4

I'm using Redcarpet as a Markdown renderer and I would like to be able to display html or any text with < and > without it to be parsed.

Here is an illustration of what should happen:

The user types 

I *want* to write <code>

The source of this comment when sent back by the server should be

I <em>want</em> to write &lt;code&gt;

Problem is since the renderer outputs escaped html when parsing the Markdown, I get:

I &lt;em&gt;want&lt;/em&gt; to write &lt;code&gt;

Therefore I can't distinguish between the html that people send to the server and the html that is generated by the Redcarpet renderer. If I do a .html_safe on this, my markdown will be interpreted but the user-inputted html too, which shouldn't.

Any idea on how to fix this? Note that the idea would be to display (but not parse) user-inputted html even if the user didn't use the backticks ` as expected with markdown.

Here is the relevant bit of code : 

# this is our markdown helper used in our views
def markdown(text, options=nil)
    options = [:no_intra_emphasis => true, ...]

    renderer = MarkdownRenderer.new(:filter_html => false, ...)

    markdown = Redcarpet::Markdown.new(renderer, *options)
    markdown.render(text).html_safe
end
nimser
  • 620
  • 2
  • 9
  • 22
  • 1
    Why not parse the code when the user submits it and surround it with markdown to identify it as code? Or just get your users to use the correct markdown. Since they're already adding asterisks why can't they add backticks for code? – Jon Jun 24 '14 at 06:57
  • swap redcarpet for pandoc? https://github.com/alphabetum/pandoc-ruby – mb21 Jul 05 '14 at 18:40

1 Answers1

1

If I understand you correctly you just want <code> as normal text and not as an HTML element.

For that you need to escape the < and > with a backslash:

I *want* to write \<code\>
Daniel
  • 4,082
  • 3
  • 27
  • 46