aboutsummaryrefslogtreecommitdiffstats
path: root/markdown.py
diff options
context:
space:
mode:
authorWaylan Limberg <waylan@gmail.com>2007-11-05 05:02:42 +0000
committerWaylan Limberg <waylan@gmail.com>2007-11-05 05:02:42 +0000
commit08369521f135175141775c1b4f812b49a1fcc27d (patch)
treed200a585ccec76e4105f69a4142f1db095699ceb /markdown.py
parent966689b9f17c28854d00d275743e8ea2eb77bd94 (diff)
downloadmarkdown-08369521f135175141775c1b4f812b49a1fcc27d.tar.gz
markdown-08369521f135175141775c1b4f812b49a1fcc27d.tar.bz2
markdown-08369521f135175141775c1b4f812b49a1fcc27d.zip
Added html escaping as an optional behavior to the default of removing html in safe_mode.
Diffstat (limited to 'markdown.py')
-rw-r--r--markdown.py14
1 files changed, 12 insertions, 2 deletions
diff --git a/markdown.py b/markdown.py
index c150b1f..6b7b09f 100644
--- a/markdown.py
+++ b/markdown.py
@@ -47,7 +47,7 @@ TAB_LENGTH = 4 # expand tabs to this many spaces
ENABLE_ATTRIBUTES = True # @id = xyz -> <... id="xyz">
SMART_EMPHASIS = 1 # this_or_that does not become this<i>or</i>that
HTML_REMOVED_TEXT = "[HTML_REMOVED]" # text used instead of HTML in safe mode
-
+ # If blank, html will be escaped.
RTL_BIDI_RANGES = ( (u'\u0590', u'\u07FF'),
# from Hebrew to Nko (includes Arabic, Syriac and Thaana)
(u'\u2D30', u'\u2D7F'),
@@ -913,13 +913,23 @@ class RawHtmlTextPostprocessor(Postprocessor) :
for i in range(self.stash.html_counter) :
html, safe = self.stash.rawHtmlBlocks[i]
if self.safeMode and not safe:
- html = HTML_REMOVED_TEXT
+ if HTML_REMOVED_TEXT:
+ html = HTML_REMOVED_TEXT
+ else:
+ html = self.escape(html)
text = text.replace("<p>%s\n</p>" % (HTML_PLACEHOLDER % i),
html + "\n")
text = text.replace(HTML_PLACEHOLDER % i, html)
return text
+ def escape(self, html):
+ ''' Basic html escaping '''
+ html = html.replace('&', '&amp;')
+ html = html.replace('<', '&lt;')
+ html = html.replace('>', '&gt;')
+ return html.replace('"', '&quot;')
+
RAWHTMLTEXTPOSTPROCESSOR = RawHtmlTextPostprocessor()
"""