# HG changeset patch
# User Marcin Kuzminski <marcin@rhodecode.com>
# Date 2017-12-06 21:56:27
# Node ID 86196e6b747ca6ebdde212c58d46ab97918ac651
# Parent  f1715b6a12850b5e8144889a7e103ebef56e9668

markdown: use bleach to cleanup html from markdown. This also enabled strict
non XSS subset of html to be enable on markdown.

diff --git a/rhodecode/lib/bleach_whitelist.py b/rhodecode/lib/bleach_whitelist.py
new file mode 100644
--- /dev/null
+++ b/rhodecode/lib/bleach_whitelist.py
@@ -0,0 +1,403 @@
+all_tags = [
+    "a", "abbr", "acronym", "address", "applet", "area", "article", "aside", "audio",
+    "b", "base", "basefont", "bdi", "bdo", "bgsound", "big", "blink", "blockquote", "body", "br", "button",
+    "canvas", "caption", "center", "cite", "code", "col", "colgroup", "command", "content",
+    "data", "datalist", "dd", "del", "detals", "dfn", "dialog", "dir", "div", "dl", "dt",
+    "element", "em", "embed",
+    "fieldset", "figcaption", "figure", "font", "footer", "form", "frame", "frameset",
+    "h1", "h2", "h3", "h4", "h5", "h6", "head", "header", "hgroup", "hr", "html",
+    "i", "iframe", "image", "img", "input", "ins", "isindex",
+    "kbd", "keygen",
+    "label", "legend", "li", "link", "listing",
+    "main", "map", "mark", "marquee", "menu", "menuitem", "meta", "meter", "multicol",
+    "nav", "nobr", "noembed", "noframes", "noscript",
+    "object", "ol", "optgroup", "option", "output",
+    "p", "param", "picture", "plaintext", "pre", "progress",
+    "q",
+    "rp", "rt", "ruby",
+    "s", "samp", "script", "section", "select", "shadow", "small", "source", "spacer", "span", "strike", "strong", "style", "sub", "summary", "sup",
+    "table", "tbody", "td", "template", "textarea", "tfoot", "th", "thead", "time", "title", "tr", "track", "tt",
+    "u", "ul",
+    "var", "video",
+    "wbr",
+    "xmp",
+]
+
+# List tags that, if included in a page, could break markup or open XSS.
+generally_xss_unsafe = [
+    "applet", "audio",
+    "bgsound", "body",
+    "canvas",
+    "embed",
+    "frame", "frameset",
+    "head", "html",
+    "iframe",
+    "link",
+    "meta",
+    "object",
+    "param",
+    "source", "script",
+    "ruby", "rt",
+    "title", "track",
+    "video",
+    "xmp"
+]
+
+# Tags that, if included on the page, will probably not break markup or open
+# XSS.  Note that these must be combined with attribute whitelisting, or things
+# like <img> and <style> could still be unsafe.
+generally_xss_safe = list(set(all_tags) - set(generally_xss_unsafe))
+generally_xss_safe.sort()
+
+# Tags suitable for rendering markdown
+markdown_tags = [
+    "h1", "h2", "h3", "h4", "h5", "h6",
+    "b", "i", "strong", "em", "tt",
+    "p", "br",
+    "span", "div", "blockquote", "code", "hr", "pre", "del",
+    "ul", "ol", "li",
+    "dl", "dd", "dt",
+    "table", "thead", "tbody", "tfoot", "tr", "th", "td",
+    "img",
+    "a",
+]
+
+markdown_attrs = {
+    "*": ["class", "style", "align"],
+    "img": ["src", "alt", "title"],
+    "a": ["href", "alt", "title", "name"],
+    "abbr": ["title"],
+    "acronym": ["title"],
+    "pre": ["lang"]
+}
+
+standard_styles = [
+    # Taken from https://developer.mozilla.org/en-US/docs/Web/CSS/Reference
+    # This includes pseudo-classes, pseudo-elements, @-rules, units, and
+    # selectors in addition to properties, but it doesn't matter for our
+    # purposes -- we don't need to filter styles..
+    ":active", "::after (:after)", "align-content", "align-items", "align-self",
+    "all", "<angle>", "animation", "animation-delay", "animation-direction",
+    "animation-duration", "animation-fill-mode", "animation-iteration-count",
+    "animation-name", "animation-play-state", "animation-timing-function",
+    "@annotation", "annotation()", "attr()", "::backdrop", "backface-visibility",
+    "background", "background-attachment", "background-blend-mode",
+    "background-clip", "background-color", "background-image", "background-origin",
+    "background-position", "background-repeat", "background-size", "<basic-shape>",
+    "::before (:before)", "<blend-mode>", "blur()", "border", "border-bottom",
+    "border-bottom-color", "border-bottom-left-radius",
+    "border-bottom-right-radius", "border-bottom-style", "border-bottom-width",
+    "border-collapse", "border-color", "border-image", "border-image-outset",
+    "border-image-repeat", "border-image-slice", "border-image-source",
+    "border-image-width", "border-left", "border-left-color", "border-left-style",
+    "border-left-width", "border-radius", "border-right", "border-right-color",
+    "border-right-style", "border-right-width", "border-spacing", "border-style",
+    "border-top", "border-top-color", "border-top-left-radius",
+    "border-top-right-radius", "border-top-style", "border-top-width",
+    "border-width", "bottom", "box-decoration-break", "box-shadow", "box-sizing",
+    "break-after", "break-before", "break-inside", "brightness()", "calc()",
+    "caption-side", "ch", "@character-variant", "character-variant()", "@charset",
+    ":checked", "circle()", "clear", "clip", "clip-path", "cm", "color", "<color>",
+    "columns", "column-count", "column-fill", "column-gap", "column-rule",
+    "column-rule-color", "column-rule-style", "column-rule-width", "column-span",
