Markdown problem
8 views
Skip to first unread message
Johann Spies
Nov 24, 2009, 3:49:09 AM11/24/09
to web...@googlegroups.com
Is the markdown syntax in Web2Py compatible what is described in
http://daringfireball.net/projects/markdown/syntax where I found the following:
http://daringfireball.net/projects/markdown/syntax where I found the following:
"For any markup that is not covered by Markdown’s syntax, you simply
use HTML itself. There’s no need to preface it or delimit it to
indicate that you’re switching from Markdown to HTML; you just use the
tags."
However, when I try that in a wiki which is just a copy of the code in
the manual, I just get back what I have typed:
<table> <tr> <td>Foo</td> </tr> </table>
Regards
Johann
mdipierro
Nov 24, 2009, 11:22:38 AM11/24/09
to web2py-users
We use this
http://code.google.com/p/python-markdown2/
which claims compatibility.
When you do WIKI(....,safe_mode='escape') is default. Try with
safe_mode=None or safe_mode=True.
On Nov 24, 2:49 am, Johann Spies <johann.sp...@gmail.com> wrote:
> Is the markdown syntax in Web2Py compatible what is described inhttp://daringfireball.net/projects/markdown/syntaxwhere I found the following:
http://code.google.com/p/python-markdown2/
which claims compatibility.
When you do WIKI(....,safe_mode='escape') is default. Try with
safe_mode=None or safe_mode=True.
On Nov 24, 2:49 am, Johann Spies <johann.sp...@gmail.com> wrote:
> Is the markdown syntax in Web2Py compatible what is described inhttp://daringfireball.net/projects/markdown/syntaxwhere I found the following:
Johann Spies
Nov 26, 2009, 8:13:34 AM11/26/09
to web...@googlegroups.com
2009/11/24 mdipierro <mdip...@cs.depaul.edu>:
I am testing with "<h2>Post a comment</h2>":
> When you do WIKI(....,safe_mode='escape') is default. Try with
> safe_mode=None or safe_mode=True.
With "save_mode='escape'" the result is ""
With "save_mode=True" the result is "[HTML_REMOVED]Post a comment[HTML_REMOVED]"
:(
I am testing with "<h2>Post a comment</h2>":
> When you do WIKI(....,safe_mode='escape') is default. Try with
> safe_mode=None or safe_mode=True.
With "save_mode=True" the result is "[HTML_REMOVED]Post a comment[HTML_REMOVED]"
:(
mdipierro
Nov 26, 2009, 8:46:33 AM11/26/09
to web2py-users
I took a second look.
>>> WIKI('this <b>is</b> a test').xml()
'<p>this <b>is</b> a test</p>\n'
>>> WIKI('this <b>is</b> a test',safe_mode=True).xml()
'<p>this [HTML_REMOVED]is[HTML_REMOVED] a test</p>\n'
>>> WIKI('this <b>is</b> a test',safe_mode=False).xml()
'<p>this <b>is</b> a test</p>\n'
>>> WIKI('this <script>is</script> a test',safe_mode=False).xml()
'<p>this <script>is</script> a test</p>\n'
It seems safe_mode=False is the way to go but it does do any
sanitization either.
This is a problem with the markdown2 library we use.
For now you can do:
XML(WIKI('this <b>is</b> a test',safe_mode=False),sanitize=True)
until I finish rewriting markdown.
On Nov 26, 7:13 am, Johann Spies <johann.sp...@gmail.com> wrote:
> 2009/11/24 mdipierro <mdipie...@cs.depaul.edu>:
>>> WIKI('this <b>is</b> a test').xml()
'<p>this <b>is</b> a test</p>\n'
>>> WIKI('this <b>is</b> a test',safe_mode=True).xml()
'<p>this [HTML_REMOVED]is[HTML_REMOVED] a test</p>\n'
>>> WIKI('this <b>is</b> a test',safe_mode=False).xml()
'<p>this <b>is</b> a test</p>\n'
>>> WIKI('this <script>is</script> a test',safe_mode=False).xml()
'<p>this <script>is</script> a test</p>\n'
It seems safe_mode=False is the way to go but it does do any
sanitization either.
This is a problem with the markdown2 library we use.
For now you can do:
XML(WIKI('this <b>is</b> a test',safe_mode=False),sanitize=True)
until I finish rewriting markdown.
On Nov 26, 7:13 am, Johann Spies <johann.sp...@gmail.com> wrote:
> 2009/11/24 mdipierro <mdipie...@cs.depaul.edu>:
Johann Spies
Dec 15, 2009, 8:31:17 AM12/15/09
to web...@googlegroups.com
2009/11/26 mdipierro <mdip...@cs.depaul.edu>:
in show_page.html:
{{extend 'layout.html'}}
<h1>{{=page.title}}</h1>
[ {{=A('edit', _href=URL(r=request, f='edit', args=request.args))}}
| {{=A('documents', _href=URL(r=request, f='documents', args=request.
args))}} ]<br />
{{import gluon.contrib.markdown}}
{{=XML(gluon.contrib.markdown.WIKI(page.body,safe_mode=False),sanitize=True)}}
<h2>Comments</h2>
{{for comment in comments:}}
<p>{{=db.auth_user[comment.created_by].first_name}} on {{=comment.
created_on}}
says <I>{{=comment.body}}</i></p>
{{pass}}
And it ends in:
File "/home/js/web2py/gluon/html.py", line 257, in __init__
allowed_attributes)
File "/home/js/web2py/gluon/sanitizer.py", line 190, in sanitize
allowed_attributes=allowed_attributes).strip(text)
File "/home/js/web2py/gluon/sanitizer.py", line 150, in strip
rawstring = rawstring.replace("<%s/>" % tag, "<%s />" % tag)
AttributeError: 'XML' object has no attribute 'replace'
It is not urgent, just inconvenient. Maybe it is my own mistake somewhere.
