Add comment to clean_html_content function and update __authors__.
--- a/app/soc/logic/cleaning.py Mon May 18 20:23:42 2009 +0200
+++ b/app/soc/logic/cleaning.py Wed May 20 12:32:36 2009 +0200
@@ -21,6 +21,7 @@
'"Todd Larsen" <tlarsen@google.com>',
'"Sverre Rabbelier" <sverre@rabbelier.nl>',
'"Lennard de Rijk" <ljvderijk@gmail.com>',
+ '"Pawel Solyga" <pawel.solyga@gmail.com>',
]
@@ -383,6 +384,10 @@
content = self.cleaned_data.get(field_name)
+ # clean_html_content is called when writing data into GAE rather than
+ # when reading data from GAE. This short-circuiting of the sanitizer
+ # only affects html authored by developers. The isDeveloper test for
+ # example allows developers to add javascript.
if user_logic.isDeveloper():
return content