Owen Gong

??? how to solve

I used [python-xss-filter](https://github.com/phith0n/python-xss-filter) to render it again: ``` @register.filter(name="purifier") def html_purifier_filter(value): parser = XssHtml() parser.feed(value) parser.close() return parser.getHtml() html_purifier_filter.is_safe = True ``` Then in template ··· {{ post.content | markdown...

@RaminFP e... django-markup used python-markdown, it doesn't seem to support extra 'code-friendly', so anything between underscores will be converted into _italic_ or **bold**?

I ran into the same problem.

不会的，明显的BUG会进行更新，暂时不做功能上的迭代了。

好，我这几日慢慢看

可能是你提交的SQL语句太大？还是什么原因，这个得查Mysql的日志。 参考一下：https://stackoverflow.com/questions/14163429/python-and-django-operationalerror-2006-mysql-server-has-gone-away 建议使用postgres作为数据库。

> This makes the string safe for use in HTML and JavaScript or JSON string literals I don't think it's OK. It's unsafe not just in ES6 template literals, but...

@adamchainz Hi, try this one: ``` In [1]: from django.template import Template, Context In [2]: t = Template("""click me""") In [3]: print(t.render(Context({"q": "%27%2Balert%281%29%2B%27"}))) click me ``` `alert(1)` will be execute...

> > @adamchainz Hi, try this one: > > ``` > > In [2]: t = Template("""click me""") > > ``` > > But that's due to a bug in...