• KindEditor


    下载

    • 官网下载:http://kindeditor.net/down.php
    • 本地下载:https://files.cnblogs.com/files/wupeiqi/kindeditor_a5.zip

    3、文件夹说明

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    ├── asp                          asp示例
    ├── asp.net                    asp.net示例
    ├── attached                  空文件夹,放置关联文件attached
    ├── examples                 HTML示例
    ├── jsp                          java示例
    ├── kindeditor-all-min.js 全部JS(压缩)
    ├── kindeditor-all.js        全部JS(未压缩)
    ├── kindeditor-min.js      仅KindEditor JS(压缩)
    ├── kindeditor.js            仅KindEditor JS(未压缩)
    ├── lang                        支持语言
    ├── license.txt               License
    ├── php                        PHP示例
    ├── plugins                    KindEditor内部使用的插件
    └── themes                   KindEditor主题

    4、基本使用

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    <textarea name="content" id="content"></textarea>
     
    <script src="/static/jquery-1.12.4.js"></script>
    <script src="/static/plugins/kind-editor/kindeditor-all.js"></script>
    <script>
        $(function () {
            initKindEditor();
        });
     
        function initKindEditor() {
            var kind = KindEditor.create('#content', {
                 '100%',       // 文本框宽度(可以百分比或像素)
                height: '300px',     // 文本框高度(只能像素)
                minWidth: 200,       // 最小宽度(数字)
                minHeight: 400      // 最小高度(数字)
            });
        }
    </script>

    5、详细参数

         http://kindeditor.net/docs/option.html

    6、上传文件示

    <body>
        <h1>提交的文章内容:</h1>
        <div class="article">
    
        </div>
    
        <h1>请输入内容</h1>
        <div class="edit">
            <form method="POST" action="/editor.html">
                <input type="text" placeholder="博客url"/>
                {% csrf_token %}
                <textarea name="content"></textarea>
                <input type="submit" value="提交" />
            </form>
    
        </div>
        <script src="/static/js/jquery-1.12.4.js"></script>
        <script src="/static/plugins/kindeditor/kindeditor-all.js"></script>
        <script>
            $(function () {
                KindEditor.create('textarea[name="content"]',{
                    width : '700px',
                    height: '200px',
                    resizeType: 1,
                    allowImageUpload: true,
                    allowImageRemote: true,
                    allowFlashUpload: false,
                    allowFileManager:true,
                    extraFileUploadParams : {
                            csrfmiddlewaretoken : "{{ csrf_token }}"
                    },
                    filePostName: 'fafafa',
                    uploadJson: '/upload_file.html',
                    fileManagerJson: '/manager_file.html',
                    urlType: 'absolute'
                })
    
            })
        </script>
    </body>
    import os
    import json
    import time
    
    from django.shortcuts import render
    from django.shortcuts import HttpResponse
    
    def editor(request):
        content = request.POST.get('content')
        print(content)
        return render(request,'editor.html')
    
    
    def upload_file(request):
        import os
        import json
        dir = request.GET.get('dir')
        if dir == 'image':
            pass
        obj = request.FILES.get('fafafa')
        file_path = os.path.join('static/imgs',obj.name)
        with open(file_path,'wb') as f:
            for chunk in obj.chunks():
                f.write(chunk)
        ret = {
            'error': 0,
            'url': 'http://127.0.0.1:8000/'+file_path,
            'message': '错误了...'
        }
        return HttpResponse(json.dumps(ret))
    
    def manager_file(request):
        import os
        import time
        import json
        from EdmureBlog.settings import BASE_DIR
    
        dic = {}
        root_path = os.path.join(BASE_DIR,'static/')
    
        static_root_path = '/static/'
    
