下载
- 官网下载:http://kindeditor.net/down.php
- 本地下载:https://files.cnblogs.com/files/wupeiqi/kindeditor_a5.zip
3、文件夹说明
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
├── asp asp示例├── asp.net asp.net示例├── attached 空文件夹,放置关联文件attached├── examples HTML示例├── jsp java示例├── kindeditor-all-min.js 全部JS(压缩)├── kindeditor-all.js 全部JS(未压缩)├── kindeditor-min.js 仅KindEditor JS(压缩)├── kindeditor.js 仅KindEditor JS(未压缩)├── lang 支持语言├── license.txt License├── php PHP示例├── plugins KindEditor内部使用的插件└── themes KindEditor主题 |
4、基本使用
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
<textarea name="content" id="content"></textarea><script src="/static/jquery-1.12.4.js"></script><script src="/static/plugins/kind-editor/kindeditor-all.js"></script><script> $(function () { initKindEditor(); }); function initKindEditor() { var kind = KindEditor.create('#content', { '100%', // 文本框宽度(可以百分比或像素) height: '300px', // 文本框高度(只能像素) minWidth: 200, // 最小宽度(数字) minHeight: 400 // 最小高度(数字) }); }</script> |
5、详细参数
http://kindeditor.net/docs/option.html
6、上传文件示
<body>
<h1>提交的文章内容:</h1>
<div class="article">
</div>
<h1>请输入内容</h1>
<div class="edit">
<form method="POST" action="/editor.html">
<input type="text" placeholder="博客url"/>
{% csrf_token %}
<textarea name="content"></textarea>
<input type="submit" value="提交" />
</form>
</div>
<script src="/static/js/jquery-1.12.4.js"></script>
<script src="/static/plugins/kindeditor/kindeditor-all.js"></script>
<script>
$(function () {
KindEditor.create('textarea[name="content"]',{
width : '700px',
height: '200px',
resizeType: 1,
allowImageUpload: true,
allowImageRemote: true,
allowFlashUpload: false,
allowFileManager:true,
extraFileUploadParams : {
csrfmiddlewaretoken : "{{ csrf_token }}"
},
filePostName: 'fafafa',
uploadJson: '/upload_file.html',
fileManagerJson: '/manager_file.html',
urlType: 'absolute'
})
})
</script>
</body>
import os import json import time from django.shortcuts import render from django.shortcuts import HttpResponse def editor(request): content = request.POST.get('content') print(content) return render(request,'editor.html') def upload_file(request): import os import json dir = request.GET.get('dir') if dir == 'image': pass obj = request.FILES.get('fafafa') file_path = os.path.join('static/imgs',obj.name) with open(file_path,'wb') as f: for chunk in obj.chunks(): f.write(chunk) ret = { 'error': 0, 'url': 'http://127.0.0.1:8000/'+file_path, 'message': '错误了...' } return HttpResponse(json.dumps(ret)) def manager_file(request): import os import time import json from EdmureBlog.settings import BASE_DIR dic = {} root_path = os.path.join(BASE_DIR,'static/') static_root_path = '/static/' # 要访问的路径 request_path = request.GET.get('path') if request_path: abs_current_dir_path = os.path.join(root_path, request_path) # request_path=css/ "" # move_up_dir_path=css # move_up_dir_path = os.path.dirname(request_path.rstrip('/')) dic['moveup_dir_path'] = move_up_dir_path + '/' if move_up_dir_path else move_up_dir_path else: # 根目录无上一级 abs_current_dir_path = root_path dic['moveup_dir_path'] = '' dic['current_dir_path'] = request_path dic['current_url'] = os.path.join(static_root_path, request_path) file_list = [] for item in os.listdir(abs_current_dir_path): # item每一个文件名 abs_item_path = os.path.join(abs_current_dir_path, item) a, exts = os.path.splitext(item) is_dir = os.path.isdir(abs_item_path) if is_dir: temp = { 'is_dir': True, 'has_file': True, 'filesize': 0, 'dir_path': '', 'is_photo': False, 'filetype': '', 'filename': item, 'datetime': time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime(os.path.getctime(abs_item_path))) } else: temp = { 'is_dir': False, 'has_file': False, 'filesize': os.stat(abs_item_path).st_size, 'dir_path': '', 'is_photo': True if exts.lower() in ['.jpg', '.png', '.jpeg'] else False, 'filetype': exts.lower().strip('.'), 'filename': item, 'datetime': time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime(os.path.getctime(abs_item_path))) } file_list.append(temp) dic['file_list'] = file_list
