You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by "dpgaspar (via GitHub)" <gi...@apache.org> on 2023/04/28 09:29:41 UTC

[GitHub] [superset] dpgaspar commented on pull request #23862: chore: Use nh3 lib instead of bleach

dpgaspar commented on PR #23862:
URL: https://github.com/apache/superset/pull/23862#issuecomment-1527265873

   > @villebro @dpgaspar About `rel="noopener noreferrer"` which I added in the unit test assert:
   > 
   > ### noopener: This prevents [a particular type of XSS attack](https://mathiasbynens.github.io/rel-noopener/), and should usually be turned on for untrusted HTML.
   > * the link’s target loading in the same tab where the link was clicked
   > * the backlink from appearing as referral traffic in the destination site’s analytics
   
   Great!! reading the docs that it's the default for `link_rel` parameter on nh3.clean. 
   On an unrelated note found it interesting how nh3 rust python binding is using py.allow_threads to get around the GIL, performant CPU bound tasks 💪 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org