You can view the full implementation details on ReadTheDocs .

It uses a clean function to strip or escape "evil" (malicious) HTML tags.

If you can tell me which specific "Bleach" you're referring to, I can provide: