from webob import exc
-from mediagoblin.util import render_to_response, redirect
+from mediagoblin.util import render_to_response, redirect, clean_html
from mediagoblin.edit import forms
from mediagoblin.edit.lib import may_edit_media
from mediagoblin.decorators import require_active_login, get_user_media_entry
+import markdown
+
@get_user_media_entry
@require_active_login
media['title'] = request.POST['title']
media['description'] = request.POST.get('description')
- import markdown
md = markdown.Markdown(
safe_mode = 'escape')
- media['description_html'] = md.convert(
- media['description'])
+ media['description_html'] = clean_html(
+ md.convert(
+ media['description']))
media['slug'] = request.POST['slug']
media.save()
from werkzeug.utils import secure_filename
-from mediagoblin.util import render_to_response, redirect
+from mediagoblin.util import render_to_response, redirect, clean_html
from mediagoblin.decorators import require_active_login
from mediagoblin.submit import forms as submit_forms, security
from mediagoblin.process_media import process_media_initial
+import markdown
+
@require_active_login
def submit_start(request):
entry['title'] = request.POST['title'] or unicode(splitext(filename)[0])
entry['description'] = request.POST.get('description')
- import markdown
md = markdown.Markdown(
safe_mode = 'escape')
- entry['description_html'] = md.convert(
- entry['description'])
+ entry['description_html'] = clean_html(
+ md.convert(
+ entry['description']))
entry['media_type'] = u'image' # heh
entry['uploader'] = request.user['_id']
projects / mediagoblin.git / commitdiff