7、XSS过滤特殊标签
pip install beautifulsoup4
1 #!/usr/bin/env python 2 # -*- coding:utf-8 -*- 3 from bs4 import BeautifulSoup 4 5 6 class XSSFilter(object): 7 __instance = None 8 9 def __init__(self): 10 # XSS白名单 11 self.valid_tags = { 12 "font": ['color', 'size', 'face', 'style'], 13 'b': [], 14 'div': [], 15 "span": [], 16 "table": [ 17 'border', 'cellspacing', 'cellpadding' 18 ], 19 'th': [ 20 'colspan', 'rowspan' 21 ], 22 'td': [ 23 'colspan', 'rowspan' 24 ], 25 "a": ['href', 'target', 'name'], 26 "img": ['src', 'alt', 'title'], 27 'p': [ 28 'align' 29 ], 30 "pre": ['class'], 31 "hr": ['class'], 32 'strong': [] 33 } 34 35 @classmethod 36 def instance(cls): 37 if not cls.__instance: 38 obj = cls() 39 cls.__instance = obj 40 return cls.__instance 41 42 def process(self, content): 43 soup = BeautifulSoup(content, 'lxml') 44 # 遍历所有HTML标签 45 for tag in soup.find_all(recursive=True): 46 # 判断标签名是否在白名单中 47 if tag.name not in self.valid_tags: 48 tag.hidden = True 49 if tag.name not in ['html', 'body']: 50 tag.hidden = True 51 tag.clear() 52 continue 53 # 当前标签的所有属性白名单 54 attr_rules = self.valid_tags[tag.name] 55 keys = list(tag.attrs.keys()) 56 for key in keys: 57 if key not in attr_rules: 58 del tag[key] 59 60 return soup.renderContents() 61 62 63 if __name__ == '__main__': 64 html = """<p class="title"> 65 <b>The Dormouse's story</b> 66 </p> 67 <p class="story"> 68 <div name='root'> 69 Once upon a time there were three little sisters; and their names were 70 <a href="http://example.com/elsie" class="sister c1" style='color:red;background-color:green;' id="link1"><!-- Elsie --></a> 71 <a href="http://example.com/lacie" class="sister" id="link2">Lacie</a> and 72 <a href="http://example.com/tillie" class="sister" id="link3">Tilffffffffffffflie</a>; 73 and they lived at the bottom of a well. 74 <script>alert(123)</script> 75 </div> 76 </p> 77 <p class="story">...</p>""" 78 79 v = XSSFilter.instance().process(html) 80 print(v) 81 82 XSS示例
1 #!/usr/bin/env python 2 # -*- coding:utf-8 -*- 3 from bs4 import BeautifulSoup 4 5 6 class XSSFilter(object): 7 __instance = None 8 9 def __init__(self): 10 # XSS白名单 11 self.valid_tags = { 12 "font": ['color', 'size', 'face', 'style'], 13 'b': [], 14 'div': [], 15 "span": [], 16 "table": [ 17 'border', 'cellspacing', 'cellpadding' 18 ], 19 'th': [ 20 'colspan', 'rowspan' 21 ], 22 'td': [ 23 'colspan', 'rowspan' 24 ], 25 "a": ['href', 'target', 'name'], 26 "img": ['src', 'alt', 'title'], 27 'p': [ 28 'align' 29 ], 30 "pre": ['class'], 31 "hr": ['class'], 32 'strong': [] 33 } 34 35 def __new__(cls, *args, **kwargs): 36 """ 37 单例模式 38 :param cls: 39 :param args: 40 :param kwargs: 41 :return: 42 """ 43 if not cls.__instance: 44 obj = object.__new__(cls, *args, **kwargs) 45 cls.__instance = obj 46 return cls.__instance 47 48 def process(self, content): 49 soup = BeautifulSoup(content, 'lxml') 50 # 遍历所有HTML标签 51 for tag in soup.find_all(recursive=True): 52 # 判断标签名是否在白名单中 53 if tag.name not in self.valid_tags: 54 tag.hidden = True 55 if tag.name not in ['html', 'body']: 56 tag.hidden = True 57 tag.clear() 58 continue 59 # 当前标签的所有属性白名单 60 attr_rules = self.valid_tags[tag.name] 61 keys = list(tag.attrs.keys()) 62 for key in keys: 63 if key not in attr_rules: 64 del tag[key] 65 66 return soup.renderContents() 67 68 69 if __name__ == '__main__': 70 html = """<p class="title"> 71 <b>The Dormouse's story</b> 72 </p> 73 <p class="story"> 74 <div name='root'> 75 Once upon a time there were three little sisters; and their names were 76 <a href="http://example.com/elsie" class="sister c1" style='color:red;background-color:green;' id="link1"><!-- Elsie --></a> 77 <a href="http://example.com/lacie" class="sister" id="link2">Lacie</a> and 78 <a href="http://example.com/tillie" class="sister" id="link3">Tilffffffffffffflie</a>; 79 and they lived at the bottom of a well. 80 <script>alert(123)</script> 81 </div> 82 </p> 83 <p class="story">...</p>""" 84 85 obj = XSSFilter() 86 v = obj.process(html) 87 print(v) 88 89 基于__new__实现单例模式示例