#17994: Markdown safe mode fails to return result if there's link in content
---------------------------------+------------------------------------
Reporter: simonas@… | Owner: nobody
Type: Bug | Status: closed
Component: contrib.markup | Version: 1.4
Severity: Release blocker | Resolution: wontfix
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
---------------------------------+------------------------------------
Changes (by ptone):
* status: reopened => closed
* resolution: => wontfix
Comment:
Because Django only provides a simple on/off 'safe' option to the markup
tag, the output needs to be the most secure - which includes setting
enable_attributes false. Hopefully python-markdown can get this bug
fixed, if you are impacted by this bug you might:
* consider contributing a fix to python-markdown
* create your own tag using an alternate markdown library (ie markdown2
https://github.com/trentm/python-markdown2)
* turning off safe mode, and running the output through a sanitizing
filter like 'bleach' http://pypi.python.org/pypi/bleach
--
Ticket URL: <https://code.djangoproject.com/ticket/17994#comment:6>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
