aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/edit/views.py
diff options
context:
space:
mode:
Diffstat (limited to 'mediagoblin/edit/views.py')
-rw-r--r--mediagoblin/edit/views.py10
1 files changed, 6 insertions, 4 deletions
diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py
index 2bc53a54..6c16a61e 100644
--- a/mediagoblin/edit/views.py
+++ b/mediagoblin/edit/views.py
@@ -17,11 +17,13 @@
from webob import exc
-from mediagoblin.util import render_to_response, redirect
+from mediagoblin.util import render_to_response, redirect, clean_html
from mediagoblin.edit import forms
from mediagoblin.edit.lib import may_edit_media
from mediagoblin.decorators import require_active_login, get_user_media_entry
+import markdown
+
@get_user_media_entry
@require_active_login
@@ -49,11 +51,11 @@ def edit_media(request, media):
media['title'] = request.POST['title']
media['description'] = request.POST.get('description')
- import markdown
md = markdown.Markdown(
safe_mode = 'escape')
- media['description_html'] = md.convert(
- media['description'])
+ media['description_html'] = clean_html(
+ md.convert(
+ media['description']))
media['slug'] = request.POST['slug']
media.save()
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-09 14:23:40 +0000