Markdown Lite
Michel Fortin
michel.fortin at michelf.com
Sun Jan 16 15:40:01 EST 2005
Le 16 janv. 2005, à 0:27, Matt Mullenweg a écrit :
> I wouldn't worry about HTML sanitation, there are existing tools that
> cover that quite well.
That's my opinion too. I believe that the best way to use Markdown in
comments is to process the text as Markdown does it now, then take the
resulting HTML output and strip any undesired tags or attributes.
> What would be a good starting point for Markdown-for-comments or Lite
> or whatever would be two-way conversion out of the box, enabling and
> disabling of features, and a really user-friendly introduction.
Two-way conversion... you can't really do that with Markdown because
there is three different ways to make links (inline, reference and
automatic) and you can't distinguish them in the HTML result. So you
will end up converting any links to one of these syntaxes. That's what
Aaron Swartz's HTML2Text is doing: everything is a reference-style link
where the reference is a number.
This could be acceptable in some contexts, but I think it's not much
user-friendly to change the source the user has written when he wants
to edit it again.
> I don't know about allowing HTML in addition to Markdown, it would
> certainly simplify some parts if the source text could be assumed tobe
> Markdown-only.
What about a two level specification:
Level 1:
Markdown as we know it, but without inline HTML support.
Level 2:
Adds inline HTML blocks and spans, special attributes (id, classes,
and others).
The idea behind level 2 is it can produce undesirable HTML, like
"script" tags, ids and classes or even "onclick" attributes that needs
to be filtered anyway in a comment form context. If you have such
filtering in place in the comment form then you can use level 2, but if
not you can stick to level 1 and stay safe.
This could also ease the creation of new Markdown implementations that
can only support level 1... like an implementation that could convert
Markdown text to something else than HTML -- RTF comes to mind.
Last thing: some sort of option would be needed to prevent headers in
comments when using Markdown level 1.
Michel Fortin
michel.fortin at michelf.com
http://www.michelf.com/
More information about the Markdown-Discuss
mailing list