html5lib/treewalkers/base.py,sha256=ouiOsuSzvI0KgzdWP8PlxIaSNs9falhbiinAEc_UIJY,7476 -bleach/_vendor/html5lib/treewalkers/dom.py,sha256=EHyFR8D8lYNnyDU9lx_IKigVJRyecUGua0mOi7HBukc,1413 -bleach/_vendor/html5lib/treewalkers/etree.py,sha256=gRzfuNnWg6r-fvtXRp4xPVTC1CHPowcn8Dc4-WcDoOg,4538 -bleach/_vendor/html5lib/treewalkers/etree_lxml.py,sha256=AR07dDrdkDqrQT4yNK_5WeGiZMHfOrM3ZmmII6YrSgs,6297 -bleach/_vendor/html5lib/treewalkers/genshi.py,sha256=4D2PECZ5n3ZN3qu3jMl9yY7B81jnQApBQSVlfaIuYbA,2309 -bleach/_vendor/html5lib-1.0.1.dist-info/DESCRIPTION.rst,sha256=1QkiA38mSikkzyQO1kAQXkBUtQSTl-MR63Zd2TMe06s,13763 -bleach/_vendor/html5lib-1.0.1.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4 -bleach/_vendor/html5lib-1.0.1.dist-info/LICENSE.txt,sha256=FqOZkWGekvGGgJMtoqkZn999ld8-yu3FLqBiGKq6_W8,1084 -bleach/_vendor/html5lib-1.0.1.dist-info/METADATA,sha256=ViKKPHTrTam-_oHIB2cxmtg4gKgqdfl4ahDnIWBdyUE,15484 -bleach/_vendor/html5lib-1.0.1.dist-info/RECORD,sha256=YAZeNEUF4uty-pGA7qGcPOGH-OAYnHPQYwzw701RsDk,3600 -bleach/_vendor/html5lib-1.0.1.dist-info/WHEEL,sha256=5wvfB7GvgZAbKBSE9uX9Zbi6LCL-_KgezgHblXhCRnM,113 -bleach/_vendor/html5lib-1.0.1.dist-info/metadata.json,sha256=bbLAvG6pYvgK2EdWNVi1mNa5pu9bI4qLwGm0IvuesFA,1731 -bleach/_vendor/html5lib-1.0.1.dist-info/top_level.txt,sha256=XEX6CHpskSmvjJB4tP6m4Q5NYXhIf_0ceMc0PNbzJPQ,9 -bleach-3.1.0.dist-info/DESCRIPTION.rst,sha256=kRzBdicY7e854IWKLP25lfQc4zNIKEQz0-bx5Vgl4-E,17739 -bleach-3.1.0.dist-info/METADATA,sha256=UgRqKpAwyS108sE5wT2GEKLNk6Eq-ygQ-ZI5L3RxS7c,19004 -bleach-3.1.0.dist-info/RECORD,, -bleach-3.1.0.dist-info/WHEEL,sha256=kdsN-5OJAZIiHN-iO4Rhl82KyS0bDWf4uBwMbkNafr8,110 -bleach-3.1.0.dist-info/metadata.json,sha256=9NTL4IvM7PPOpKyqLM4KYP9JPMBb69qTHqttum1Y7CE,1413 -bleach-3.1.0.dist-info/top_level.txt,sha256=dcv0wKIySB0zMjAEXLwY4V0-3IN9UZQGAT1wDmfQICY,7 diff --git a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/WHEEL b/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/WHEEL deleted file mode 100644 index 7332a41..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/WHEEL +++ /dev/null @@ -1,6 +0,0 @@ -Wheel-Version: 1.0 -Generator: bdist_wheel (0.30.0) -Root-Is-Purelib: true -Tag: py2-none-any -Tag: py3-none-any - diff --git a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/metadata.json b/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/metadata.json deleted file mode 100644 index 1efe047..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"classifiers": ["Development Status :: 5 - Production/Stable", "Environment :: Web Environment", "Intended Audience :: Developers", "License :: OSI Approved :: Apache Software License", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", "Topic :: Software Development :: Libraries :: Python Modules"], "description_content_type": "UNKNOWN", "extensions": {"python.details": {"contacts": [{"email": "willkg@mozilla.com", "name": "Will Kahn-Greene", "role": "author"}], "document_names": {"description": "DESCRIPTION.rst"}, "project_urls": {"Home": "https://github.com/mozilla/bleach"}}}, "extras": [], "generator": "bdist_wheel (0.30.0)", "license": "Apache Software License", "metadata_version": "2.0", "name": "bleach", "requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*", "run_requires": [{"requires": ["six (>=1.9.0)", "webencodings"]}], "summary": "An easy safelist-based HTML-sanitizing tool.", "test_requires": [{"requires": ["pytest (>=3.0.0)"]}], "version": "3.1.0"} \ No newline at end of file diff --git a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/requires.txt b/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/requires.txt deleted file mode 100644 index d9baa6b..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/requires.txt +++ /dev/null @@ -1,2 +0,0 @@ -six>=1.9.0 -webencodings diff --git a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/top_level.txt b/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/top_level.txt deleted file mode 100644 index a02d600..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/EGG-INFO/top_level.txt +++ /dev/null @@ -1 +0,0 @@ -bleach diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__init__.py b/.eggs/bleach-3.1.0-py3.6.egg/bleach/__init__.py deleted file mode 100644 index 9816549..