Has anyone issues with Markdown? Some things work, some don't.
For example, I cannot bring the blockqoute-'function' to work. Using the provided examples from here. Even wrapping the text with a blockqoute-tag is useless. It just displays "<blockquote>text</blockquote>".
Is this a bug? A feature? Or just me being stupid?
The problem is not in markdown, but in the way you use the template.
Any variable passed to a View (and $this->template is a View) will be encoded unless you tell it not to.
In this case, you're assigning a View to a View variable, so that view (or the output it produces) will be encoded, causing HTML to be displayed instead of rendered.
Options: - use $this->template->set('content',View::forge('main/aktuell', $data), false); - or $this->template->set_safe('content',View::forge('main/aktuell', $data)); - or Whitelist the View class in your application config
Now, which one of the possible solutions should I take? All of the bigger text parts should be processed with Markdown, so for the sake of making live easier I'm tempted to choose the last option. Would that be unwise and/or not the way you would do it? Conflict with the newer releases of fuelPHP?
And comming back to the actual question: I was unprecise: Only some elements are encoded. As for example the blockquote-element. Bold, italics, and lists are not (not a complete list).
And I whitelist Fuel\\Core\\View, no idea why. Got it from the nettuts tutorial...
The reason people want to Whitelist the View class is that they pass View objects to views, for example in a template/partials system.
The problem I (personally) have with whitelisting (in general), is that it is no longer visible what you're doing, which makes it easier to make mistakes.
If you have to do something special when you want to pass something without encoding, it means you have to think about it (is this wise from a security point of view?), and every time you see the code it is clear that you pass it unencoded (preferrably with some comments to why).