Regards
Johann
> I took a second look.
>
>>>> WIKI('this <b>is</b> a test').xml()
> '<p>this <b>is</b> a test</p>\n'
>>>> WIKI('this <b>is</b> a test',safe_mode=True).xml()
> '<p>this [HTML_REMOVED]is[HTML_REMOVED] a test</p>\n'
>>>> WIKI('this <b>is</b> a test',safe_mode=False).xml()
> '<p>this <b>is</b> a test</p>\n'
>>>> WIKI('this <script>is</script> a test',safe_mode=False).xml()
> '<p>this <script>is</script> a test</p>\n'
>
>
> It seems safe_mode=False is the way to go but it does do any
> sanitization either.
> This is a problem with the markdown2 library we use.
>
> For now you can do:
>
> XML(WIKI('this <b>is</b> a test',safe_mode=False),sanitize=True)
>
> until I finish rewriting markdown.
Thanks for your reply. I am only now trying it out with the following
>
>>>> WIKI('this <b>is</b> a test').xml()
> '<p>this <b>is</b> a test</p>\n'
>>>> WIKI('this <b>is</b> a test',safe_mode=True).xml()
> '<p>this [HTML_REMOVED]is[HTML_REMOVED] a test</p>\n'
>>>> WIKI('this <b>is</b> a test',safe_mode=False).xml()
> '<p>this <b>is</b> a test</p>\n'
>>>> WIKI('this <script>is</script> a test',safe_mode=False).xml()
> '<p>this <script>is</script> a test</p>\n'
>
>
> It seems safe_mode=False is the way to go but it does do any
> sanitization either.
> This is a problem with the markdown2 library we use.
>
> For now you can do:
>
> XML(WIKI('this <b>is</b> a test',safe_mode=False),sanitize=True)
>
> until I finish rewriting markdown.
in show_page.html:
{{extend 'layout.html'}}
<h1>{{=page.title}}</h1>
[ {{=A('edit', _href=URL(r=request, f='edit', args=request.args))}}
| {{=A('documents', _href=URL(r=request, f='documents', args=request.
args))}} ]<br />
{{import gluon.contrib.markdown}}
{{=XML(gluon.contrib.markdown.WIKI(page.body,safe_mode=False),sanitize=True)}}
<h2>Comments</h2>
{{for comment in comments:}}
<p>{{=db.auth_user[comment.created_by].first_name}} on {{=comment.
created_on}}
says <I>{{=comment.body}}</i></p>
{{pass}}
<h2>Post a comment</h2>
{{=form}}
And it ends in:
File "/home/js/web2py/gluon/html.py", line 257, in __init__
allowed_attributes)
File "/home/js/web2py/gluon/sanitizer.py", line 190, in sanitize
allowed_attributes=allowed_attributes).strip(text)
File "/home/js/web2py/gluon/sanitizer.py", line 150, in strip
rawstring = rawstring.replace("<%s/>" % tag, "<%s />" % tag)
AttributeError: 'XML' object has no attribute 'replace'
It is not urgent, just inconvenient. Maybe it is my own mistake somewhere.
Regards
Johann
mdipierro
Dec 15, 2009, 10:12:35 AM12/15/09
to web2py-users
XML(gluon.contrib.markdown.WIKI
(page.body,safe_mode=False),sanitize=True)}}
should be
XML(gluon.contrib.markdown.WIKI(page.body,safe_mode=False).xml
(),sanitize=True)}}
On Dec 15, 7:31 am, Johann Spies <johann.sp...@gmail.com> wrote:
> 2009/11/26 mdipierro <mdipie...@cs.depaul.edu>:
(page.body,safe_mode=False),sanitize=True)}}
should be
XML(gluon.contrib.markdown.WIKI(page.body,safe_mode=False).xml
(),sanitize=True)}}
On Dec 15, 7:31 am, Johann Spies <johann.sp...@gmail.com> wrote:
> 2009/11/26 mdipierro <mdipie...@cs.depaul.edu>:
Johann Spies
Dec 18, 2009, 4:28:04 AM12/18/09
to web...@googlegroups.com
2009/12/15 mdipierro <mdip...@cs.depaul.edu>:
> XML(gluon.contrib.markdown.WIKI
> (page.body,safe_mode=False),sanitize=True)}}
>
> should be
>
> XML(gluon.contrib.markdown.WIKI(page.body,safe_mode=False).xml
> (),sanitize=True)}}
>
> XML(gluon.contrib.markdown.WIKI
> (page.body,safe_mode=False),sanitize=True)}}
>
> should be
>
> XML(gluon.contrib.markdown.WIKI(page.body,safe_mode=False).xml
> (),sanitize=True)}}
>
Thanks. Now the error message is gone.
As a test the following kode:
-----------------------------------------
###kopstuk###
Kyk wat gebeur
------------------------
produces the following html:
<!-- <h3>kopstuk</h3>
<p>Kyk wat gebeur</p>
-->
<h3>kopstuk</h3>
<p>Kyk wat gebeur</p>
When I switch off sanitize it works correctly, but I suspect that is unsafe.
Regards
Johann
Reply all
Reply to author
Forward
0 new messages