update

readme.md

@@ -3,6 +3,5 @@ prismic is a simple messageboard made in python
 
 ## Planned features
 - [ ] user board creation
-- [ ] markdown support
 - [ ] custom profiles
 - [ ] moderation tools

src/main.py

@@ -1,13 +1,12 @@
 from flask import Flask, request, render_template, session, redirect
-import database, logging, os, hashlib, html
+import database, logging, os, hashlib
 from flask_session import Session
 
 
 # Global variables
 SYSTEMUID = None
 SYSTEMBID = None
-allowed_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%£^&()-_=+[]{};:'\",.<>?/\\|`~ "
-
+ALLOWED_CHARS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%£^&()-_=+[]{};:'\",.<>?/\\|`~ \n"
 
 # Configure logging
 console_log = logging.StreamHandler()
@@ -70,8 +69,7 @@ def sanitize_input(input_string):
     if not isinstance(input_string, str):
         logger.error("Input is not a string.")
         return None
-    sanitized = ''.join(c for c in input_string if c in allowed_chars)
-    sanitized = html.escape(sanitized)
+    sanitized = ''.join(c for c in input_string if c in ALLOWED_CHARS)
     logger.info("Sanitized input")
     return sanitized
 

src/static/base.css

@@ -179,4 +179,8 @@ div#nav {
     display: flex;
     gap: 10px;
     margin-top: 20px;
+}
+
+p {
+    white-space:pre;
 }