Spaces:
Sleeping
Sleeping
Update app.py
Browse files
app.py
CHANGED
|
@@ -127,10 +127,8 @@ def render_message(history):
|
|
| 127 |
|
| 128 |
seen_messages = set() # Track (role, message) pairs to avoid duplicates
|
| 129 |
|
| 130 |
-
# Tags and attributes explicitly allowed
|
| 131 |
allowed_tags = [
|
| 132 |
-
'p', 'strong', 'em', 'ul', 'ol', 'li', 'a', 'code', 'pre', 'br', 'blockquote', 'hr',
|
| 133 |
-
'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img'
|
| 134 |
]
|
| 135 |
allowed_attributes = {
|
| 136 |
'*': ['class', 'style'],
|
|
@@ -138,18 +136,14 @@ def render_message(history):
|
|
| 138 |
'img': ['src', 'alt', 'title', 'width', 'height']
|
| 139 |
}
|
| 140 |
|
| 141 |
-
# Iterate through history and render each message
|
| 142 |
for user_message, assistant_message, user_profile, assistant_profile, user_pic, assistant_pic in history:
|
| 143 |
if user_message and ("user", user_message) not in seen_messages:
|
| 144 |
seen_messages.add(("user", user_message))
|
| 145 |
-
# Render markdown -> sanitize output
|
| 146 |
user_message_html = markdown.markdown(
|
| 147 |
-
user_message,
|
| 148 |
extensions=["fenced_code", "codehilite"]
|
| 149 |
)
|
| 150 |
-
user_message_html = bleach.clean(
|
| 151 |
-
user_message_html, tags=allowed_tags, attributes=allowed_attributes, strip=True
|
| 152 |
-
)
|
| 153 |
messages_html += f"""
|
| 154 |
<div style='display: flex; flex-direction: column; align-items: flex-start; margin-bottom: 10px;'>
|
| 155 |
<img src='{user_pic}' style='width: 40px; height: 40px; border-radius: 50%; margin-bottom: 5px;'>
|
|
@@ -158,14 +152,11 @@ def render_message(history):
|
|
| 158 |
|
| 159 |
if assistant_message and ("assistant", assistant_message) not in seen_messages:
|
| 160 |
seen_messages.add(("assistant", assistant_message))
|
| 161 |
-
# Render markdown -> sanitize output
|
| 162 |
assistant_message_html = markdown.markdown(
|
| 163 |
-
assistant_message,
|
| 164 |
extensions=["fenced_code", "codehilite"]
|
| 165 |
)
|
| 166 |
-
assistant_message_html = bleach.clean(
|
| 167 |
-
assistant_message_html, tags=allowed_tags, attributes=allowed_attributes, strip=True
|
| 168 |
-
)
|
| 169 |
messages_html += f"""
|
| 170 |
<div style='display: flex; flex-direction: column; align-items: flex-start; margin-bottom: 10px;'>
|
| 171 |
<img src='{assistant_pic}' style='width: 40px; height: 40px; border-radius: 50%; margin-bottom: 5px;'>
|
|
@@ -176,7 +167,6 @@ def render_message(history):
|
|
| 176 |
return messages_html
|
| 177 |
|
| 178 |
|
| 179 |
-
|
| 180 |
def escape_html(unsafe_text):
|
| 181 |
escaped_text = ''.join(f"&#{ord(char)};" if char not in ('\n', '\r') else '<br>' for char in unsafe_text)
|
| 182 |
return escaped_text
|
|
|
|
| 127 |
|
| 128 |
seen_messages = set() # Track (role, message) pairs to avoid duplicates
|
| 129 |
|
|
|
|
| 130 |
allowed_tags = [
|
| 131 |
+
'p', 'strong', 'em', 'ul', 'ol', 'li', 'a', 'code', 'pre', 'br', 'blockquote', 'hr', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img'
|
|
|
|
| 132 |
]
|
| 133 |
allowed_attributes = {
|
| 134 |
'*': ['class', 'style'],
|
|
|
|
| 136 |
'img': ['src', 'alt', 'title', 'width', 'height']
|
| 137 |
}
|
| 138 |
|
|
|
|
| 139 |
for user_message, assistant_message, user_profile, assistant_profile, user_pic, assistant_pic in history:
|
| 140 |
if user_message and ("user", user_message) not in seen_messages:
|
| 141 |
seen_messages.add(("user", user_message))
|
|
|
|
| 142 |
user_message_html = markdown.markdown(
|
| 143 |
+
escape_html(user_message),
|
| 144 |
extensions=["fenced_code", "codehilite"]
|
| 145 |
)
|
| 146 |
+
user_message_html = bleach.clean(user_message_html, tags=allowed_tags, attributes=allowed_attributes, strip=True)
|
|
|
|
|
|
|
| 147 |
messages_html += f"""
|
| 148 |
<div style='display: flex; flex-direction: column; align-items: flex-start; margin-bottom: 10px;'>
|
| 149 |
<img src='{user_pic}' style='width: 40px; height: 40px; border-radius: 50%; margin-bottom: 5px;'>
|
|
|
|
| 152 |
|
| 153 |
if assistant_message and ("assistant", assistant_message) not in seen_messages:
|
| 154 |
seen_messages.add(("assistant", assistant_message))
|
|
|
|
| 155 |
assistant_message_html = markdown.markdown(
|
| 156 |
+
escape_html(assistant_message),
|
| 157 |
extensions=["fenced_code", "codehilite"]
|
| 158 |
)
|
| 159 |
+
assistant_message_html = bleach.clean(assistant_message_html, tags=allowed_tags, attributes=allowed_attributes, strip=True)
|
|
|
|
|
|
|
| 160 |
messages_html += f"""
|
| 161 |
<div style='display: flex; flex-direction: column; align-items: flex-start; margin-bottom: 10px;'>
|
| 162 |
<img src='{assistant_pic}' style='width: 40px; height: 40px; border-radius: 50%; margin-bottom: 5px;'>
|
|
|
|
| 167 |
return messages_html
|
| 168 |
|
| 169 |
|
|
|
|
| 170 |
def escape_html(unsafe_text):
|
| 171 |
escaped_text = ''.join(f"&#{ord(char)};" if char not in ('\n', '\r') else '<br>' for char in unsafe_text)
|
| 172 |
return escaped_text
|