summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xaurweb/scripts/rendercomment.py8
-rwxr-xr-xtest/t2600-rendercomment.sh3
2 files changed, 7 insertions, 4 deletions
diff --git a/aurweb/scripts/rendercomment.py b/aurweb/scripts/rendercomment.py
index 593cd36a..7e8a16b8 100755
--- a/aurweb/scripts/rendercomment.py
+++ b/aurweb/scripts/rendercomment.py
@@ -2,6 +2,7 @@
import sys
import bleach
+import markdown
import aurweb.db
@@ -22,9 +23,10 @@ def main():
conn = aurweb.db.Connection()
- html = get_comment(conn, commentid)
- html = html.replace('\n', '<br>')
- html = bleach.clean(html, tags=['br'])
+ text = get_comment(conn, commentid)
+ html = markdown.markdown(text, extensions=['nl2br'])
+ allowed_tags = bleach.sanitizer.ALLOWED_TAGS + ['p', 'br']
+ html = bleach.clean(html, tags=allowed_tags)
save_rendered_comment(conn, commentid, html)
conn.commit()
diff --git a/test/t2600-rendercomment.sh b/test/t2600-rendercomment.sh
index 8d79336d..50a5adb9 100755
--- a/test/t2600-rendercomment.sh
+++ b/test/t2600-rendercomment.sh
@@ -11,7 +11,8 @@ test_expect_success 'Test comment rendering.' '
EOD
"$RENDERCOMMENT" 1 &&
cat <<-EOD >expected &&
- Hello world!<br>This is a comment.
+ <p>Hello world!<br>
+ This is a comment.</p>
EOD
cat <<-EOD | sqlite3 aur.db >actual &&
SELECT RenderedComment FROM PackageComments WHERE ID = 1;