'list'对象在Python的BeautifulSoup renderContents中没有属性'items'

时间:2012-08-15 23:53:00

标签: python django beautifulsoup html-sanitizing

尝试从输入中删除不需要/不安全的标记和属性,我使用下面的代码(几乎完全由http://djangosnippets.org/snippets/1655/):

def html_filter(value, allowed_tags = 'p h1 h2 h3 div span a:href:title img:src:alt:title table:cellspacing:cellpadding th tr td:colspan:rowspan ol ul li br'):
    js_regex = re.compile(r'[\s]*(&#x.{1,7})?'.join(list('javascript')))
    allowed_tags = [tag.split(':') for tag in allowed_tags.split()]
    allowed_tags = dict((tag[0], tag[1:]) for tag in allowed_tags)
    soup = BeautifulSoup(value)
    for comment in soup.findAll(text=lambda text: isinstance(text, Comment)):
        comment.extract()
    for tag in soup.findAll(True):
        if tag.name not in allowed_tags:
            tag.hidden = True
        else:
            tag.attrs = [(attr, js_regex.sub('', val)) for attr, val in tag.attrs.items() if attr in allowed_tags[tag.name]]
    return soup.renderContents().decode('utf8')

适用于不受欢迎或列入白名单的标签,未列入白名单的属性,甚至格式错误的html。但是,如果存在任何列入白名单的属性,则会引发

'list' object has no attribute 'items'

在最后一行,这对我没什么帮助。 type(soup) <class 'bs4.BeautifulSoup'>是否会引发错误,所以我不知道它是指什么。

Traceback:
[...]
File "C:\Users\Mark\Web\www\fnwidjango\src\base\functions\html_filter.py" in html_filter
  30.     return soup.renderContents().decode('utf8')
File "C:\Python27\lib\site-packages\bs4\element.py" in renderContents
  1098.             indent_level=indentLevel, encoding=encoding)
File "C:\Python27\lib\site-packages\bs4\element.py" in encode_contents
  1089.         contents = self.decode_contents(indent_level, encoding, formatter)
File "C:\Python27\lib\site-packages\bs4\element.py" in decode_contents
  1074.                                   formatter))
File "C:\Python27\lib\site-packages\bs4\element.py" in decode
  1021.             indent_contents, eventual_encoding, formatter)
File "C:\Python27\lib\site-packages\bs4\element.py" in decode_contents
  1074.                                   formatter))
File "C:\Python27\lib\site-packages\bs4\element.py" in decode
  1021.             indent_contents, eventual_encoding, formatter)
File "C:\Python27\lib\site-packages\bs4\element.py" in decode_contents
  1074.                                   formatter))
File "C:\Python27\lib\site-packages\bs4\element.py" in decode
  1021.             indent_contents, eventual_encoding, formatter)
File "C:\Python27\lib\site-packages\bs4\element.py" in decode_contents
  1074.                                   formatter))
File "C:\Python27\lib\site-packages\bs4\element.py" in decode
  983.             for key, val in sorted(self.attrs.items()):

Exception Type: AttributeError at /"nieuws"/article/3-test/
Exception Value: 'list' object has no attribute 'items'

2 个答案:

答案 0 :(得分:3)

尝试替换

tag.attrs = [(attr, js_regex.sub('', val)) for attr, val in tag.attrs.items() if attr in allowed_tags[tag.name]]


tag.attrs = dict((attr, js_regex.sub('', val)) for attr, val in tag.attrs.items() if attr in allowed_tags[tag.name])

答案 1 :(得分:1)

看起来renderContents()希望您将attrs设置为dict(将使用items方法),而不是您传递的元组列表。因此,当它试图访问它时会抛出AttributeError

要修复错误,您可以在Python 3中使用dict理解:

tag.attrs = {attr: js_regex.sub('', val)) for attr, val in tag.attrs.items() if attr in allowed_tags[tag.name]}

在Python 2中,不支持dict理解,所以你应该将迭代器传递给dict构造函数:

tag.attrs = dict((attr, js_regex.sub('', val)) for attr, val in tag.attrs.items() if attr in allowed_tags[tag.name]))
相关问题
最新问题