Le 2010-08-24 à 8:27, Louis-David Mitterrand a écrit : > Hi, > > I'm using perl's HTML::StripScripts to clean out unwanted/broken html > from forum post on my web site but it also removes <http://example.com> > or <[email protected]> markdown constructs. > > Any idea how to make these two live together in harmony?
Are you calling StripScripts before or after Markdown? You should always filter tags after converting to HTML, as it seems StripScripts was designed to filter HTML, not Markdown-formatted text. Long explanation: <http://michelf.com/weblog/2010/markdown-and-xss/> -- Michel Fortin [email protected] http://michelf.com/ _______________________________________________ Markdown-Discuss mailing list [email protected] http://six.pairlist.net/mailman/listinfo/markdown-discuss
