-1

I am using bootstrap-markdown to add a markdown editor to my page and save the content parsed to html in the database. The problem is that (although i believe it should) it does not save the html result but the raw text instead.

this is my code: 

 <div class="well col-md-10 col-md-offset-1">
 <%= form_for(:post, :url => {:action => 'create'}) do |f| %>
    <%= f.text_field(:title, class: 'form-control')%>
    <%= f.text_field(:description, class: 'form-control')%>
    <%= f.text_area(:content, rows: 15, "data-provide" => "markdown")%>
    <%= f.button "Submit", type: 'submit', class: 'btn col-md-4 col-md-offset-4 btn-large btn-success' %>
<% end %>
</div>

I have added the libraries as follows:

//= require jquery
//= require bootstrap-sprockets
//= require jquery_ujs
//= require turbolinks
//= require markdown.js
//= require to-markdown.js
//= require bootstrap-markdown-bundle
//= require_tree .


 *= require_tree .
 *= require_self
 *= require bootstrap-markdown

This is the html output:

<button class="btn col-md-4 col-md-offset-4 btn-large btn-success" name="button" type="submit">Submit</button>
Vlad Otrocol
  • 2,952
  • 7
  • 33
  • 55

1 Answers1

-1

...the primary purpose of this plugin is to provide Markdown editor

It was not intended to convert anything to HTML (conversion from/to HTML and Markdown is done by third party plugins which are included into that bundle). That is just Markdown editor, not HTML editor.

Reasons not to save HTML:

1) you can not output part of HTML without breaking layout (in case with not closed tags) or using third-party libs to fix those chunks;

2) if you edit Markdown with Markdown editor - use Markdown as source for editing, or one day you'll have problems converting everything to and from HTML and Markdown, which also causes data loss + not everything can be converted back (this note is written on to-markdown.js plugin site).

3) you need to prevent possible XSS-attacks, so you have to do extra work after storing HTML, because plugins will not save you from that (and storing vulnerable chunks of code is not good idea, cause you'll have to output that as raw html). Anyone can bypass your editor and send you insecure content, that will later be output on your site.

and so on and so forth...

kovpack
  • 4,905
  • 8
  • 38
  • 55
  • the preview button in the "Markdown Editor" converts the input markdown to html. Therefore the plugin is capable and in my opinion should store to the data in html for easy display. If the input is stored as markdawn then it adds to the proccessing cost because it needs to be converted every time before display. – Vlad Otrocol Nov 21 '14 at 10:21
  • Your are not right. Preview is PREVIEW (browsers do not render markdown, so it SHOUL be converted to HTML for preview). System should store what is entered by user. HTML - is not the best thing to store, **especially if you output part of that HTML** (as a result you can receive **broken HTML-markup, that can break your layout**). If you store markdown text and want to output only part of that text, redcarpet produces nice formatted HTML with all tags closed. Having stored HTML - you'll never receive that without using other HTML-purifying and markup restoring gems, which can be real pain. – kovpack Nov 21 '14 at 14:19
  • If you need HTML - than you've chosen incorrect tool. Find some HTML-editor (there are really good ones). If you've chosen Markdown editor, than use Markdown, or you'll simply get garbage in your database, as you have to store both markdown and html for them to work properly (if you've read documentation of selected bundle, you should have noticed, that some of plugins to not give 100% precise conversion from HTML to Markdown, so using Markdown-editor for your purpose - is completely incorrect solution, if you need HTML). – kovpack Nov 21 '14 at 14:25
  • http://stackoverflow.com/questions/25004007/howto-call-getcontent-and-parsecontent-from-bootstrap-markdown-js you can get the parsed content using this library and I did and it worked and it was what I needed. – Vlad Otrocol Nov 21 '14 at 19:09
  • I just had to learn how to use it properly. @kovpack This tool is a markdown editor, which lets you write and edit markdown text which is to be displayed as html. It makes sense to store it as html and convert it back to markdown when editing bbecause you display the text more often than you edit it. – Vlad Otrocol Nov 21 '14 at 19:09
  • I know all those plugins from that bundle. And I've already written many reasons not to do what you do. You can do what you like, but you will get problems one day. That plugin converts HTML to markdown, but, as I've already written above - it is not 100% precise and not all can be converted back (I've already had problems). Moreover, after converting to HTML you also have to escape everything to prevent possible XSS-attacks and do much more. Markdown editor's main purpose is to `edit Markdown`, not convert anything to HTML or back to edit that again (which can cause data loss) – kovpack Nov 21 '14 at 23:25