working on commonmark escaping

requirements/base.txt

@@ -8,3 +8,4 @@ django-wkhtmltopdf>=3.0.0
 Pillow==3.2.0
 qrcode==5.3
 CommonMark==0.6.4
+django-bleach==0.3.0

utils/templatetags/commonmark.py

@@ -1,6 +1,7 @@
-import CommonMark
+import CommonMark, bleach
 
 from django import template
+from django.utils.safestring import mark_safe
 from django.template.defaultfilters import stringfilter
 
 register = template.Library()
@@ -11,6 +12,6 @@ register = template.Library()
 def commonmark(value):
     parser = CommonMark.Parser()
     renderer = CommonMark.HtmlRenderer()
-    ast = parser.parse(value)
+    ast = parser.parse(bleach.clean(value))
-    return renderer.render(ast)
+    return mark_safe(renderer.render(ast))
 

villages/templates/village_detail.html

@@ -9,7 +9,7 @@ Village: {{ village.name }} | {{ block.super }}
 
 <h3>{{ village.name }}</h3>
 
-{{ village.description|escape|commonmark }}
+{{ village.description|commonmark }}
 
 {% if user == village.contact %}
 <hr />