dcolish / flask-markdown Goto Github PK
View Code? Open in Web Editor NEWMarkdown jinja2 extension for Flask
License: Other
Markdown jinja2 extension for Flask
License: Other
I have Flask running under defaults which automatically escape any variable referenced in a template. If I pass a variable named injection
to my template with a value of <script>alert('bad news');</script>
, the following things happen based on the template code:
{{ injection }}
prints the text <script>alert('bad news');</script>
{{ injection|markdown }}
runs the JS and pops up an alert window
{{ injection|e|markdown }}
, which explicitly escapes the text, seems to prevent the JS from running, plus Markdown works normally. So, this works.
It would preferable to not override this safe default which people are accustomed to when using Flask.
edit: for clarity
Hi there !
Just installed your flask extension and I can't seem to get it to work:
{% extends "main/main.html" %}
{% block body %}
{% filter markdown %}
oA (**OpenApprentice**) is a new look on solving a very specific problem:
How to get people the exact experience necessary to achieve competence in any given domain; and in gaining that competence, achieve it in an effecient, personalized and verifiable manner?
The world today has the technology to solve nearly all problems. From education, to medicine, to space travel and entertainment. From economic disparity within and between countries to income inequility between the the very poorest to the very richest. From agriculture to self-driving vehicles. The technology exists or the know-how exists to apply the existing technologies to these problems.
What we are missing are enough competent technicians, leaders, teachers and programmers. We are missing problem solvers, independent thinkers, scientists and artists. And so OpenApprentice is founded to provide a very real and useable path for those willing to apprentice, learn, teach and gain the experience necessary to accomplish the solutions within a company they are hired to work for or to start their own company or activity in the accomplishment of their unique visions.
OpenApprentice was created on the premise that competence, ability to learn, teach and lead, proven reliability and proven performance are alone the measure of ones value to a company and to society. That with these requisites, one's age, color, sex, and even geographic location (in most cases) should not determine or influence the value to any given project, organization or company.
We believe that when workers have options and know they have options within and for their careers, that this freedom alone permits for the best and most humane contribution. With that freedom and choice of where and who to work for, more good than evil will be affected. For our basic premise and empirically evident, is that the overwhelming majority of human beings are good and well intentioned, and these, the good and well intentioned should not fall prey to the whims of the smallest minority.
{% endfilter %}
{% endblock %}
Can it be because of bootstrap ?
Not sure if only I had this problem.
For Flask 0.9 (for the two ways):
from flaskext.markdown import Markdown
from flask.ext.markdown import Markdown
the result is:
ImportError: No module named flaskext.markdown
ImportError: No module named flask.ext.markdown
I solved it with this:
Hi,
Python Markdown has the feature of not reseting between uses of Markdown.convert()
but this is sometimes undesirable. Sometimes it's desirable to do a reset before each call. And this is best handled (imho) within Flask-Markdown.
I've modified my local version of flask-markdown to have a auto_reset
flag, much like the auto_escape
flag.
I'm happy to do a pull request to add it in, but want to gauge interest first.
Thoughts?
Cheers,
Ben
Hello,
Following the evolution of Flask, an error appears on the "flask-markdown" module.
Would it be possible to fix the module to fit Flask 3.x. x?
Thank you for your help,
I have a help file with a numbered list. Some list items have sub-lists, either numbered or bullet points. The first level of nesting is incorrectly promoted to the top level. The second level of nesting is handled appropriately, after incorrectly promoting the first nested level to the top level :-(
Below is a snippet of the markdown that renders incorrectly, excerpted from https://github.com/commonloon/coha-gcloud/blob/main/static/HELP.md
Hey, I can't seem to get the md syntax for strike
<strike></strike>
to render, is this inside flask-markdown or elsewhere?
Thanks!
Is there anyway to incorporate the flask/jinja url_for links into a markdown url?
I'm trying [link text]( {{ url_for('my_site.route') }} ), which doesn't work.
On mac osx 10.6 and on my dreamhost account using easy_install results in the following error.
error: Couldn't find a setup script in /tmp/easy_install-zRzxMy/Flask-Markdown-0.3.macosx-10.3-fat.tar.gz
Works if I download it from here.
I've set Markdown(app, extensions=['footnotes','toc'])
, and I have my docs generated in HTML,
{% filter markdown %}{% include "docs.md" %} {% endfilter %}
I'd like to generate a table of contents within Jinja template. How is it can be done?
At the moment I am not able to initiate flask-markdown with the application factory pattern. Would be nice if this will be supported in future.
from flaskext.markdown import Markdown
markdown = Markdown()
def create_app(config_name):
app = Flask(__name__)
markdown.init_app(app)
Btw standard flask extensions can be imported like from flask_markdown import Markdown
. Why is it not like this?
Hi , I'm new to flask . But I get an error:
ImportError: No module named markdown
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.