        # 要访问的路径
        request_path = request.GET.get('path')
    
        if request_path:
            abs_current_dir_path = os.path.join(root_path, request_path)
            # request_path=css/    ""
            # move_up_dir_path=css
            #
            move_up_dir_path = os.path.dirname(request_path.rstrip('/'))
            dic['moveup_dir_path'] = move_up_dir_path + '/' if move_up_dir_path else move_up_dir_path
    
        else:
            # 根目录无上一级
            abs_current_dir_path = root_path
            dic['moveup_dir_path'] = ''
    
        dic['current_dir_path'] = request_path
        dic['current_url'] = os.path.join(static_root_path, request_path)
    
        file_list = []
        for item in os.listdir(abs_current_dir_path):
            # item每一个文件名
            abs_item_path = os.path.join(abs_current_dir_path, item)
            a, exts = os.path.splitext(item)
            is_dir = os.path.isdir(abs_item_path)
            if is_dir:
                temp = {
                    'is_dir': True,
                    'has_file': True,
                    'filesize': 0,
                    'dir_path': '',
                    'is_photo': False,
                    'filetype': '',
                    'filename': item,
                    'datetime': time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime(os.path.getctime(abs_item_path)))
                }
            else:
                temp = {
                    'is_dir': False,
                    'has_file': False,
                    'filesize': os.stat(abs_item_path).st_size,
                    'dir_path': '',
                    'is_photo': True if exts.lower() in ['.jpg', '.png', '.jpeg'] else False,
                    'filetype': exts.lower().strip('.'),
                    'filename': item,
                    'datetime': time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime(os.path.getctime(abs_item_path)))
                }
    