+    "column-width", "content", "contrast()", "<counter>", "counter-increment",
+    "counter-reset", "@counter-style", "cubic-bezier()", "cursor",
+    "<custom-ident>", ":default", "deg", ":dir()", "direction", ":disabled",
+    "display", "@document", "dpcm", "dpi", "dppx", "drop-shadow()", "element()",
+    "ellipse()", "em", ":empty", "empty-cells", ":enabled", "ex", "filter",
+    ":first", ":first-child", "::first-letter", "::first-line",
+    ":first-of-type", "flex", "flex-basis", "flex-direction",
+    "flex-flow", "flex-grow", "flex-shrink", "flex-wrap", "float", ":focus",
+    "font", "@font-face", "font-family", "font-feature-settings",
+    "@font-feature-values", "font-kerning", "font-language-override", "font-size",
+    "font-size-adjust", "font-stretch", "font-style", "font-synthesis",
+    "font-variant", "font-variant-alternates", "font-variant-caps",
+    "font-variant-east-asian", "font-variant-ligatures", "font-variant-numeric",
+    "font-variant-position", "font-weight", "<frequency>", ":fullscreen", "grad",
+    "<gradient>", "grayscale()", "grid", "grid-area", "grid-auto-columns",
+    "grid-auto-flow", "grid-auto-position", "grid-auto-rows", "grid-column",
+    "grid-column-start", "grid-column-end", "grid-row", "grid-row-start",
+    "grid-row-end", "grid-template", "grid-template-areas", "grid-template-rows",
+    "grid-template-columns", "height", ":hover", "hsl()", "hsla()", "hue-rotate()",
+    "hyphens", "hz", "<image>", "image()", "image-rendering", "image-resolution",
+    "image-orientation", "ime-mode", "@import", "in", ":indeterminate", "inherit",
+    "initial", ":in-range", "inset()", "<integer>", ":invalid", "invert()",
+    "isolation", "justify-content", "@keyframes", "khz", ":lang()", ":last-child",
+    ":last-of-type", "left", ":left", "<length>", "letter-spacing",
+    "linear-gradient()", "line-break", "line-height", ":link", "list-style",
+    "list-style-image", "list-style-position", "list-style-type", "margin",
+    "margin-bottom", "margin-left", "margin-right", "margin-top", "marks", "mask",
+    "mask-type", "matrix()", "matrix3d()", "max-height", "max-width", "@media",
+    "min-height", "minmax()", "min-width", "mix-blend-mode", "mm", "ms",
+    "@namespace", ":not()", ":nth-child()", ":nth-last-child()",
+    ":nth-last-of-type()", ":nth-of-type()", "<number>", "object-fit",
+    "object-position", ":only-child", ":only-of-type", "opacity", "opacity()",
+    ":optional", "order", "@ornaments", "ornaments()", "orphans", "outline",
+    "outline-color", "outline-offset", "outline-style", "outline-width",
+    ":out-of-range", "overflow", "overflow-wrap", "overflow-x", "overflow-y",
+    "padding", "padding-bottom", "padding-left", "padding-right", "padding-top",
+    "@page", "page-break-after", "page-break-before", "page-break-inside", "pc",
+    "<percentage>", "perspective", "perspective()", "perspective-origin",
+    "pointer-events", "polygon()", "position", "<position>", "pt", "px", "quotes",
+    "rad", "radial-gradient()", "<ratio>", ":read-only", ":read-write", "rect()",
+    "rem", "repeat()", "::repeat-index", "::repeat-item",
+    "repeating-linear-gradient()", "repeating-radial-gradient()", ":required",
+    "resize", "<resolution>", "rgb()", "rgba()", "right", ":right", ":root",
+    "rotate()", "rotatex()", "rotatey()", "rotatez()", "rotate3d()", "ruby-align",
+    "ruby-merge", "ruby-position", "s", "saturate()", "scale()", "scalex()",
+    "scaley()", "scalez()", "scale3d()", ":scope", "scroll-behavior",
+    "::selection", "sepia()", "<shape>", "shape-image-threshold", "shape-margin",
+    "shape-outside", "skew()", "skewx()", "skewy()", "steps()", "<string>",
+    "@styleset", "styleset()", "@stylistic", "stylistic()", "@supports", "@swash",
+    "swash()", "symbol()", "table-layout", "tab-size", ":target", "text-align",
+    "text-align-last", "text-combine-upright", "text-decoration",
+    "text-decoration-color", "text-decoration-line", "text-decoration-style",
+    "text-indent", "text-orientation", "text-overflow", "text-rendering",
+    "text-shadow", "text-transform", "text-underline-position", "<time>",
+    "<timing-function>", "top", "touch-action", "transform", "transform-origin",
+    "transform-style", "transition", "transition-delay", "transition-duration",
+    "transition-property", "transition-timing-function", "translate()",
+    "translatex()", "translatey()", "translatez()", "translate3d()", "turn",
+    "unicode-bidi", "unicode-range", "unset", "<uri>", "url()", "<user-ident>",
+    ":valid", "::value", "var()", "vertical-align", "vh", "@viewport",
+    "visibility", ":visited", "vmax", "vmin", "vw", "white-space", "widows",
+    "width", "will-change", "word-break", "word-spacing", "word-wrap",
+    "writing-mode", "z-index",
+
+]
+
+webkit_prefixed_styles = [
+    # Webkit-prefixed styles
+    # https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Webkit_Extensions
+    "-webkit-animation", "-webkit-animation-delay", "-webkit-animation-direction",
+    "-webkit-animation-duration", "-webkit-animation-fill-mode",
+    "-webkit-animation-iteration-count", "-webkit-animation-name",
+    "-webkit-animation-play-state", "-webkit-animation-timing-function",
+    "-webkit-backface-visibility", "-webkit-border-image", "-webkit-column-count",
