mistune: Nested HTML inside block_html is escaped when escape=False, parse_block_html=True

Normally with escape=False, nested HTML block is corectly not escaped:

>>> print markdown('<div id="special-part"><div class="subsection">text</div></div>', escape=False)
<div id="special-part"><div class="subsection">text</div></div>

But when I add parse_block_html=True, only out-most element is not escaped and the rest is escaped:

>>> print markdown('<div id="special-part"><div class="subsection">text</div></div>', escape=False, parse_block_html=True)
<div id="special-part">&lt;div class="subsection"&gt;text&lt;/div&gt;</div>

About this issue

  • Original URL
  • State: closed
  • Created 9 years ago
  • Comments: 17 (7 by maintainers)

Commits related to this issue

Most upvoted comments

@teoguso @lepture It actually does, even if it’s a bad practice. So, right now it is not following the HTML5 spec:

The attribute name, followed by zero or more space characters, followed by a single U+003D EQUALS SIGN character, followed by zero or more space characters, followed by the attribute value, which, in addition to the requirements given above for attribute values, must not contain any literal space characters, any U+0022 QUOTATION MARK characters ("), U+0027 APOSTROPHE characters ('), U+003D EQUALS SIGN characters (=), U+003C LESS-THAN SIGN characters (<), U+003E GREATER-THAN SIGN characters (>), or U+0060 GRAVE ACCENT characters (`), and must not be the empty string.

source(emphasis mine)

The same restrictions & allowances (more or less) also apply to single quoted and double quoted values.

NB: There is this SO post on why it might be bad practice.

+1
mpacer on Jun 30, 2017
Read more comments on GitHub
← mistune: Line under quote is not considered part of quote
python-livereload: watching changes raise "RuntimeError: Cannot close a running event loop" →