in bleach/sanitizer.py [0:0]
def disallowed_token(self, token):
token_type = token["type"]
if token_type == "EndTag":
token["data"] = f"</{token['name']}>"
elif token["data"]:
assert token_type in ("StartTag", "EmptyTag")
attrs = []
for (ns, name), v in token["data"].items():
# If we end up with a namespace, but no name, switch them so we
# have a valid name to use.
if ns and not name:
ns, name = name, ns
# Figure out namespaced name if the namespace is appropriate
# and exists; if the ns isn't in prefixes, then drop it.
if ns is None or ns not in html5lib_shim.prefixes:
namespaced_name = name
else:
namespaced_name = f"{html5lib_shim.prefixes[ns]}:{name}"
# NOTE(willkg): HTMLSerializer escapes attribute values
# already, so if we do it here (like HTMLSerializer does),
# then we end up double-escaping.
attrs.append(f' {namespaced_name}="{v}"')
token["data"] = f"<{token['name']}{''.join(attrs)}>"
else:
token["data"] = f"<{token['name']}>"
if token.get("selfClosing"):
token["data"] = f"{token['data'][:-1]}/>"
token["type"] = "Characters"
del token["name"]
return token