+    "-webkit-column-gap", "-webkit-column-width", "-webkit-column-rule",
+    "-webkit-column-rule-width", "-webkit-column-rule-style",
+    "-webkit-column-rule-color", "-webkit-columns", "-webkit-column-span",
+    "-webkit-font-feature-settings", "-webkit-font-kerning",
+    "-webkit-font-size-delta", "-webkit-font-variant-ligatures",
+    "-webkit-grid-column", "-webkit-grid-row", "-webkit-hyphens", "-webkit-mask",
+    "-webkit-mask-clip", "-webkit-mask-composite", "-webkit-mask-image",
+    "-webkit-mask-origin", "-webkit-mask-position", "-webkit-mask-repeat",
+    "-webkit-mask-size", "-webkit-perspective", "-webkit-perspective-origin",
+    "-webkit-region-fragment", "-webkit-shape-outside", "-webkit-text-emphasis",
+    "-webkit-text-emphasis-color", "-webkit-text-emphasis-position",
+    "-webkit-text-emphasis-style", "-webkit-transform", "-webkit-transform-origin",
+    "-webkit-transform-style", "-webkit-transition", "-webkit-transition-delay",
+    "-webkit-transition-duration", "-webkit-transition-property",
+    "-webkit-transition-timing-function", "-epub-word-break", "-epub-writing-mode",
+    # WebKit-prefixed properties with an unprefixed counterpart
+    "-webkit-background-clip", "-webkit-background-origin",
+    "-webkit-background-size", "-webkit-border-bottom-left-radius",
+    "-webkit-border-bottom-right-radius", "-webkit-border-radius",
+    "-webkit-border-top-left-radius", "-webkit-border-top-right-radius",
+    "-webkit-box-sizing", "-epub-caption-side", "-webkit-opacity",
+    "-epub-text-transform",
+]
+
+mozilla_prefixed_styles = [
+    "-moz-column-count", "-moz-column-fill", "-moz-column-gap",
+    "-moz-column-width", "-moz-column-rule", "-moz-column-rule-width",
+    "-moz-column-rule-style", "-moz-column-rule-color",
+    "-moz-font-feature-settings", "-moz-font-language-override", "-moz-hyphens",
+    "-moz-text-align-last", "-moz-text-decoration-color",
+    "-moz-text-decoration-line", "-moz-text-decoration-style",
+]
+
+all_prefixed_styles = [
+    # From http://peter.sh/experiments/vendor-prefixed-css-property-overview/
+    "-ms-accelerator", "-webkit-app-region", "-webkit-appearance",
+    "-webkit-appearance", "-moz-appearance", "-webkit-aspect-ratio",
+    "-webkit-backdrop-filter", "backface-visibility",
+    "-webkit-backface-visibility", "backface-visibility", "backface-visibility",
+    "-webkit-background-composite", "-webkit-background-composite", "-moz-binding",
+    "-ms-block-progression", "-webkit-border-after", "-webkit-border-after",
+    "-webkit-border-after-color", "-webkit-border-after-color",
+    "-webkit-border-after-style", "-webkit-border-after-style",
+    "-webkit-border-after-width", "-webkit-border-after-width",
+    "-webkit-border-before", "-webkit-border-before",
+    "-webkit-border-before-color", "-webkit-border-before-color",
+    "-webkit-border-before-style", "-webkit-border-before-style",
+    "-webkit-border-before-width", "-webkit-border-before-width",
+    "-moz-border-bottom-colors", "-webkit-border-end", "-webkit-border-end",
+    "-moz-border-end", "-webkit-border-end-color", "-webkit-border-end-color",
+    "-moz-border-end-color", "-webkit-border-end-style",
+    "-webkit-border-end-style", "-moz-border-end-style",
+    "-webkit-border-end-width", "-webkit-border-end-width",
+    "-moz-border-end-width", "-webkit-border-fit",
+    "-webkit-border-horizontal-spacing", "-webkit-border-horizontal-spacing",
+    "-moz-border-left-colors", "-moz-border-right-colors", "-webkit-border-start",
+    "-webkit-border-start", "-moz-border-start", "-webkit-border-start-color",
+    "-webkit-border-start-color", "-moz-border-start-color",
+    "-webkit-border-start-style", "-webkit-border-start-style",
+    "-moz-border-start-style", "-webkit-border-start-width",
+    "-webkit-border-start-width", "-moz-border-start-width",
+    "-moz-border-top-colors", "-webkit-border-vertical-spacing",
+    "-webkit-border-vertical-spacing", "-webkit-box-align", "-webkit-box-align",
+    "-moz-box-align", "-webkit-box-decoration-break",
+    "-webkit-box-decoration-break", "box-decoration-break",
+    "-webkit-box-direction", "-webkit-box-direction", "-moz-box-direction",
+    "-webkit-box-flex", "-webkit-box-flex", "-moz-box-flex",
+    "-webkit-box-flex-group", "-webkit-box-flex-group", "-webkit-box-lines",
+    "-webkit-box-lines", "-webkit-box-ordinal-group", "-webkit-box-ordinal-group",
+    "-moz-box-ordinal-group", "-webkit-box-orient", "-webkit-box-orient",
+    "-moz-box-orient", "-webkit-box-pack", "-webkit-box-pack", "-moz-box-pack",
+    "-webkit-box-reflect", "-webkit-box-reflect", "clip-path", "-webkit-clip-path",
+    "clip-path", "clip-path", "-webkit-color-correction", "-webkit-column-axis",
+    "-webkit-column-break-after", "-webkit-column-break-after",
+    "-webkit-column-break-before", "-webkit-column-break-before",
+    "-webkit-column-break-inside", "-webkit-column-break-inside",
+    "-webkit-column-count", "column-count", "-moz-column-count", "column-count",
+    "column-fill", "column-fill", "-moz-column-fill", "column-fill",
+    "-webkit-column-gap", "column-gap", "-moz-column-gap", "column-gap",
+    "-webkit-column-rule", "column-rule", "-moz-column-rule", "column-rule",
+    "-webkit-column-rule-color", "column-rule-color", "-moz-column-rule-color",
