PottyMouth

PottyMouth is an application that transforms completely unstructured and untrusted text to valid, nice-looking, completely safe XHTML.

PottyMouth is designed to handle input text from non-technical, potentially careless or malicious users. It produces HTML that is completely safe, programmatically and visually, to include on any web page. And you don’t need to make your users read any instructions before they start typing. They don’t even need to know that PottyMouth is being used.

What is it for?

PottyMouth is ideal for displaying blog comments, text email bodies in a web mail application or mailing list web archive, or any text fields on any site with user input text, such as a social networking, dating, or community site. In short, any input which is displayed in HTML and is input as text by a non-technical and/or untrusted user. It has been in use on mosuki.com since January 2007.

What is it not for?

PottyMouth is not intended for HTML page generation, such as writing blog entries, where the author is an authorized and trusted user who may want to exert more control over the content of his or her post. Markdown and SmartyPants together are good solutions for this.

PottyMouth is also not intended for wikis, where the text is more heavily structured and where poorly formatted or malicious input can be quickly corrected by another user. There are many good wiki packages out there; this is not one of them.

PottyMouth prevents against a wide range of potential problems:

- no JavaScript or HTML insertion via < iframe > tags
- no JavaScript insertion via: < script > tags
- no JavaScript insertion via: event handler attributes on tags
- no JavaScript insertion via javascript: hyperlinks
- no JavaScript insertion via CSS expression()
- no overriding of site CSS via < style > tags
- no attacks via malicious href attributes in < a > or src attributes in < img >, < embed > or other media tags
- no damage to site layout via inserted CSS or width, height, or other HTML attributes
- no ability to break or compromise JavaScript applications by generating HTML tags with identifiers that collide with existing DOM identifiers.

Although the problems above could be solved by simply allowing a short white-list of HTML tags and no HTML attributes whatsoever, inserting raw HTML tags is a feature that non-technical users don’t need. And PottyMouth automatically detects most of the instances where the average user would want HTML tags.

Requirements:

• Python