]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/models/comment.py
Prevent XSS attacks with wmd using the google-caja html sanitizer.
[osqa.git] / forum / models / comment.py
index 32fdf5dfe3596c91858e424b262548ac635023b2..afa674f403381c658980d3420f2f2f53673e1180 100644 (file)
@@ -16,9 +16,11 @@ class Comment(Node):
 
     @property
     def comment(self):
+        return self._comment()
+
+    def _comment(self):
         if settings.FORM_ALLOW_MARKDOWN_IN_COMMENTS:
-           # Avoid doing double replacement of backslashes
-            return self._as_markdown_raw(self.body,'limitedsyntax')
+            return self.as_markdown('limitedsyntax')
         else:
             return self.body