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__init__.py +++ /dev/null @@ -1,131 +0,0 @@ -# -*- coding: utf-8 -*- - -from __future__ import unicode_literals - -from pkg_resources import parse_version - -from bleach.linkifier import ( - DEFAULT_CALLBACKS, - Linker, -) -from bleach.sanitizer import ( - ALLOWED_ATTRIBUTES, - ALLOWED_PROTOCOLS, - ALLOWED_STYLES, - ALLOWED_TAGS, - Cleaner, -) - - -# yyyymmdd -__releasedate__ = '20190109' -# x.y.z or x.y.z.dev0 -- semver -__version__ = '3.1.0' -VERSION = parse_version(__version__) - - -__all__ = ['clean', 'linkify'] - - -def clean(text, tags=ALLOWED_TAGS, attributes=ALLOWED_ATTRIBUTES, - styles=ALLOWED_STYLES, protocols=ALLOWED_PROTOCOLS, strip=False, - strip_comments=True): - """Clean an HTML fragment of malicious content and return it - - This function is a security-focused function whose sole purpose is to - remove malicious content from a string such that it can be displayed as - content in a web page. - - This function is not designed to use to transform content to be used in - non-web-page contexts. - - Example:: - - import bleach - - better_text = bleach.clean(yucky_text) - - - .. Note:: - - If you're cleaning a lot of text and passing the same argument values or - you want more configurability, consider using a - :py:class:`bleach.sanitizer.Cleaner` instance. - - :arg str text: the text to clean - - :arg list tags: allowed list of tags; defaults to - ``bleach.sanitizer.ALLOWED_TAGS`` - - :arg dict attributes: allowed attributes; can be a callable, list or dict; - defaults to ``bleach.sanitizer.ALLOWED_ATTRIBUTES`` - - :arg list styles: allowed list of css styles; defaults to - ``bleach.sanitizer.ALLOWED_STYLES`` - - :arg list protocols: allowed list of protocols for links; defaults - to ``bleach.sanitizer.ALLOWED_PROTOCOLS`` - - :arg bool strip: whether or not to strip disallowed elements - - :arg bool strip_comments: whether or not to strip HTML comments - - :returns: cleaned text as unicode - - """ - cleaner = Cleaner( - tags=tags, - attributes=attributes, - styles=styles, - protocols=protocols, - strip=strip, - strip_comments=strip_comments, - ) - return cleaner.clean(text) - - -def linkify(text, callbacks=DEFAULT_CALLBACKS, skip_tags=None, parse_email=False): - """Convert URL-like strings in an HTML fragment to links - - This function converts strings that look like URLs, domain names and email - addresses in text that may be an HTML fragment to links, while preserving: - - 1. links already in the string - 2. urls found in attributes - 3. email addresses - - linkify does a best-effort approach and tries to recover from bad - situations due to crazy text. - - .. Note:: - - If you're linking a lot of text and passing the same argument values or - you want more configurability, consider using a - :py:class:`bleach.linkifier.Linker` instance. - - .. Note:: - - If you have text that you want to clean and then linkify, consider using - the :py:class:`bleach.linkifier.LinkifyFilter` as a filter in the clean - pass. That way you're not parsing the HTML twice. - - :arg str text: the text to linkify - - :arg list callbacks: list of callbacks to run when adjusting tag attributes; - defaults to ``bleach.linkifier.DEFAULT_CALLBACKS`` - - :arg list skip_tags: list of tags that you don't want to linkify the - contents of; for example, you could set this to ``['pre']`` to skip - linkifying contents of ``pre`` tags - - :arg bool parse_email: whether or not to linkify email addresses - - :returns: linkified text as unicode - - """ - linker = Linker( - callbacks=callbacks, - skip_tags=skip_tags, - parse_email=parse_email - ) - return linker.linkify(text) diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/__init__.cpython-36.pyc b/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/__init__.cpython-36.pyc deleted file mode 100644 index cb8ffbd..0000000 Binary files a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/__init__.cpython-36.pyc and /dev/null differ diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/callbacks.cpython-36.pyc