            file_list.append(temp)
        dic['file_list'] = file_list

    7、XSS过滤特殊标签

    pip install beautifulsoup4

     1 #!/usr/bin/env python
     2 # -*- coding:utf-8 -*-
     3 from bs4 import BeautifulSoup
     4 
     5 
     6 class XSSFilter(object):
     7     __instance = None
     8 
     9     def __init__(self):
    10         # XSS白名单
    11         self.valid_tags = {
    12             "font": ['color', 'size', 'face', 'style'],
    13             'b': [],
    14             'div': [],
    15             "span": [],
    16             "table": [
    17                 'border', 'cellspacing', 'cellpadding'
    18             ],
    19             'th': [
    20                 'colspan', 'rowspan'
    21             ],
    22             'td': [
    23                 'colspan', 'rowspan'
    24             ],
    25             "a": ['href', 'target', 'name'],
    26             "img": ['src', 'alt', 'title'],
    27             'p': [
    28                 'align'
    29             ],
    30             "pre": ['class'],
    31             "hr": ['class'],
    32             'strong': []
    33         }
    34 
    35     @classmethod
    36     def instance(cls):
    37         if not cls.__instance:
    38             obj = cls()
    39             cls.__instance = obj
    40         return cls.__instance
    41 
    42     def process(self, content):
    43         soup = BeautifulSoup(content, 'lxml')
    44         # 遍历所有HTML标签
    45         for tag in soup.find_all(recursive=True):
    46             # 判断标签名是否在白名单中
    47             if tag.name not in self.valid_tags:
    48                 tag.hidden = True
    49                 if tag.name not in ['html', 'body']:
    50                     tag.hidden = True
    51                     tag.clear()
    52                 continue
    53             # 当前标签的所有属性白名单
    54             attr_rules = self.valid_tags[tag.name]
    55             keys = list(tag.attrs.keys())
    56             for key in keys:
    57                 if key not in attr_rules:
    58                     del tag[key]
    59 
    60         return soup.renderContents()
    61 
    62 
    63 if __name__ == '__main__':
    64     html = """<p class="title">
    65                         <b>The Dormouse's story</b>
    66                     </p>
    67                     <p class="story">
    68                         <div name='root'>
    69                             Once upon a time there were three little sisters; and their names were
    70                             <a href="http://example.com/elsie" class="sister c1" style='color:red;background-color:green;' id="link1"><!-- Elsie --></a>
    71                             <a href="http://example.com/lacie" class="sister" id="link2">Lacie</a> and
    72                             <a href="http://example.com/tillie" class="sister" id="link3">Tilffffffffffffflie</a>;
    73                             and they lived at the bottom of a well.
    74                             <script>alert(123)</script>
    75                         </div>
    76                     </p>
    77                     <p class="story">...</p>"""
    78 
    79     v = XSSFilter.instance().process(html)
    80     print(v)
    81 
    82 XSS示例
    View Code
     1 #!/usr/bin/env python
     2 # -*- coding:utf-8 -*-
     3 from bs4 import BeautifulSoup
     4 
     5 
     6 class XSSFilter(object):
     7     __instance = None
     8 
     9     def __init__(self):
    10         # XSS白名单
    11         self.valid_tags = {
    12             "font": ['color', 'size', 'face', 'style'],
    13             'b': [],
    14             'div': [],
    15             "span": [],
    16             "table": [
    17                 'border', 'cellspacing', 'cellpadding'
    18             ],
    19             'th': [
    20                 'colspan', 'rowspan'
    21             ],
    22             'td': [
    23                 'colspan', 'rowspan'
    24             ],
    25             "a": ['href', 'target', 'name'],
    26             "img": ['src', 'alt', 'title'],
    27             'p': [
    28                 'align'
    29             ],
    30             "pre": ['class'],
    31             "hr": ['class'],
    32             'strong': []
    33         }
    34 
    35     def __new__(cls, *args, **kwargs):
    36         """
    37         单例模式
    38         :param cls:
    39         :param args:
    40         :param kwargs:
    41         :return:
    42         """
    43         if not cls.__instance:
    44             obj = object.__new__(cls, *args, **kwargs)
    45             cls.__instance = obj
    46         return cls.__instance
    47 
    48     def process(self, content):
    49         soup = BeautifulSoup(content, 'lxml')
    50         # 遍历所有HTML标签
    51         for tag in soup.find_all(recursive=True):
    52             # 判断标签名是否在白名单中
    53             if tag.name not in self.valid_tags:
    54                 tag.hidden = True
    55                 if tag.name not in ['html', 'body']:
    56                     tag.hidden = True
    57                     tag.clear()
    58                 continue
    59             # 当前标签的所有属性白名单
    60             attr_rules = self.valid_tags[tag.name]
    61             keys = list(tag.attrs.keys())
    62             for key in keys:
    63                 if key not in attr_rules:
    64                     del tag[key]
    65 
    66         return soup.renderContents()
    67 
    68 
    69 if __name__ == '__main__':
    70     html = """<p class="title">
    71                         <b>The Dormouse's story</b>
    72                     </p>
    73                     <p class="story">
    74                         <div name='root'>
    75                             Once upon a time there were three little sisters; and their names were
    76                             <a href="http://example.com/elsie" class="sister c1" style='color:red;background-color:green;' id="link1"><!-- Elsie --></a>
    77                             <a href="http://example.com/lacie" class="sister" id="link2">Lacie</a> and
    78                             <a href="http://example.com/tillie" class="sister" id="link3">Tilffffffffffffflie</a>;
    79                             and they lived at the bottom of a well.
    80                             <script>alert(123)</script>
    81                         </div>
    82                     </p>
    83                     <p class="story">...</p>"""
    84 
    85     obj = XSSFilter()
    86     v = obj.process(html)
    87     print(v)
    88 
    89 基于__new__实现单例模式示例
    View Code
  • 相关阅读:
    SSDB安装配置记录
    Ubuntu上通过nginx部署Django笔记
    PyCharm创建virtualenv方法
    Python3--列表生成式
    K最近邻算法项目实战
    K最近邻算法
    人工智能之机器学习
    C#把汉字转换成16进制(HEX)并向串口发送数据
    Ubuntu-18.04.2系统 Nginx+uWSGI+Django 部署生产环境
    HTTP响应状态码说明
  • 原文地址:https://www.cnblogs.com/jcwit/p/7780864.html
Copyright © 2020-2023  润新知