This would be safe but t may mess up the output. In principe the "text" inside <code/> should be allowed to contain any html including <script> but it should not be able to close the <code> tag. I think the right solution is:
MARKMIN(text, extra={"pre_with_code": lambda text: "<pre><code>{0}</code></pre>".format(cgi.escape(text))}) On Tuesday, 22 January 2013 05:09:57 UTC-6, Alan Etkin wrote: > > How about > > MARKMIN(text, extra={"pre_with_code": lambda text: > "<pre><code>{0}</code></pre>". > format(XML(text, sanitize=True))}) > > --