How can I add formatting to the resource comments? I have tried std html tags and they are stripped out when I update the comments. I would like to add line breaks and a bulleted list, and maybe some bold or color tags.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Looking through the code, it appears this is by design. There's a 'sanitize' function that strips out html. Haven't had a chance to play with it yet, so I don't know if removing that function from the resource comments will break anything. If anyone can tell me, that would be appreciated.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Don't know if this was your thought but you should NOT disable sanitize for ALL inputs. This could lead to a security hole (user inputs HTML in the comment and can access the user database or worse) but you could consider passing HTML for the comments only. You might want to look into how the announcement file is handled - That part of the program allows HTML in the form and stores it so it is possible.
Frankly I can't recall right now how it circumvents the HTML filter.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
How can I add formatting to the resource comments? I have tried std html tags and they are stripped out when I update the comments. I would like to add line breaks and a bulleted list, and maybe some bold or color tags.
Looking through the code, it appears this is by design. There's a 'sanitize' function that strips out html. Haven't had a chance to play with it yet, so I don't know if removing that function from the resource comments will break anything. If anyone can tell me, that would be appreciated.
sorry for the radio silence...
Don't know if this was your thought but you should NOT disable sanitize for ALL inputs. This could lead to a security hole (user inputs HTML in the comment and can access the user database or worse) but you could consider passing HTML for the comments only. You might want to look into how the announcement file is handled - That part of the program allows HTML in the form and stores it so it is possible.
Frankly I can't recall right now how it circumvents the HTML filter.