using markdown in a forum?

Aristotle Pagaltzis pagaltzis at gmx.de
Sun May 2 08:01:06 EDT 2010

Previous message: using markdown in a forum?
Next message: using markdown in a forum?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Allan Odgaard <1EDF4D33-D1B1-4C97-A393-3D2B4EE5E095+Markdown at uuid-mail.com> [2010-05-01 13:15]:

> If you allow Markdown you need to consider whether or not you

> want to filter out HTML tags (you probably do want to filter

> them out due to security). If you do filter them out, you force

> users e.g. to use Markdown links which for non-technical users

> might be done best using some widget (but the same is true of

> BBCode).

The correct solution is to filter the *output* of Markdown based
on a tag whitelist. That way it doesn’t matter whether people
write `<em>foo</em>` or `*foo*`, as indeed it shouldn’t.

And it’s not impossible to write a 100% solid filter if you use
a *white*list applied to a real HTML parser.

Regards,
--
Aristotle Pagaltzis // <http://plasmasturm.org/>

Previous message: using markdown in a forum?
Next message: using markdown in a forum?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Markdown-Discuss mailing list