working on commonmark escaping

This commit is contained in:
Thomas Steen Rasmussen 2016-08-15 09:16:07 +02:00
parent fa6f168070
commit 2b16bc4901
3 changed files with 6 additions and 4 deletions

View file

@ -8,3 +8,4 @@ django-wkhtmltopdf>=3.0.0
Pillow==3.2.0 Pillow==3.2.0
qrcode==5.3 qrcode==5.3
CommonMark==0.6.4 CommonMark==0.6.4
django-bleach==0.3.0

View file

@ -1,6 +1,7 @@
import CommonMark import CommonMark, bleach
from django import template from django import template
from django.utils.safestring import mark_safe
from django.template.defaultfilters import stringfilter from django.template.defaultfilters import stringfilter
register = template.Library() register = template.Library()
@ -11,6 +12,6 @@ register = template.Library()
def commonmark(value): def commonmark(value):
parser = CommonMark.Parser() parser = CommonMark.Parser()
renderer = CommonMark.HtmlRenderer() renderer = CommonMark.HtmlRenderer()
ast = parser.parse(value) ast = parser.parse(bleach.clean(value))
return renderer.render(ast) return mark_safe(renderer.render(ast))

View file

@ -9,7 +9,7 @@ Village: {{ village.name }} | {{ block.super }}
<h3>{{ village.name }}</h3> <h3>{{ village.name }}</h3>
{{ village.description|escape|commonmark }} {{ village.description|commonmark }}
{% if user == village.contact %} {% if user == village.contact %}
<hr /> <hr />