I'm currently writing a blog application in django, and a part of what I want to do is allow some HTML in posts and comments. I discovered yesterday, more or less by accident, that the markdown filter actually allows some HTML.
I've been looking for a list of exactly what markdown allows, but I haven't been able to find one, so my question is if I will be sufficiently protected from all sorts of things if I apply the markdown filter, and nothing else. I'm an absolute beginner when it comes to security issues like these. Also, I would like to know how much HTML markdown allows. What I need is essentially links, formatting and div to control the placement of images. I've searched this group for information on the subject, and I came across this post http://groups.google.com/group/django-users/browse_thread/thread/60f76d731adf46af/323fb8685dbaa960 which mentions an HTML filter that sounds perfect, but the link to the source isn't working, so I don't know if it is maintained any more. Does anyone know? -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
