# lxml_html_clean
## Motivation
This project was initially a part of [lxml](https://github.com/lxml/lxml). Because HTML cleaner is designed as blocklist-based, many reports about possible security vulnerabilities were filed for lxml and that make the project problematic for security-sensitive environments. Therefore we decided to extract the problematic part to a separate project.
**Important**: the HTML Cleaner in ``lxml_html_clean`` is **not** considered appropriate **for security sensitive environments**. See e.g. [bleach](https://pypi.org/project/bleach/) for an alternative.
This project uses functions from Python's `urllib.parse` for URL parsing which **do not validate inputs**. For more information on potential security risks, refer to the [URL parsing security](https://docs.python.org/3/library/urllib.parse.html#url-parsing-security) documentation. A maliciously crafted URL could potentially bypass the allowed hosts check in `Cleaner`.
## Installation
You can install this project directly via `pip install lxml_html_clean` or as an extra of lxml
via `pip install lxml[html_clean]`. Both ways install this project together with lxml itself.
## Security
For discussions regarding security-related issues or any sensitive reports, please contact us privately.
You can reach out to lbalhar(at)redhat.com or frenzy.madness(at)gmail.com to ensure your concerns
are addressed confidentially and securely.
## Documentation
[https://lxml-html-clean.readthedocs.io/](https://lxml-html-clean.readthedocs.io/)
## License
BSD-3-Clause
Raw data
{
"_id": null,
"home_page": "https://github.com/fedora-python/lxml_html_clean/",
"name": "lxml-html-clean",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": null,
"author": "Lum\u00edr Balhar",
"author_email": "lbalhar@redhat.com",
"download_url": "https://files.pythonhosted.org/packages/81/f2/fe319e3c5cb505a361b95d1e0d0d793fe28d4dcc2fc39d3cae9324dc4233/lxml_html_clean-0.4.1.tar.gz",
"platform": null,
"description": "# lxml_html_clean\n\n## Motivation\n\nThis project was initially a part of [lxml](https://github.com/lxml/lxml). Because HTML cleaner is designed as blocklist-based, many reports about possible security vulnerabilities were filed for lxml and that make the project problematic for security-sensitive environments. Therefore we decided to extract the problematic part to a separate project.\n\n**Important**: the HTML Cleaner in ``lxml_html_clean`` is **not** considered appropriate **for security sensitive environments**. See e.g. [bleach](https://pypi.org/project/bleach/) for an alternative.\n\nThis project uses functions from Python's `urllib.parse` for URL parsing which **do not validate inputs**. For more information on potential security risks, refer to the [URL parsing security](https://docs.python.org/3/library/urllib.parse.html#url-parsing-security) documentation. A maliciously crafted URL could potentially bypass the allowed hosts check in `Cleaner`.\n\n## Installation\n\nYou can install this project directly via `pip install lxml_html_clean` or as an extra of lxml\nvia `pip install lxml[html_clean]`. Both ways install this project together with lxml itself.\n\n## Security\n\nFor discussions regarding security-related issues or any sensitive reports, please contact us privately.\nYou can reach out to lbalhar(at)redhat.com or frenzy.madness(at)gmail.com to ensure your concerns\nare addressed confidentially and securely.\n\n## Documentation\n\n[https://lxml-html-clean.readthedocs.io/](https://lxml-html-clean.readthedocs.io/)\n\n## License\n\nBSD-3-Clause\n",
"bugtrack_url": null,
"license": "BSD-3-Clause",
"summary": "HTML cleaner from lxml project",
"version": "0.4.1",
"project_urls": {
"Documentation": "https://lxml-html-clean.readthedocs.io/",
"Homepage": "https://github.com/fedora-python/lxml_html_clean/"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f7ba2af7a60b45bf21375e111c1e2d5d721108d06c80e3d9a3cc1d767afe1731",
"md5": "8666edcc2285b289eed1bc4f659d51e6",
"sha256": "b704f2757e61d793b1c08bf5ad69e4c0b68d6696f4c3c1429982caf90050bcaf"
},
"downloads": -1,
"filename": "lxml_html_clean-0.4.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "8666edcc2285b289eed1bc4f659d51e6",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 14114,
"upload_time": "2024-11-15T06:19:27",
"upload_time_iso_8601": "2024-11-15T06:19:27.678460Z",
"url": "https://files.pythonhosted.org/packages/f7/ba/2af7a60b45bf21375e111c1e2d5d721108d06c80e3d9a3cc1d767afe1731/lxml_html_clean-0.4.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "81f2fe319e3c5cb505a361b95d1e0d0d793fe28d4dcc2fc39d3cae9324dc4233",
"md5": "27a981135a8ee25ab96c9f7af49013f1",
"sha256": "40c838bbcf1fc72ba4ce811fbb3135913017b27820d7c16e8bc412ae1d8bc00b"
},
"downloads": -1,
"filename": "lxml_html_clean-0.4.1.tar.gz",
"has_sig": false,
"md5_digest": "27a981135a8ee25ab96c9f7af49013f1",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 21378,
"upload_time": "2024-11-15T06:19:30",
"upload_time_iso_8601": "2024-11-15T06:19:30.117231Z",
"url": "https://files.pythonhosted.org/packages/81/f2/fe319e3c5cb505a361b95d1e0d0d793fe28d4dcc2fc39d3cae9324dc4233/lxml_html_clean-0.4.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-15 06:19:30",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "fedora-python",
"github_project": "lxml_html_clean",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"tox": true,
"lcname": "lxml-html-clean"
}
JSON
