aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--mediagoblin/db/models.py3
-rw-r--r--mediagoblin/edit/views.py4
-rw-r--r--mediagoblin/templates/mediagoblin/utils/profile.html6
3 files changed, 9 insertions, 4 deletions
diff --git a/mediagoblin/db/models.py b/mediagoblin/db/models.py
index 918dee0e..ba8162ed 100644
--- a/mediagoblin/db/models.py
+++ b/mediagoblin/db/models.py
@@ -46,7 +46,8 @@ class User(Document):
'verification_key': unicode,
'is_admin': bool,
'url' : unicode,
- 'bio' : unicode
+ 'bio' : unicode, # May contain markdown
+ 'bio_html': unicode, # May contain plaintext, or HTML
}
required_fields = ['username', 'created', 'pw_hash', 'email']
diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py
index 3bcf788b..fac1f41d 100644
--- a/mediagoblin/edit/views.py
+++ b/mediagoblin/edit/views.py
@@ -101,6 +101,10 @@ def edit_profile(request):
if request.method == 'POST' and form.validate():
user['url'] = request.POST['url']
user['bio'] = request.POST['bio']
+
+ md = markdown.Markdown(safe_mode = 'escape')
+ user['bio_html'] = clean_html(md.convert(user['bio']))
+
user.save()
messages.add_message(request,
diff --git a/mediagoblin/templates/mediagoblin/utils/profile.html b/mediagoblin/templates/mediagoblin/utils/profile.html
index f44defa5..d9b121f6 100644
--- a/mediagoblin/templates/mediagoblin/utils/profile.html
+++ b/mediagoblin/templates/mediagoblin/utils/profile.html
@@ -18,9 +18,9 @@
{% block profile_content -%}
{% if user.bio %}
- <p>
- {{ user.bio }}
- </p>
+ {% autoescape False %}
+ <p>{{ user.bio_html }}</p>
+ {% endautoescape %}
{% endif %}
{% if user.url %}
<p>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-16 16:25:06 +0000