+    "column-rule-color", "-webkit-column-rule-style", "column-rule-style",
+    "-moz-column-rule-style", "column-rule-style", "-webkit-column-rule-width",
+    "column-rule-width", "-moz-column-rule-width", "column-rule-width",
+    "-webkit-column-span", "column-span", "column-span", "-webkit-column-width",
+    "column-width", "-moz-column-width", "column-width", "-webkit-columns",
+    "columns", "-moz-columns", "columns", "-ms-content-zoom-chaining",
+    "-ms-content-zoom-limit", "-ms-content-zoom-limit-max",
+    "-ms-content-zoom-limit-min", "-ms-content-zoom-snap",
+    "-ms-content-zoom-snap-points", "-ms-content-zoom-snap-type",
+    "-ms-content-zooming", "-moz-control-character-visibility",
+    "-webkit-cursor-visibility", "-webkit-dashboard-region", "filter",
+    "-webkit-filter", "filter", "filter", "-ms-flex-align", "-ms-flex-item-align",
+    "-ms-flex-line-pack", "-ms-flex-negative", "-ms-flex-order", "-ms-flex-pack",
+    "-ms-flex-positive", "-ms-flex-preferred-size", "-moz-float-edge",
+    "-webkit-flow-from", "-ms-flow-from", "-webkit-flow-into", "-ms-flow-into",
+    "-webkit-font-feature-settings", "-webkit-font-feature-settings",
+    "font-feature-settings", "font-feature-settings", "font-kerning",
+    "-webkit-font-kerning", "font-kerning", "-webkit-font-size-delta",
+    "-webkit-font-size-delta", "-webkit-font-smoothing", "-webkit-font-smoothing",
+    "font-variant-ligatures", "-webkit-font-variant-ligatures",
+    "font-variant-ligatures", "-moz-force-broken-image-icon", "grid",
+    "-webkit-grid", "grid", "grid-area", "-webkit-grid-area", "grid-area",
+    "grid-auto-columns", "-webkit-grid-auto-columns", "grid-auto-columns",
+    "grid-auto-flow", "-webkit-grid-auto-flow", "grid-auto-flow", "grid-auto-rows",
+    "-webkit-grid-auto-rows", "grid-auto-rows", "grid-column",
+    "-webkit-grid-column", "grid-column", "-ms-grid-column",
+    "-ms-grid-column-align", "grid-column-end", "-webkit-grid-column-end",
+    "grid-column-end", "-ms-grid-column-span", "grid-column-start",
+    "-webkit-grid-column-start", "grid-column-start", "-ms-grid-columns",
+    "grid-row", "-webkit-grid-row", "grid-row", "-ms-grid-row",
+    "-ms-grid-row-align", "grid-row-end", "-webkit-grid-row-end", "grid-row-end",
+    "-ms-grid-row-span", "grid-row-start", "-webkit-grid-row-start",
+    "grid-row-start", "-ms-grid-rows", "grid-template", "-webkit-grid-template",
+    "grid-template", "grid-template-areas", "-webkit-grid-template-areas",
+    "grid-template-areas", "grid-template-columns",
+    "-webkit-grid-template-columns", "grid-template-columns", "grid-template-rows",
+    "-webkit-grid-template-rows", "grid-template-rows", "-ms-high-contrast-adjust",
+    "-webkit-highlight", "-webkit-hyphenate-character",
+    "-webkit-hyphenate-character", "-webkit-hyphenate-limit-after",
+    "-webkit-hyphenate-limit-before", "-ms-hyphenate-limit-chars",
+    "-webkit-hyphenate-limit-lines", "-ms-hyphenate-limit-lines",
+    "-ms-hyphenate-limit-zone", "-webkit-hyphens", "-moz-hyphens", "-ms-hyphens",
+    "-moz-image-region", "-ms-ime-align", "-webkit-initial-letter",
+    "-ms-interpolation-mode", "justify-self", "-webkit-justify-self",
+    "-webkit-line-align", "-webkit-line-box-contain", "-webkit-line-box-contain",
+    "-webkit-line-break", "-webkit-line-break", "line-break", "-webkit-line-clamp",
+    "-webkit-line-clamp", "-webkit-line-grid", "-webkit-line-snap",
+    "-webkit-locale", "-webkit-locale", "-webkit-logical-height",
+    "-webkit-logical-height", "-webkit-logical-width", "-webkit-logical-width",
+    "-webkit-margin-after", "-webkit-margin-after",
+    "-webkit-margin-after-collapse", "-webkit-margin-after-collapse",
+    "-webkit-margin-before", "-webkit-margin-before",
+    "-webkit-margin-before-collapse", "-webkit-margin-before-collapse",
+    "-webkit-margin-bottom-collapse", "-webkit-margin-bottom-collapse",
+    "-webkit-margin-collapse", "-webkit-margin-collapse", "-webkit-margin-end",
+    "-webkit-margin-end", "-moz-margin-end", "-webkit-margin-start",
+    "-webkit-margin-start", "-moz-margin-start", "-webkit-margin-top-collapse",
+    "-webkit-margin-top-collapse", "-webkit-marquee", "-webkit-marquee-direction",
+    "-webkit-marquee-increment", "-webkit-marquee-repetition",
+    "-webkit-marquee-speed", "-webkit-marquee-style", "mask", "-webkit-mask",
+    "mask", "-webkit-mask-box-image", "-webkit-mask-box-image",
+    "-webkit-mask-box-image-outset", "-webkit-mask-box-image-outset",
+    "-webkit-mask-box-image-repeat", "-webkit-mask-box-image-repeat",
+    "-webkit-mask-box-image-slice", "-webkit-mask-box-image-slice",
+    "-webkit-mask-box-image-source", "-webkit-mask-box-image-source",
+    "-webkit-mask-box-image-width", "-webkit-mask-box-image-width",
+    "-webkit-mask-clip", "-webkit-mask-clip", "-webkit-mask-composite",
+    "-webkit-mask-composite", "-webkit-mask-image", "-webkit-mask-image",
+    "-webkit-mask-origin", "-webkit-mask-origin", "-webkit-mask-position",
+    "-webkit-mask-position", "-webkit-mask-position-x", "-webkit-mask-position-x",
+    "-webkit-mask-position-y", "-webkit-mask-position-y", "-webkit-mask-repeat",
+    "-webkit-mask-repeat", "-webkit-mask-repeat-x", "-webkit-mask-repeat-x",
