Support untrusted input #143
Description
Kordac currently only supports trusted input. This is because kordac was developed for the authors of the cs-unplugged and csfieldguide projects.
For other projects Kordac would be better suited to support untrusted input, especially for external users.
Obviously with untrusted input comes the security issues, some know issues of markdown include XSS attacks as described in https://michelf.ca/blog/2010/markdown-and-xss/ and our current markdown library does not support untrusted input anymore see https://pythonhosted.org/Markdown/reference.html#safe_mode
Therefore some tasks that will need to be done to achieve should be:
- Untrusted Input Support
- XSS Attacks protected
- Thirdparty sanitizing