Remove HTML tags not on an allowed list from a Python string

by

Use lxml.html.clean! It’s VERY easy!

from lxml.html.clean import clean_html
print clean_html(html)

Suppose the following html:

html=""'\
<html>
 <head>
   <script type="text/javascript" src="https://stackoverflow.com/questions/699468/evil-site"></script>
   <link rel="alternate" type="text/rss" src="evil-rss">
   <style>
     body {background-image: url(javascript:do_evil)};
     div {color: expression(evil)};
   </style>
 </head>
 <body onload="evil_function()">
    <!-- I am interpreted for EVIL! -->
   <a href="javascript:evil_function()">a link</a>
   <a href="#" onclick="evil_function()">another link</a>
   <p onclick="evil_function()">a paragraph</p>
   <div style="display: none">secret EVIL!</div>
   <object> of EVIL! </object>
   <iframe src="https://stackoverflow.com/questions/699468/evil-site"></iframe>
   <form action="https://stackoverflow.com/questions/699468/evil-site">
     Password: <input type="password" name="password">
   </form>
   <blink>annoying EVIL!</blink>
   <a href="https://stackoverflow.com/questions/699468/evil-site">spam spam SPAM!</a>
   <image src="evil!">
 </body>
</html>'''

The results…

<html>
  <body>
    <div>
      <style>/* deleted */</style>
      <a href="">a link</a>
      <a href="#">another link</a>
      <p>a paragraph</p>
      <div>secret EVIL!</div>
      of EVIL!
      Password:
      annoying EVIL!
      <a href="https://stackoverflow.com/questions/699468/evil-site">spam spam SPAM!</a>
      <img src="evil!">
    </div>
  </body>
</html>

You can customize the elements you want to clean and whatnot.

More Related Contents:

  1. Sending data from HTML form to a Python script in Flask
  2. Decode HTML entities in Python string?
  3. Extract part of a regex match
  4. How do I unescape HTML entities in a string in Python 3.1? [duplicate]
  5. Render HTML to PDF in Django site
  6. How to simulate HTML5 Drag and Drop in Selenium Webdriver?
  7. StaleElementReferenceException on Python Selenium
  8. How to load all entries in an infinite scroll at once to parse the HTML in python
  9. How to find children of nodes using BeautifulSoup
  10. How can I use the python HTMLParser library to extract data from a specific div tag?
  11. Python code to remove HTML tags from a string [duplicate]
  12. Download HTML page and its contents
  13. Convert a HTML Table to JSON
  14. How can I get text of an element in Selenium WebDriver, without including child element text?
  15. Change the color of text within a pandas dataframe html table python using styles and css
  16. How to find all comments with Beautiful Soup
  17. How to find tag with particular text with Beautiful Soup?
  18. Creating HTML in python
  19. How find specific data attribute from html tag in BeautifulSoup4?
  20. Exclude unwanted tag on Beautifulsoup Python
  21. How to send a FastAPI response without redirecting the user to another page?
  22. How to delete all the entries from google datastore?
  23. How to save “complete webpage” not just basic html using Python
  24. How do I fix wrongly nested / unclosed HTML tags?
  25. How to find the comment tag with BeautifulSoup?
  26. Why is my static CSS not working in Django?
  27. How to find/replace text in html while preserving html tags/structure
  28. How can I run a Python script in HTML?
  29. How to format IPython html display of Pandas dataframe?
  30. Call a python function within a html file

Leave a Comment