OK. I found the answer to my own question. Page 128 of Practical
Django Projects, 2nd Edition, by James Bennett gives the solution.
Write the following:
{{ input_text|markdown:"safe" }}
Note there must be no space between the colon and the quote, despite
what is in the book. Note also that this solution is not provided in
the documentation of the markup package, which simply says "read the
source code for more details". Sheesh!
Rodney
On Aug 23, 6:45 pm, Rodney Topor <r.to...@gmail.com> wrote:
> Um, Markdown is supposed to allow users to enter marked-up text
> safely, isn't it? But the output of the markdown filter is assumed to
> be safe. Writing {{ input_text|escape|markdown }} in a template
> doesn't appear to escape raw HTML in the input text before the
> markdown filter is applied. So how can one use markdown safely?
>
> Rodney
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
