summary refs log tree commit diff
path: root/synapse/push/mailer.py
diff options
context:
space:
mode:
authorAndrew Morgan <andrew@amorgan.xyz>2021-04-22 18:31:10 +0100
committerAndrew Morgan <andrew@amorgan.xyz>2021-04-22 18:31:10 +0100
commit7bf3a6ee1835ea6b727f6f82bb5e743cab250dbb (patch)
tree5743ec7023786a5f0f4359e20be963c40ee0ff33 /synapse/push/mailer.py
parentMerge commit '73ed289bd' into anoa/dinsic_release_1_31_0 (diff)
parentCheck if a user is in the room before sending a PowerLevel event on their beh... (diff)
downloadsynapse-7bf3a6ee1835ea6b727f6f82bb5e743cab250dbb.tar.xz
Merge commit '2e537a028' into anoa/dinsic_release_1_31_0
Diffstat (limited to 'synapse/push/mailer.py')
-rw-r--r--synapse/push/mailer.py18


1 files changed, 16 insertions, 2 deletions
diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py

index 4d875dcb91..745b1dde94 100644
--- a/synapse/push/mailer.py
+++ b/synapse/push/mailer.py
@@ -668,6 +668,15 @@ class Mailer:
 
 
 def safe_markup(raw_html: str) -> jinja2.Markup:
+    """
+    Sanitise a raw HTML string to a set of allowed tags and attributes, and linkify any bare URLs.
+
+    Args
+        raw_html: Unsafe HTML.
+
+    Returns:
+        A Markup object ready to safely use in a Jinja template.
+    """
     return jinja2.Markup(
         bleach.linkify(
             bleach.clean(
@@ -684,8 +693,13 @@ def safe_markup(raw_html: str) -> jinja2.Markup:
 
 def safe_text(raw_text: str) -> jinja2.Markup:
     """
-    Process text: treat it as HTML but escape any tags (ie. just escape the
-    HTML) then linkify it.
+    Sanitise text (escape any HTML tags), and then linkify any bare URLs.
+
+    Args
+        raw_text: Unsafe text which might include HTML markup.
+
+    Returns:
+        A Markup object ready to safely use in a Jinja template.
     """
     return jinja2.Markup(
         bleach.linkify(bleach.clean(raw_text, tags=[], attributes={}, strip=False))

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-10 03:44:42 +0000