+    "-webkit-mask-repeat-y", "-webkit-mask-repeat-y", "-webkit-mask-size",
+    "-webkit-mask-size", "mask-source-type", "-webkit-mask-source-type",
+    "-moz-math-display", "-moz-math-variant", "-webkit-max-logical-height",
+    "-webkit-max-logical-height", "-webkit-max-logical-width",
+    "-webkit-max-logical-width", "-webkit-min-logical-height",
+    "-webkit-min-logical-height", "-webkit-min-logical-width",
+    "-webkit-min-logical-width", "-webkit-nbsp-mode", "-moz-orient",
+    "-moz-osx-font-smoothing", "-moz-outline-radius",
+    "-moz-outline-radius-bottomleft", "-moz-outline-radius-bottomright",
+    "-moz-outline-radius-topleft", "-moz-outline-radius-topright",
+    "-webkit-overflow-scrolling", "-ms-overflow-style", "-webkit-padding-after",
+    "-webkit-padding-after", "-webkit-padding-before", "-webkit-padding-before",
+    "-webkit-padding-end", "-webkit-padding-end", "-moz-padding-end",
+    "-webkit-padding-start", "-webkit-padding-start", "-moz-padding-start",
+    "perspective", "-webkit-perspective", "perspective", "perspective",
+    "perspective-origin", "-webkit-perspective-origin", "perspective-origin",
+    "perspective-origin", "-webkit-perspective-origin-x",
+    "-webkit-perspective-origin-x", "perspective-origin-x",
+    "-webkit-perspective-origin-y", "-webkit-perspective-origin-y",
+    "perspective-origin-y", "-webkit-print-color-adjust",
+    "-webkit-print-color-adjust", "-webkit-region-break-after",
+    "-webkit-region-break-before", "-webkit-region-break-inside",
+    "-webkit-region-fragment", "-webkit-rtl-ordering", "-webkit-rtl-ordering",
+    "-webkit-ruby-position", "-webkit-ruby-position", "ruby-position",
+    "-moz-script-level", "-moz-script-min-size", "-moz-script-size-multiplier",
+    "-ms-scroll-chaining", "-ms-scroll-limit", "-ms-scroll-limit-x-max",
+    "-ms-scroll-limit-x-min", "-ms-scroll-limit-y-max", "-ms-scroll-limit-y-min",
+    "-ms-scroll-rails", "-webkit-scroll-snap-coordinate",
+    "-webkit-scroll-snap-destination", "-webkit-scroll-snap-points-x",
+    "-ms-scroll-snap-points-x", "-webkit-scroll-snap-points-y",
+    "-ms-scroll-snap-points-y", "-webkit-scroll-snap-type", "-ms-scroll-snap-type",
+    "-ms-scroll-snap-x", "-ms-scroll-snap-y", "-ms-scroll-translation",
+    "-ms-scrollbar-3dlight-color", "shape-image-threshold",
+    "-webkit-shape-image-threshold", "shape-margin", "-webkit-shape-margin",
+    "shape-outside", "-webkit-shape-outside", "-moz-stack-sizing", "tab-size",
+    "tab-size", "-moz-tab-size", "-webkit-tap-highlight-color",
+    "-webkit-tap-highlight-color", "text-align-last", "-webkit-text-align-last",
+    "-moz-text-align-last", "text-align-last", "-webkit-text-combine",
+    "-webkit-text-combine", "-ms-text-combine-horizontal", "text-decoration-color",
+    "-webkit-text-decoration-color", "text-decoration-color",
+    "text-decoration-color", "text-decoration-line",
+    "-webkit-text-decoration-line", "text-decoration-line",
+    "-webkit-text-decoration-skip", "text-decoration-style",
+    "-webkit-text-decoration-style", "text-decoration-style",
+    "-webkit-text-decorations-in-effect", "-webkit-text-decorations-in-effect",
+    "-webkit-text-emphasis", "text-emphasis", "-webkit-text-emphasis-color",
+    "text-emphasis-color", "-webkit-text-emphasis-position",
+    "text-emphasis-position", "-webkit-text-emphasis-style", "text-emphasis-style",
+    "-webkit-text-fill-color", "-webkit-text-fill-color", "text-justify",
+    "-webkit-text-justify", "text-justify", "-webkit-text-orientation",
+    "-webkit-text-orientation", "text-orientation", "-webkit-text-security",
+    "-webkit-text-security", "-webkit-text-size-adjust", "-moz-text-size-adjust",
+    "-ms-text-size-adjust", "-webkit-text-stroke", "-webkit-text-stroke",
+    "-webkit-text-stroke-color", "-webkit-text-stroke-color",
+    "-webkit-text-stroke-width", "-webkit-text-stroke-width",
+    "text-underline-position", "-webkit-text-underline-position",
+    "text-underline-position", "-webkit-touch-callout", "-ms-touch-select",
+    "transform", "-webkit-transform", "transform", "transform", "transform-origin",
+    "-webkit-transform-origin", "transform-origin", "transform-origin",
+    "-webkit-transform-origin-x", "-webkit-transform-origin-x",
+    "transform-origin-x", "-webkit-transform-origin-y",
+    "-webkit-transform-origin-y", "transform-origin-y",
+    "-webkit-transform-origin-z", "-webkit-transform-origin-z",
+    "transform-origin-z", "transform-style", "-webkit-transform-style",
+    "transform-style", "transform-style", "-webkit-user-drag", "-webkit-user-drag",
+    "-moz-user-focus", "-moz-user-input", "-webkit-user-modify",
+    "-webkit-user-modify", "-moz-user-modify", "-webkit-user-select",
+    "-webkit-user-select", "-moz-user-select", "-ms-user-select",
+    "-moz-window-dragging", "-moz-window-shadow", "-ms-wrap-flow",
+    "-ms-wrap-margin", "-ms-wrap-through", "writing-mode", "-webkit-writing-mode",
+    "writing-mode", "writing-mode",
+]
+
+all_styles = standard_styles + all_prefixed_styles
\ No newline at end of file
diff --git a/rhodecode/lib/markup_renderer.py b/rhodecode/lib/markup_renderer.py
--- a/rhodecode/lib/markup_renderer.py
+++ b/rhodecode/lib/markup_renderer.py
@@ -28,6 +28,7 @@ import os
 import lxml
 import logging
 import urlparse
+import bleach
 
