Mercurial > public > sg101

comparison core/markup.py @ 849:ff645a692791

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
For issue #79, use bleach to sanitize both user input markdown & html.
author Brian Neal <bgneal@gmail.com>
date Thu, 30 Oct 2014 19:30:37 -0500
parents 32ebe22f0cad
children 98d2388b6bb2
comparison
equal deleted inserted replaced
848:32ebe22f0cad 849:ff645a692791
6 from django.utils.encoding import force_unicode 6 from django.utils.encoding import force_unicode
7 7
8 from smiley import SmilifyMarkdown 8 from smiley import SmilifyMarkdown
9 from core.mdexts.urlize import UrlizeExtension 9 from core.mdexts.urlize import UrlizeExtension
10 from core.mdexts.deleted import DelExtension 10 from core.mdexts.deleted import DelExtension
11 from core.html import clean_html
12
11 13
12 class Markdown(object): 14 class Markdown(object):
13 """ 15 """
14 This is a thin wrapper around the Markdown class. 16 This is a thin wrapper around the Markdown class.
15 17
16 """ 18 """
17 def __init__(self, safe_mode='escape'): 19 def __init__(self):
18 self.md = _markdown.Markdown(safe_mode=safe_mode, 20 self.md = _markdown.Markdown(extensions=[
19 extensions=[
20 UrlizeExtension(), 21 UrlizeExtension(),
21 'markdown.extensions.nl2br', 22 'markdown.extensions.nl2br',
22 DelExtension(), 23 DelExtension(),
23 ]) 24 ])
24 25
25 def convert(self, s): 26 def convert(self, s):
26 return self.md.convert(force_unicode(s)) 27 return clean_html(self.md.convert(force_unicode(s)))
27 28
28 29
29 def markdown(s): 30 def markdown(s):
30 """ 31 """
31 A convenience function for one-off markdown jobs. 32 A convenience function for one-off markdown jobs.