Code

Opened 6 years ago

Closed 22 months ago

#6526 closed New feature (wontfix)

Add remove/escape/replace functions to markdown filter

Reported by: taojian Owned by: thomaspurchas
Component: contrib.markup Version: master
Severity: Normal Keywords: markup markdown
Cc: girzel@…, d1b, thomaspurchas Triage Stage: Accepted
Has patch: yes Needs documentation: yes
Needs tests: yes Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description

Markdown.py supports a variety of safe_modes, allowing users to replace HTML, escape it, or remove it cleanly. Django's markdown template filter currently doesn't support anything but replacement with a string. This patch to the markdown() function in django.contrib.markup.templatetags provides that ability, allowing users to pass "safe","remove","escape" or "replace" as the first argument in the extension list. Backwards compatibility is maintained.

Improvements to the patch are welcome...

Attachments (5)

markup.py (3.4 KB) - added by taojian 6 years ago.
new version of the markup filter
6526-mardown-html-removed-text.diff (660 bytes) - added by Timothée Peignier <tim@…> 6 years ago.
Adding settings to customize markdown remove text
6526-mardown-with-options-for-safe-mode.diff (947 bytes) - added by Timothée Peignier <tim@…> 6 years ago.
Markdown filter accepting options for safe_mode
6526-markdown-with-options-for-safe-mode.diff (948 bytes) - added by girzel@… 6 years ago.
6526-markdown-with-safe-options.diff (4.9 KB) - added by thomaspurchas 23 months ago.
Also includes tests

Download all attachments as: .zip

Change History (22)

Changed 6 years ago by taojian

new version of the markup filter

comment:1 Changed 6 years ago by taojian

  • Cc girzel@… added
  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset

comment:2 Changed 6 years ago by guettli

  • Triage Stage changed from Unreviewed to Someday/Maybe

I think this is a good snippet. But it is not important to have it in the django source. (my opinion)

comment:3 Changed 6 years ago by ubernostrum

  • Resolution set to invalid
  • Status changed from new to closed

Django's Markdown filter already allows you to use any Markdown extensions you have installed, including safe mode.

comment:4 Changed 6 years ago by Timothée Peignier <tim@…>

  • Resolution invalid deleted
  • Status changed from closed to reopened

In fact, we can use extensions but not passing options to safe_mode extension which are : 'remove', 'escape', 'replace' (see http://www.freewisdom.org/projects/python-markdown/Using_as_a_Module).

At least, it could be great to be able to change markdown.HTML_REMOVED_TEXT cleanup within Django settings.

Changed 6 years ago by Timothée Peignier <tim@…>

Adding settings to customize markdown remove text

Changed 6 years ago by Timothée Peignier <tim@…>

Markdown filter accepting options for safe_mode

Changed 6 years ago by girzel@…

comment:5 Changed 6 years ago by girzel@…

Fixed a typo: line 65 should be a comparison (==) not assignment (=)...

comment:6 Changed 3 years ago by Dana Woodman <dana@…>

This ticket has been sitting around for 2 years. Any chance we can see it implemented?

It is a simple, straightforward fix that works and does not cause any backward-incompatible changes. It enables the use of Markdown's VERY useful HTML replacing, which many (including me) need in our projects.

Is there a reason it hasn't been implemented? If not, when could we expect it integrated?

Who can I bribe with a beer to get this thing put into core?

comment:7 follow-up: Changed 3 years ago by lrekucki

  • milestone set to 1.4
  • Needs documentation set
  • Needs tests set
  • Patch needs improvement set
  • Triage Stage changed from Someday/Maybe to Accepted
  1. The patch needs unittests to show that it works correctly.
  2. It needs documentation. Current docs for markup are not very user friendly, but at least the doc string gives you some clue how to use it. Updating the docstring is a minimum. Write proper docs for those template tags for bonus points :)
  3. It needs some more work. My biggest annoyance is markdown.HTML_REMOVED_TEXT - I could live with it's content if it was translatable, but changing it to something more human-friendly is desirable. Also, while there probably are no extensions called "remove", "escape" and "replace" the names are a bit confusing. I propose using something like {{ text|markdown:"safe=replace,more_extensions" }} instead.

comment:8 Changed 3 years ago by gabrielhurley

  • Component changed from Contrib apps to contrib.markup

comment:9 Changed 3 years ago by julien

  • Type set to New feature

comment:10 Changed 3 years ago by d1b

  • Cc d1b added
  • Severity set to Normal

comment:11 Changed 3 years ago by jacob

  • milestone 1.4 deleted

Milestone 1.4 deleted

comment:12 Changed 3 years ago by anonymous

  • Easy pickings unset
  • UI/UX unset

+1!

comment:13 Changed 23 months ago by thomaspurchas

  • Owner changed from nobody to thomaspurchas
  • Status changed from reopened to new

comment:14 Changed 23 months ago by thomaspurchas

  • Status changed from new to assigned

comment:15 Changed 23 months ago by thomaspurchas

  • Cc thomaspurchas added

Changed 23 months ago by thomaspurchas

Also includes tests

comment:16 in reply to: ↑ 7 Changed 23 months ago by thomaspurchas

Replying to lrekucki:

  1. The patch needs unittests to show that it works correctly.
  2. It needs documentation. Current docs for markup are not very user friendly, but at least the doc string gives you some clue how to use it. Updating the docstring is a minimum. Write proper docs for those template tags for bonus points :)
  3. It needs some more work. My biggest annoyance is markdown.HTML_REMOVED_TEXT - I could live with it's content if it was translatable, but changing it to something more human-friendly is desirable. Also, while there probably are no extensions called "remove", "escape" and "replace" the names are a bit confusing. I propose using something like {{ text|markdown:"safe=replace,more_extensions" }} instead.

lrekucki I have implemented the safe mode setting using {{ text|markdown:"safe=replace,more_extensions" }} as you suggested, the attached patch also includes some new tests as well.

Also if you can still remember could you clarify what you mean by:

My biggest annoyance is markdown.HTML_REMOVED_TEXT - I could live with it's content if it was translatable, but changing it to something more human-friendly is desirable.

comment:17 Changed 22 months ago by claudep

  • Resolution set to wontfix
  • Status changed from assigned to closed

contrib.markup has been deprecated (#18504) and will be removed in Django 1.6. We won't add any new feature to it, and we encourage users to create external apps or contribute to an existing one. Closing as obsolete.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.