 from mako.lookup import TemplateLookup
 from mako.template import Template as MakoTemplate
@@ -181,12 +182,13 @@ class MarkupRenderer(object):
                          r'|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+)')
 
     extensions = ['codehilite', 'extra', 'def_list', 'sane_lists']
+    output_format = 'html4'
     markdown_renderer = markdown.Markdown(
-        extensions, safe_mode=True, enable_attributes=False)
+        extensions, enable_attributes=False, output_format=output_format)
 
     markdown_renderer_flavored = markdown.Markdown(
-        extensions + [GithubFlavoredMarkdownExtension()], safe_mode=True,
-        enable_attributes=False)
+        extensions + [GithubFlavoredMarkdownExtension()],
+        enable_attributes=False, output_format=output_format)
 
     # extension together with weights. Lower is first means we control how
     # extensions are attached to readme names with those.
@@ -234,6 +236,13 @@ class MarkupRenderer(object):
         return getattr(MarkupRenderer, detected_renderer)
 
     @classmethod
+    def bleach_clean(cls, text):
+        from .bleach_whitelist import markdown_attrs, markdown_tags
+        allowed_tags = markdown_tags
+        allowed_attrs = markdown_attrs
+        return bleach.clean(text, tags=allowed_tags, attributes=allowed_attrs)
+
+    @classmethod
     def renderer_from_filename(cls, filename, exclude):
         """
         Detect renderer markdown/rst from filename and optionally use exclude
@@ -320,10 +329,11 @@ class MarkupRenderer(object):
         return '<br />' + source.replace("\n", '<br />')
 
     @classmethod
-    def markdown(cls, source, safe=True, flavored=True, mentions=False):
-        # It does not allow to insert inline HTML. In presence of HTML tags, it
-        # will replace them instead with [HTML_REMOVED]. This is controlled by
-        # the safe_mode=True parameter of the markdown method.
+    def markdown(cls, source, safe=True, flavored=True, mentions=False,
+                 clean_html=True):
+        """
+        returns markdown rendered code cleaned by the bleach library
+        """
 
         if flavored:
             markdown_renderer = cls.markdown_renderer_flavored
@@ -342,10 +352,14 @@ class MarkupRenderer(object):
                                 mentions=False)
 
         source = safe_unicode(source)
+
         try:
             if flavored:
                 source = cls._flavored_markdown(source)
-            return markdown_renderer.convert(source)
+            rendered = markdown_renderer.convert(source)
+            if clean_html:
+                rendered = cls.bleach_clean(rendered)
+            return rendered
         except Exception:
             log.exception('Error when rendering Markdown')
             if safe:
@@ -355,7 +369,7 @@ class MarkupRenderer(object):
                 raise
 
     @classmethod
-    def rst(cls, source, safe=True, mentions=False):
+    def rst(cls, source, safe=True, mentions=False, clean_html=False):
         if mentions:
             mention_pat = re.compile(MENTIONS_REGEX)
 
@@ -372,8 +386,8 @@ class MarkupRenderer(object):
                 [(alias, None) for alias in
                  cls.RESTRUCTUREDTEXT_DISALLOWED_DIRECTIVES])
 
-            docutils_settings.update({'input_encoding': 'unicode',
-                                      'report_level': 4})
+            docutils_settings.update({
+                'input_encoding': 'unicode', 'report_level': 4})
 
             for k, v in docutils_settings.iteritems():
                 directives.register_directive(k, v)
@@ -381,8 +395,10 @@ class MarkupRenderer(object):
             parts = publish_parts(source=source,
                                   writer=RhodeCodeWriter(),
                                   settings_overrides=docutils_settings)
-
-            return parts['html_title'] + parts["fragment"]
+            rendered = parts["fragment"]
+            if clean_html:
+                rendered = cls.bleach_clean(rendered)
+            return parts['html_title'] + rendered
         except Exception:
             log.exception('Error when rendering RST')
             if safe:
diff --git a/rhodecode/tests/lib/test_markup_renderer.py b/rhodecode/tests/lib/test_markup_renderer.py
--- a/rhodecode/tests/lib/test_markup_renderer.py
+++ b/rhodecode/tests/lib/test_markup_renderer.py
@@ -67,9 +67,429 @@ def test_markdown_xss_inline_html():
 
