New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTML Code getting removed. #25
Comments
Because we using safe mode for default configuration:
But, you can also see what docs says:
|
Very very thanks for the quick response.
Regards,
Astik Anand
…On Sat, Mar 17, 2018 at 10:35 PM, agus makmun ***@***.***> wrote:
Because we using safe mode for default configuration:
MARTOR_MARKDOWN_SAFE_MODE = True
This case especially to handle xss injection, looks like
<script>location.reload();</script> or etc.
But, you can also see what docs says
<https://python-markdown.github.io/reference/#safe_mode>:
- False - Raw HTML is passed through unaltered.
- "replace" - Replace all HTML blocks with the text assigned to
html_replacement_text
- "remove" - All raw HTML will be completely stripped from the text
with no warning to the author.
- "escape" - All raw HTML will be escaped and included in the document.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#25 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AIiwTBCk224KUVyZ_W-msJjs_7xdgLBmks5tfUJhgaJpZM4Su0Ou>
.
|
@agusmakmun, When my field contains HTML as shown below, editing MARTOR_MARKDOWN_SAFE_MODE only gives me the html tags (image attached) formatted in with the text. However, I'd like these tags to be used to actually format the field itself. For example, if there is a
|
@jdhurwitz yes of course, you should change to
|
@agusmakmun Right, I have done that, but my text shown in the first box appears with the tags, whereas I want it to actually parse the tags and display it formatted. |
Simply safe the markdown content as html ouput with loading the templatetags from
|
Hi, is there any way, in which I can add the html too ? e.g. if I want to embed a youtube video in my article or a tweet? It says <HTML_REMOVED>. |
@uditvashisht you just need to add the youtube link into editor, don't use |
In that case, it's not possible to align that video at the centre. Also what about Twitter threads...
…Sent from my iPhone
On 04-Apr-2019, at 18:47, agus makmun ***@***.***> wrote:
@uditvashisht you just need to add the youtube link into editor, don't use <iframe or <embed syntax.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
Whenever any HTML Code is written inside the editor it is being removed as
[HTML_REMOVED]
.Ideally, this should not happen. Can you please have a look into it.
The text was updated successfully, but these errors were encountered: