escape() and bleach.clean() are disabled... sanitizing does not render the html at all anymore...

2 years ago · de8027f68a
3 changed files with 3 additions and 3 deletions
--- a/octomode.py
+++ b/octomode.py
@ -80,7 +80,7 @@ def md_to_html(md_pad_content):
 	# html = bleach.clean(html)
 	
 	# Another built-in Flask way to sanitize
-	html = escape(html) 
+	# html = escape(html) 
 	html = Markup(html)
 	
 	return html
--- a/templates/pagedjs.html
+++ b/templates/pagedjs.html
@ -15,7 +15,7 @@
    </section>

    <section id="main">
-        <div id="wrapper">{{ pad_content | safe }}</div>
+        <div id="wrapper">{{ pad_content }}</div>
    </section>
 </body>
 </html>
--- a/templates/preview.html
+++ b/templates/preview.html
@ -13,7 +13,7 @@
    </section>

    <section id="main">
-        <div id="wrapper">{{ pad_content | safe }}</div>
+        <div id="wrapper">{{ pad_content }}</div>
    </section>
 </body>
 </html>