[Catalog-sig] HTML in long description

"Martin v. Löwis" martin at v.loewis.de
Fri Aug 21 16:33:14 CEST 2009

Should PyPI support HTML in the long_description field?

The current implementation tries to pass the long_description
to docutils, with the settings raw_enabled=0, file_insertion_enabled=0,
halt_level=2, report_level=5. If parsing fails, it will wrap
the long_description with a <PRE> element.

As a side effect of that, HTML in long_description seems to work,
but it isn't really supported.

Which way should PyPI go: escape all markup if ReST rendering fails?
Or else allow arbitrary HTML to be embedded? I'm worried that somebody
would create a cross-site attack out of that...


More information about the Catalog-SIG mailing list