From c4d9b2b8f2675a22c14a6e6eb33d76c99718e5db Mon Sep 17 00:00:00 2001
From: signebedi <signe@siftingwinnowing.com>
Date: Tue, 17 Sep 2024 17:24:15 -0500
Subject: [PATCH] Added: [untested] low trust html sanitizer (#341)

---
 libreforms_fastapi/utils/docs.py              | 1 +
 libreforms_fastapi/utils/document_database.py | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/libreforms_fastapi/utils/docs.py b/libreforms_fastapi/utils/docs.py
index bf1c405..18b0560 100644
--- a/libreforms_fastapi/utils/docs.py
+++ b/libreforms_fastapi/utils/docs.py
@@ -25,6 +25,7 @@
 
 sanitizer = Sanitizer(sanitizer_config)
 
+low_trust_sanitizer = Sanitizer()
 
 class UnsafeHtmlContentError(Exception):
     """Custom exception for unsafe HTML content."""
diff --git a/libreforms_fastapi/utils/document_database.py b/libreforms_fastapi/utils/document_database.py
index 33218b6..148e09c 100644
--- a/libreforms_fastapi/utils/document_database.py
+++ b/libreforms_fastapi/utils/document_database.py
@@ -23,8 +23,8 @@
 # This import is used to afix digital signatures to records
 from libreforms_fastapi.utils.certificates import sign_record, verify_record_signature
 
-# This import is used to sanitize data on writes
-from libreforms_fastapi.utils.docs import sanitizer
+# This import is used to sanitize data
+from libreforms_fastapi.utils.docs import low_trust_sanitizer as sanitizer
 
 
 # Mapping of string operators to actual functions, used as query parameters