b/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/callbacks.cpython-36.pyc deleted file mode 100644 index cc016ab..0000000 Binary files a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/callbacks.cpython-36.pyc and /dev/null differ diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/html5lib_shim.cpython-36.pyc b/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/html5lib_shim.cpython-36.pyc deleted file mode 100644 index 022c530..0000000 Binary files a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/html5lib_shim.cpython-36.pyc and /dev/null differ diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/linkifier.cpython-36.pyc b/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/linkifier.cpython-36.pyc deleted file mode 100644 index 9a3b391..0000000 Binary files a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/linkifier.cpython-36.pyc and /dev/null differ diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/sanitizer.cpython-36.pyc b/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/sanitizer.cpython-36.pyc deleted file mode 100644 index 61f4c6d..0000000 Binary files a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/sanitizer.cpython-36.pyc and /dev/null differ diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/utils.cpython-36.pyc b/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/utils.cpython-36.pyc deleted file mode 100644 index f5b9679..0000000 Binary files a/.eggs/bleach-3.1.0-py3.6.egg/bleach/__pycache__/utils.cpython-36.pyc and /dev/null differ diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/README.rst b/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/README.rst deleted file mode 100644 index a8a42d6..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/README.rst +++ /dev/null @@ -1,37 +0,0 @@ -======================= -Vendored library policy -======================= - -To simplify Bleach development, we're now vendoring certain libraries that -we use. - -Vendored libraries must follow these rules: - -1. Vendored libraries must be pure Python--no compiling. -2. Source code for the libary is included in this directory. -3. License must be included in this repo and in the Bleach distribution. -4. Requirements of the library become requirements of Bleach. -5. No modifications to the library may be made. - - -Adding/Updating a vendored library -================================== - -Way to vendor a library or update a version: - -1. Update ``vendor.txt`` with the library, version, and hash. You can use - `hashin `_. -2. Remove all old files and directories of the old version. -3. Run ``pip_install_vendor.sh`` and check everything it produced in including - the ``.dist-info`` directory and contents. - - -Reviewing a change involving a vendored library -=============================================== - -Way to verify a vendored library addition/update: - -1. Pull down the branch. -2. Delete all the old files and directories of the old version. -3. Run ``pip_install_vendor.sh``. -4. Run ``git diff`` and verify there are no changes. diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/__pycache__/__init__.cpython-36.pyc b/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/__pycache__/__init__.cpython-36.pyc deleted file mode 100644 index 9317ec1..0000000 Binary files a/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/__pycache__/__init__.cpython-36.pyc and /dev/null differ diff --git a/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/html5lib-1.0.1.dist-info/DESCRIPTION.rst b/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/html5lib-1.0.1.dist-info/DESCRIPTION.rst deleted file mode 100644 index c05f8c0..0000000 --- a/.eggs/bleach-3.1.0-py3.6.egg/bleach/_vendor/html5lib-1.0.1.dist-info/DESCRIPTION.rst +++ /dev/null @@ -1,489 +0,0 @@ -html5lib -======== - -.. image:: https://travis-ci.org/html5lib/html5lib-python.png?branch=master - :target: https://travis-ci.org/html5lib/html5lib-python - -html5lib is a pure-python library for parsing HTML. It is designed to -conform to the WHATWG HTML specification, as is implemented by all major -web browsers. - - -Usage ------ - -Simple usage follows this pattern: - -.. code-block:: python - - import html5lib - with open("mydocument.html", "rb") as f: - document = html5lib.parse(f) - -or: - -.. code-block:: python - - import html5lib - document = html5lib.parse("

