A Markdown or WYSIWYG library should be selected and integrated

[evilaliv3]

In order to add possibilities for rich customizations a markdown library should be selected and integrated.

[evilaliv3]

Currently i'm experimenting with https://github.com/btford/angular-markdown-directive that make use of https://github.com/showdownjs/showdown and they seem to be a valuable solution.

i've quite integrated it all and its seem to suit our need, my only concern is integrating such a library we should take care of validating it against XSS attacks. How to achieve such a goal?

\cc @hellais @vecna @fpietrosanti

[evilaliv3]

[evilaliv3]

After a discussion with @fpietrosanti i'm evaluating and testing the WYSIWYG module https://github.com/fraywing/textAngular

given the fact that we cant's for sure support both kind of things(Markdown/WYSIWYG) we should discuss a little to what are the intent and what are the pro/cons of the different solutions.

in my thinking: 1) markdown sure is the safest one thiking to security due to it's semplicity 2) wysisyg is the more usable by the end user 3) both offers basic text sizing, list, images and links 4) only wysiwyg offers text alignments 3) none of them offers relative positioning of elements (i.e. they do not permit to put a text near to an image but it wont be difficult for the wysiwyget to alter it to make possible to add CSS classes to each added element so that skilled admins will be able to customize whatever.

what do you think?

[fpietrosanti]

Related to #914 #614 #979

[fpietrosanti]

Can't we use a Markdown WYSIWYG editor?

[evilaliv3]

@fpietrosanti before thinking to amazing solutions (that are not available and we should implement or merge them) let's think to what we want to achieve.

if we want to support the standard markdown with a WYSIWYG editor the solution will be limited by the fact that markdown offers very few things.

[fpietrosanti]

So, we found implementation constrain with existing available libraries such as:

• An WYSIWYG editor that output Markdown integrated w/AngularJS is not ready-made-available
• From the existing one, sounds like there is a limitation of not being able to apply CSS style class to specific image such the issue described at https://github.com/vmg/redcarpet/issues/306 (this limit the styling of individual markdown content)

[vecna]

IT IS GREAT :D

[hellais]

@fpietrosanti does this not fit your requirements: https://github.com/JimLiu/angular-markdown-editor?

[evilaliv3]

great for my point of view @hellais.

what we shall discuss is 1) is markdown enough for our reasons? it lacks the possibility fo custom positions of element inside the markdown 2) to solve 1) we can use CSS and modify the markdown directive that apply showdown in order to make it generate unique id inside each generated elem. e.g inside PageTitle element shodown should assign id=elem1, id=elem2, id=elem3 so that one can use css to write #PageTitle #elem1, #PageTitle #elem2, #PageTitle #629

using 2) means that at least for the moment we should continue to allow direct customization of CSS by the user. anyway it wount be so much difficult to built then a secure templating system for CSS based on this. @hellais what do you think?

[hellais]

I need to think more about this issue, but we should do this incrementally.

Step 1) Implement markdown for all textarea fields Step 2) Think of how to extend customisation to also support positioning

[evilaliv3]

i agree that the implementation would keep in mind a little the various steps so that step 1 for sure should not be trashed as a whould while addressing step 2. but if you agree that 1) and 2) as described by me can work (obviously properly tuned) we can proceed with 1)

let me know so that we can work on this by starting integratin the two libraries and applyng their usage to textareas (and also inputbox) of the admin interface.