 def test_markdown_inline_html():
     xss_md = '\n'.join(['> <a name="n"',
-                        '> href="https://rhodecode.com">link</a>'])
+                        '> onload="javascript:alert()" href="https://rhodecode.com">link</a>'])
     rendered_html = MarkupRenderer.markdown(xss_md)
-    assert '[HTML_REMOVED]link[HTML_REMOVED]' in rendered_html
+    assert '<a href="https://rhodecode.com" name="n">link</a>' in rendered_html
+
+
+def test_markdown_bleach_renders_correct():
+    test_md = """
+This is intended as a quick reference and showcase. For more complete info, see [John Gruber's original spec](http://daringfireball.net/projects/markdown/) and the [Github-flavored Markdown info page](http://github.github.com/github-flavored-markdown/).
+
+Note that there is also a [Cheatsheet specific to Markdown Here](./Markdown-Here-Cheatsheet) if that's what you're looking for. You can also check out [more Markdown tools](./Other-Markdown-Tools).
+
+##### Table of Contents  
+[Headers](#headers)  
+[Emphasis](#emphasis)  
+[Lists](#lists)  
+[Links](#links)  
+[Images](#images)  
+[Code and Syntax Highlighting](#code)  
+[Tables](#tables)  
+[Blockquotes](#blockquotes)  
+[Inline HTML](#html)  
+[Horizontal Rule](#hr)  
+[Line Breaks](#lines)  
+[Youtube videos](#videos)  
+
+
+## Headers
+
+```no-highlight
+# H1
+## H2
+### H3
+#### H4
+##### H5
+###### H6
+
+Alternatively, for H1 and H2, an underline-ish style:
+
+Alt-H1
+======
+
+Alt-H2
+------
+```
+
+# H1
+## H2
+### H3
+#### H4
+##### H5
+###### H6
+
+Alternatively, for H1 and H2, an underline-ish style:
+
+Alt-H1
+======
+
+Alt-H2
+------
+
+## Emphasis
+
+```no-highlight
+Emphasis, aka italics, with *asterisks* or _underscores_.
+
+Strong emphasis, aka bold, with **asterisks** or __underscores__.
+
+Combined emphasis with **asterisks and _underscores_**.
+
+Strikethrough uses two tildes. ~~Scratch this.~~
+```
+
+Emphasis, aka italics, with *asterisks* or _underscores_.
+
+Strong emphasis, aka bold, with **asterisks** or __underscores__.
+
+Combined emphasis with **asterisks and _underscores_**.
+
+Strikethrough uses two tildes. ~~Scratch this.~~
+
+
+## Lists
+
+(In this example, leading and trailing spaces are shown with with dots: ⋅)
+
+```no-highlight
+1. First ordered list item
+2. Another item
+⋅⋅* Unordered sub-list. 
+1. Actual numbers don't matter, just that it's a number
+⋅⋅1. Ordered sub-list
+4. And another item.
+
+⋅⋅⋅You can have properly indented paragraphs within list items. Notice the blank line above, and the leading spaces (at least one, but we'll use three here to also align the raw Markdown).
+
+⋅⋅⋅To have a line break without a paragraph, you will need to use two trailing spaces.⋅⋅
+⋅⋅⋅Note that this line is separate, but within the same paragraph.⋅⋅
+⋅⋅⋅(This is contrary to the typical GFM line break behaviour, where trailing spaces are not required.)
+
+* Unordered list can use asterisks
+- Or minuses
++ Or pluses
+```
+
+1. First ordered list item
+2. Another item
+  * Unordered sub-list. 
+1. Actual numbers don't matter, just that it's a number
+  1. Ordered sub-list
+4. And another item.
+
+   You can have properly indented paragraphs within list items. Notice the blank line above, and the leading spaces (at least one, but we'll use three here to also align the raw Markdown).
+
+   To have a line break without a paragraph, you will need to use two trailing spaces.  
+   Note that this line is separate, but within the same paragraph.  
+   (This is contrary to the typical GFM line break behaviour, where trailing spaces are not required.)
+
+* Unordered list can use asterisks
+- Or minuses
++ Or pluses
+
+
+## Links
+
+There are two ways to create links.
+
+```no-highlight
+[I'm an inline-style link](https://www.google.com)
+
+[I'm an inline-style link with title](https://www.google.com "Google's Homepage")
+
+[I'm a reference-style link][Arbitrary case-insensitive reference text]
+
+[I'm a relative reference to a repository file (LICENSE)](./LICENSE)
+
+[I'm a relative reference to a repository file (IMAGE)](./img/logo.png)
+
+[I'm a relative reference to a repository file (IMAGE2)](img/logo.png)
+
+[You can use numbers for reference-style link definitions][1]
+
+Or leave it empty and use the [link text itself].
+
+URLs and URLs in angle brackets will automatically get turned into links. 
+http://www.example.com or <http://www.example.com> and sometimes 
+example.com (but not on Github, for example).
+
+Some text to show that the reference links can follow later.
+
+[arbitrary case-insensitive reference text]: https://www.mozilla.org
+[1]: http://slashdot.org
+[link text itself]: http://www.reddit.com
+```
+
+[I'm an inline-style link](https://www.google.com)
+
+[I'm an inline-style link with title](https://www.google.com "Google's Homepage")
+
+[I'm a reference-style link][Arbitrary case-insensitive reference text]
+
+[I'm a relative reference to a repository file (LICENSE)](./LICENSE)
+
+[I'm a relative reference to a repository file (IMAGE)](./img/logo.png)
+
+[I'm a relative reference to a repository file (IMAGE2)](img/logo.png)
+
+[You can use numbers for reference-style link definitions][1]
+
+Or leave it empty and use the [link text itself].
+
+URLs and URLs in angle brackets will automatically get turned into links. 
+http://www.example.com or <http://www.example.com> and sometimes 
+example.com (but not on Github, for example).
+
+Some text to show that the reference links can follow later.
+
+[arbitrary case-insensitive reference text]: https://www.mozilla.org