Hello World!") - -By default, the ``document`` will be an ``xml.etree`` element instance. -Whenever possible, html5lib chooses the accelerated ``ElementTree`` -implementation (i.e. ``xml.etree.cElementTree`` on Python 2.x). - -Two other tree types are supported: ``xml.dom.minidom`` and -``lxml.etree``. To use an alternative format, specify the name of -a treebuilder: - -.. code-block:: python - - import html5lib - with open("mydocument.html", "rb") as f: - lxml_etree_document = html5lib.parse(f, treebuilder="lxml") - -When using with ``urllib2`` (Python 2), the charset from HTTP should be -pass into html5lib as follows: - -.. code-block:: python - - from contextlib import closing - from urllib2 import urlopen - import html5lib - - with closing(urlopen("http://example.com/")) as f: - document = html5lib.parse(f, transport_encoding=f.info().getparam("charset")) - -When using with ``urllib.request`` (Python 3), the charset from HTTP -should be pass into html5lib as follows: - -.. code-block:: python - - from urllib.request import urlopen - import html5lib - - with urlopen("http://example.com/") as f: - document = html5lib.parse(f, transport_encoding=f.info().get_content_charset()) - -To have more control over the parser, create a parser object explicitly. -For instance, to make the parser raise exceptions on parse errors, use: - -.. code-block:: python - - import html5lib - with open("mydocument.html", "rb") as f: - parser = html5lib.HTMLParser(strict=True) - document = parser.parse(f) - -When you're instantiating parser objects explicitly, pass a treebuilder -class as the ``tree`` keyword argument to use an alternative document -format: - -.. code-block:: python - - import html5lib - parser = html5lib.HTMLParser(tree=html5lib.getTreeBuilder("dom")) - minidom_document = parser.parse("

Hello World!") - -More documentation is available at https://html5lib.readthedocs.io/. - - -Installation ------------- - -html5lib works on CPython 2.7+, CPython 3.3+ and PyPy. To install it, -use: - -.. code-block:: bash - - $ pip install html5lib - - -Optional Dependencies ---------------------- - -The following third-party libraries may be used for additional -functionality: - -- ``datrie`` can be used under CPython to improve parsing performance - (though in almost all cases the improvement is marginal); - -- ``lxml`` is supported as a tree format (for both building and - walking) under CPython (but *not* PyPy where it is known to cause - segfaults); - -- ``genshi`` has a treewalker (but not builder); and - -- ``chardet`` can be used as a fallback when character encoding cannot - be determined. - - -Bugs ----- - -Please report any bugs on the `issue tracker -`_. - - -Tests ------ - -Unit tests require the ``pytest`` and ``mock`` libraries and can be -run using the ``py.test`` command in the root directory. - -Test data are contained in a separate `html5lib-tests -`_ repository and included -as a submodule, thus for git checkouts they must be initialized:: - - $ git submodule init - $ git submodule update - -If you have all compatible Python implementations available on your -system, you can run tests on all of them using the ``tox`` utility, -which can be found on PyPI. - - -Questions? ----------- - -There's a mailing list available for support on Google Groups, -`html5lib-discuss `_, -though you may get a quicker response asking on IRC in `#whatwg on -irc.freenode.net `_. - -Change Log ----------- - -1.0.1 -~~~~~ - -Released on December 7, 2017 - -Breaking changes: - -* Drop support for Python 2.6. (#330) (Thank you, Hugo, Will Kahn-Greene!) -* Remove ``utils/spider.py`` (#353) (Thank you, Jon Dufresne!) - -Features: - -* Improve documentation. (#300, #307) (Thank you, Jon Dufresne, Tom Most, - Will Kahn-Greene!) -* Add iframe seamless boolean attribute. (Thank you, Ritwik Gupta!) -* Add itemscope as a boolean attribute. (#194) (Thank you, Jonathan