On session creation, the line "You can use Markdown syntax here" leads the user to believe they can use all Markdown syntax. In reality we limit* to: a img b i em strong p br ul ol li. Update the page so people understand that things like headers, blockquotes and code blocks aren't permitted (probably by explicitly saying what's permitted).
I'd also be curious on what swapping to RedCarpet's escape_html would do, and leaving all other markdown HTML accessible. And also turning on prettify :-)
On session creation, the line "You can use Markdown syntax here" leads the user to believe they can use all Markdown syntax. In reality we limit* to: a img b i em strong p br ul ol li. Update the page so people understand that things like headers, blockquotes and code blocks aren't permitted (probably by explicitly saying what's permitted).
I'd also be curious on what swapping to RedCarpet's escape_html would do, and leaving all other markdown HTML accessible. And also turning on prettify :-)
* https://github.com/minnestar/sessionizer/blob/master/src/app/helpers/application_helper.rb#L25