MarkupSafe-slow

Safely add untrusted strings to HTML/XML markup.

Showing:

Popularity

Downloads/wk

0

GitHub Stars

424

Maintenance

Last Commit

9d ago

Contributors

37

Package

Dependencies

0

License

BSD

Categories

Readme

MarkupSafe

MarkupSafe implements a text object that escapes characters so it is safe to use in HTML and XML. Characters that have special meanings are replaced so that they display as the actual characters. This mitigates injection attacks, meaning untrusted user input can safely be displayed on a page.

Installing

Install and update using pip_:

.. code-block:: text

pip install -U MarkupSafe

.. _pip: https://pip.pypa.io/en/stable/getting-started/

Examples

.. code-block:: pycon

>>> from markupsafe import Markup, escape

>>> # escape replaces special characters and wraps in Markup
>>> escape("<script>alert(document.cookie);</script>")
Markup('&lt;script&gt;alert(document.cookie);&lt;/script&gt;')

>>> # wrap in Markup to mark text "safe" and prevent escaping
>>> Markup("<strong>Hello</strong>")
Markup('<strong>hello</strong>')

>>> escape(Markup("<strong>Hello</strong>"))
Markup('<strong>hello</strong>')

>>> # Markup is a str subclass
>>> # methods and operators escape their arguments
>>> template = Markup("Hello <em>{name}</em>")
>>> template.format(name='"World"')
Markup('Hello <em>&#34;World&#34;</em>')

The Pallets organization develops and supports MarkupSafe and other popular packages. In order to grow the community of contributors and users, and allow the maintainers to devote more time to the projects, please donate today_.

.. _please donate today: https://palletsprojects.com/donate

Rate & Review

Great Documentation0
Easy to Use0
Performant0
Highly Customizable0
Bleeding Edge0
Responsive Maintainers0
Poor Documentation0
Hard to Use0
Slow0
Buggy0
Abandoned0
Unwelcoming Community0
100