diff options
| author | Waylan Limberg <waylan@gmail.com> | 2007-11-05 05:02:42 +0000 |
|---|---|---|
| committer | Waylan Limberg <waylan@gmail.com> | 2007-11-05 05:02:42 +0000 |
| commit | 08369521f135175141775c1b4f812b49a1fcc27d (patch) | |
| tree | d200a585ccec76e4105f69a4142f1db095699ceb | |
| parent | 966689b9f17c28854d00d275743e8ea2eb77bd94 (diff) | |
| download | markdown-08369521f135175141775c1b4f812b49a1fcc27d.tar.gz markdown-08369521f135175141775c1b4f812b49a1fcc27d.tar.bz2 markdown-08369521f135175141775c1b4f812b49a1fcc27d.zip | |
Added html escaping as an optional behavior to the default of removing html in safe_mode.
| -rw-r--r-- | markdown.py | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/markdown.py b/markdown.py index c150b1f..6b7b09f 100644 --- a/markdown.py +++ b/markdown.py @@ -47,7 +47,7 @@ TAB_LENGTH = 4 # expand tabs to this many spaces ENABLE_ATTRIBUTES = True # @id = xyz -> <... id="xyz"> SMART_EMPHASIS = 1 # this_or_that does not become this<i>or</i>that HTML_REMOVED_TEXT = "[HTML_REMOVED]" # text used instead of HTML in safe mode - + # If blank, html will be escaped. RTL_BIDI_RANGES = ( (u'\u0590', u'\u07FF'), # from Hebrew to Nko (includes Arabic, Syriac and Thaana) (u'\u2D30', u'\u2D7F'), @@ -913,13 +913,23 @@ class RawHtmlTextPostprocessor(Postprocessor) : for i in range(self.stash.html_counter) : html, safe = self.stash.rawHtmlBlocks[i] if self.safeMode and not safe: - html = HTML_REMOVED_TEXT + if HTML_REMOVED_TEXT: + html = HTML_REMOVED_TEXT + else: + html = self.escape(html) text = text.replace("<p>%s\n</p>" % (HTML_PLACEHOLDER % i), html + "\n") text = text.replace(HTML_PLACEHOLDER % i, html) return text + def escape(self, html): + ''' Basic html escaping ''' + html = html.replace('&', '&') + html = html.replace('<', '<') + html = html.replace('>', '>') + return html.replace('"', '"') + RAWHTMLTEXTPOSTPROCESSOR = RawHtmlTextPostprocessor() """ |