1 // NOTE: This is just a demo -- in a production environment,
2 // be sure to spend a few more thoughts on sanitizing user input.
3 // (also, you probably wouldn't use a get request)
5 var http = require("http"),
7 querystring = require("querystring"),
8 Converter = require("../../Markdown.Converter").Converter,
9 getSanitizingConverter = require("../../Markdown.Sanitizer").getSanitizingConverter,
10 conv = new Converter(),
11 saneConv = getSanitizingConverter();
13 http.createServer(function (req, res) {
15 var route = url.parse(req.url);
16 if (route.pathname !== "/") {
18 res.end("Page not found");
22 var query = querystring.parse(route.query);
24 res.writeHead(200, { "Content-type": "text/html" });
25 res.write("<html><body>");
27 var markdown = query.md || "## Hello!\n\n<marquee>I'm walking</marquee>\n\nVisit [Stack Overflow](http://stackoverflow.com)\n\n<b><i>This is never closed!";
29 res.write("<h1>Your output, sanitized:</h1>\n" + saneConv.makeHtml(markdown))
30 res.write("<h1>Your output, unsanitized:</h1>\n" + conv.makeHtml(markdown))
33 "<h1>Enter Markdown</h1>\n" +
34 "<form method='get' action='/'>" +
35 "<textarea cols=50 rows=10 name='md'>" +
36 markdown.replace(/</g, "<") +
38 "<input type='submit' value='Convert!'>" +
42 res.end("</body></html>");