I would like to be able to sanitize the HTML tags of an input (from a form for instance, so that users don't mess up with HTML tags), but allow users to do some formatting through Textile (django.contrib.markup). Example below.
I have tried to escape the content in a filter before I Textil-ize it, like this {{ data|escape|textile }}
, but it doesn't work, it seems as if Textile un-escapes escaped characters.
How should I do?
Example of what I want to do:
Enter the following in my form :
<b>Bold with HTML tag ; should be escaped </b>
*Bold with textile tag; should appear bold*Result I would like to see in my template:
<b>Bold with HTML tag ; should be escaped </b>
Bold with textile tag; should appear bold
For the record, it is similar to this thread, but for Django: How do I textile and sanitize html?