Vanasco!) -* Support Python 3.6. (#333) (Thank you, Jon Dufresne!) -* Add CI support for Windows using AppVeyor. (Thank you, John Vandenberg!) -* Improve testing and CI and add code coverage (#323, #334), (Thank you, Jon - Dufresne, John Vandenberg, Geoffrey Sneddon, Will Kahn-Greene!) -* Semver-compliant version number. - -Bug fixes: - -* Add support for setuptools < 18.5 to support environment markers. (Thank you, - John Vandenberg!) -* Add explicit dependency for six >= 1.9. (Thank you, Eric Amorde!) -* Fix regexes to work with Python 3.7 regex adjustments. (#318, #379) (Thank - you, Benedikt Morbach, Ville Skyttä, Mark Vasilkov!) -* Fix alphabeticalattributes filter namespace bug. (#324) (Thank you, Will - Kahn-Greene!) -* Include license file in generated wheel package. (#350) (Thank you, Jon - Dufresne!) -* Fix annotation-xml typo. (#339) (Thank you, Will Kahn-Greene!) -* Allow uppercase hex chararcters in CSS colour check. (#377) (Thank you, - Komal Dembla, Hugo!) - - -1.0 -~~~ - -Released and unreleased on December 7, 2017. Badly packaged release. - - -0.999999999/1.0b10 -~~~~~~~~~~~~~~~~~~ - -Released on July 15, 2016 - -* Fix attribute order going to the tree builder to be document order - instead of reverse document order(!). - - -0.99999999/1.0b9 -~~~~~~~~~~~~~~~~ - -Released on July 14, 2016 - -* **Added ordereddict as a mandatory dependency on Python 2.6.** - -* Added ``lxml``, ``genshi``, ``datrie``, ``charade``, and ``all`` - extras that will do the right thing based on the specific - interpreter implementation. - -* Now requires the ``mock`` package for the testsuite. - -* Cease supporting DATrie under PyPy. - -* **Remove PullDOM support, as this hasn't ever been properly - tested, doesn't entirely work, and as far as I can tell is - completely unused by anyone.** - -* Move testsuite to ``py.test``. - -* **Fix #124: move to webencodings for decoding the input byte stream; - this makes html5lib compliant with the Encoding Standard, and - introduces a required dependency on webencodings.** - -* **Cease supporting Python 3.2 (in both CPython and PyPy forms).** - -* **Fix comments containing double-dash with lxml 3.5 and above.** - -* **Use scripting disabled by default (as we don't implement - scripting).** - -* **Fix #11, avoiding the XSS bug potentially caused by serializer - allowing attribute values to be escaped out of in old browser versions, - changing the quote_attr_values option on serializer to take one of - three values, "always" (the old True value), "legacy" (the new option, - and the new default), and "spec" (the old False value, and the old - default).** - -* **Fix #72 by rewriting the sanitizer to apply only to treewalkers - (instead of the tokenizer); as such, this will require amending all - callers of it to use it via the treewalker API.** - -* **Drop support of charade, now that chardet is supported once more.** - -* **Replace the charset keyword argument on parse and related methods - with a set of keyword arguments: override_encoding, transport_encoding, - same_origin_parent_encoding, likely_encoding, and default_encoding.** - -* **Move filters._base, treebuilder._base, and treewalkers._base to .base - to clarify their status as public.** - -* **Get rid of the sanitizer package. Merge sanitizer.sanitize into the - sanitizer.htmlsanitizer module and move that to sanitizer. This means - anyone who used sanitizer.sanitize or sanitizer.HTMLSanitizer needs no - code changes.** - -* **Rename treewalkers.lxmletree to .etree_lxml and - treewalkers.genshistream to .genshi to have a consistent API.** - -* Move a whole load of stuff (inputstream, ihatexml, trie, tokenizer, - utils) to be underscore prefixed to clarify their status as private. - - -0.9999999/1.0b8 -~~~~~~~~~~~~~~~ - -Released on September 10, 2015 - -* Fix #195: fix the sanitizer to drop broken URLs (it threw an - exception between 0.9999 and 0.999999). - - -0.999999/1.0b7 -~~~~~~~~~~~~~~ - -Released on July 7, 2015 - -* Fix #189: fix the sanitizer to allow relative URLs again (as it did - prior to 0.9999/1.0b5). - - -0.99999/1.0b6 -~~~~~~~~~~~~~ - -Released on April 30, 2015 - -* Fix #188: fix the sanitizer to not throw an exception when sanitizing - bogus data URLs. - - -0.9999/1.0b5 -~~~~~~~~~~~~ - -Released on April 29, 2015 - -* Fix #153: Sanitizer fails to treat some attributes as URLs. Despite how - this sounds, this has no known security implications. No known version - of IE (5.5 to current), Firefox (3 to current), Safari (6 to current), - Chrome (1 to current), or Opera (12 to current) will run any script - provided in these attributes. - -* Pass error message to the ParseError exception in strict parsing mode. - -* Allow data URIs in the sanitizer, with a whitelist of content-types. - -* Add support for Python implementations that don't support lone - surrogates (read: Jython). Fixes #2. - -* Remove localization of error messages. This functionality was totally - unused (and untested that everything was localizable), so we may as - well follow numerous browsers in not supporting translating technical - strings. - -* Expose treewalkers.pprint as a public API. - -* Add a documentEncoding property to HTML5Parser, fix #121. - - -0.999 -~~~~~ - -Released on December 23, 2013 - -* Fix #127: add work-around for CPython issue #20007: .read(0) on - http.client.HTTPResponse drops the rest of the content. - -* Fix #115: lxml treewalker can now deal with fragments containing, at - their root level, text nodes with non-ASCII characters on Python 2. - - -0.99 -~~~~ - -Released on September 10, 2013 - -* No library changes from 1.0b3; released as 0.99 as pip has changed - behaviour from 1.4 to avoid installing pre-release versions per - PEP 440. - - -1.0b3 -~~~~~ - -Released on July 24, 2013 - -* Removed ``RecursiveTreeWalker`` from ``treewalkers._base``. Any - implementation using it should be moved to - ``NonRecursiveTreeWalker``, as everything bundled with html5lib has - for years. - -* Fix #67 so that ``BufferedStream`` to correctly returns a bytes - object, thereby fixing any case where html5lib is passed a - non-seekable RawIOBase-like object. - - -1.0b2 -~~~~~ - -Released on June 27, 2013 - -* Removed reordering of attributes within the serializer. There is now - an ``alphabetical_attributes`` option which preserves the previous - behaviour through a new filter. This allows attribute order to be - preserved through html5lib if the tree builder preserves order. - -* Removed ``dom2sax`` from DOM treebuilders. It has been replaced by - ``treeadapters.sax.to_sax`` which is generic and supports any - treewalker; it also resolves all known bugs with ``dom2sax``. - -* Fix treewalker assertions on hitting bytes strings on - Python 2. Previous to 1.0b1, treewalkers coped with mixed - bytes/unicode data on Python 2; this reintroduces this prior - behaviour on Python 2. Behaviour is unchanged on Python 3. - - -1.0b1 -~~~~~ - -Released on May 17, 2013 - -* Implementation updated to implement the `HTML specification - `_ as of 5th May - 2013 (`SVN `_ revision r7867). - -* Python 3.2+ supported in a single codebase using the ``six`` library. - -* Removed support for Python 2.5 and older. - -* Removed the deprecated Beautiful Soup 3 treebuilder. - ``beautifulsoup4`` can use ``html5lib`` as a parser instead. Note that - since it doesn't support namespaces, foreign content like SVG and - MathML is parsed incorrectly. - -* Removed ``simpletree`` from the package. The default tree builder is - now ``etree`` (using the ``xml.etree.cElementTree`` implementation if - available, and ``xml.etree.ElementTree`` otherwise). - -* Removed the ``XHTMLSerializer`` as it never actually guaranteed its - output was well-formed XML, and hence provided little of use. - -* Removed default DOM treebuilder, so ``html5lib.treebuilders.dom`` is no - longer supported. ``html5lib.treebuilders.getTreeBuilder("dom")`` will - return the default DOM treebuilder, which uses ``xml.dom.minidom``. - -* Optional heuristic character encoding detection now based on - ``charade`` for Python 2.6 - 3.3 compatibility. - -* Optional ``Genshi`` treewalker support fixed. - -* Many bugfixes, including: - - * #33: null in attribute value breaks XML AttValue; - - * #4: nested, indirect descendant,