+[1]: http://slashdot.org
+[link text itself]: http://www.reddit.com
+
+
+## Images
+
+```no-highlight
+Here's our logo (hover to see the title text):
+
+Inline-style: 
+![alt text](https://github.com/adam-p/markdown-here/raw/master/src/common/images/icon48.png "Logo Title Text 1")
+
+relative-src-style: 
+![alt text](img/logo.png)
+
+Reference-style: 
+![alt text][logo]
+
+[logo]: https://github.com/adam-p/markdown-here/raw/master/src/common/images/icon48.png "Logo Title Text 2"
+```
+
+Here's our logo (hover to see the title text):
+
+Inline-style: 
+![alt text](https://github.com/adam-p/markdown-here/raw/master/src/common/images/icon48.png "Logo Title Text 1")
+
+relative-src-style: 
+![alt text](img/logo.png)
+
+relative-src-style: 
+![alt text](./img/logo.png)
+
+Reference-style: 
+![alt text][logo]
+
+[logo]: https://github.com/adam-p/markdown-here/raw/master/src/common/images/icon48.png "Logo Title Text 2"
+
+
+## Code and Syntax Highlighting
+
+Code blocks are part of the Markdown spec, but syntax highlighting isn't. However, many renderers -- like Github's and *Markdown Here* -- support syntax highlighting. Which languages are supported and how those language names should be written will vary from renderer to renderer. *Markdown Here* supports highlighting for dozens of languages (and not-really-languages, like diffs and HTTP headers); to see the complete list, and how to write the language names, see the [highlight.js demo page](http://softwaremaniacs.org/media/soft/highlight/test.html).
+
+```no-highlight
+Inline `code` has `back-ticks around` it.
+```
+
+Inline `code` has `back-ticks around` it.
+
+Blocks of code are either fenced by lines with three back-ticks <code>```</code>, or are indented with four spaces. I recommend only using the fenced code blocks -- they're easier and only they support syntax highlighting.
+
+```javascript
+var s = "JavaScript syntax highlighting";
+console.log(s);
+```
+ 
+```python
+s = "Python syntax highlighting"
+print s
+```
+ 
+```
+No language indicated, so no syntax highlighting. 
+But let's throw in a &lt;b&gt;tag&lt;/b&gt;.
+```
+
+
+```javascript
+var s = "JavaScript syntax highlighting";
+alert(s);
+```
+
+```python
+s = "Python syntax highlighting"
+print s
+```
+
+```
+No language indicated, so no syntax highlighting in Markdown Here (varies on Github). 
+But let's throw in a <b>tag</b>.
+```
+
+
+## Tables
+
+Tables aren't part of the core Markdown spec, but they are part of GFM and *Markdown Here* supports them. They are an easy way of adding tables to your email -- a task that would otherwise require copy-pasting from another application.
+
+```no-highlight
+Colons can be used to align columns.
+
+| Tables        | Are           | Cool  |
+| ------------- |:-------------:| -----:|
+| col 3 is      | right-aligned | $1600 |
+| col 2 is      | centered      |   $12 |
+| zebra stripes | are neat      |    $1 |
+
+There must be at least 3 dashes separating each header cell.
+The outer pipes (|) are optional, and you don't need to make the 
+raw Markdown line up prettily. You can also use inline Markdown.
+
+Markdown | Less | Pretty
+--- | --- | ---
+*Still* | `renders` | **nicely**
+1 | 2 | 3
+```
+
+Colons can be used to align columns.
+
+| Tables        | Are           | Cool |
+| ------------- |:-------------:| -----:|
+| col 3 is      | right-aligned | $1600 |
+| col 2 is      | centered      |   $12 |
+| zebra stripes | are neat      |    $1 |
+
+There must be at least 3 dashes separating each header cell. The outer pipes (|) are optional, and you don't need to make the raw Markdown line up prettily. You can also use inline Markdown.
+
+Markdown | Less | Pretty
+--- | --- | ---
+*Still* | `renders` | **nicely**
+1 | 2 | 3
+
+
+## Blockquotes
+
+```no-highlight
+> Blockquotes are very handy in email to emulate reply text.
+> This line is part of the same quote.
+
+Quote break.
+
+> This is a very long line that will still be quoted properly when it wraps. Oh boy let's keep writing to make sure this is long enough to actually wrap for everyone. Oh, you can *put* **Markdown** into a blockquote. 
+```
+
+> Blockquotes are very handy in email to emulate reply text.
+> This line is part of the same quote.
+
+Quote break.
+
+> This is a very long line that will still be quoted properly when it wraps. Oh boy let's keep writing to make sure this is long enough to actually wrap for everyone. Oh, you can *put* **Markdown** into a blockquote. 
+
+
+## Inline HTML
+
+You can also use raw HTML in your Markdown, and it'll mostly work pretty well. 
+
+```no-highlight
+<dl>
+  <dt>Definition list</dt>
+  <dd>Is something people use sometimes.</dd>
+
+  <dt>Markdown in HTML</dt>
+  <dd>Does *not* work **very** well. Use HTML <em>tags</em>.</dd>
+</dl>
+```
+
+<dl>
+  <dt>Definition list</dt>
+  <dd>Is something people use sometimes.</dd>
+
+  <dt>Markdown in HTML</dt>
+  <dd>Does *not* work **very** well. Use HTML <em>tags</em>.</dd>
+</dl>
+
+
+## Horizontal Rule
+
+```
+Three or more...
+
+---
+
+Hyphens
+
+***
+
+Asterisks
+
+___
+
+Underscores
+```
+
+Three or more...
+
+---
+
+Hyphens
+
+***
+
+Asterisks
+
+___
+
+Underscores
+
+
+## Line Breaks
+
+My basic recommendation for learning how line breaks work is to experiment and discover -- hit &lt;Enter&gt; once (i.e., insert one newline), then hit it twice (i.e., insert two newlines), see what happens. You'll soon learn to get what you want. "Markdown Toggle" is your friend. 
+
+Here are some things to try out:
+
+```
+Here's a line for us to start with.
+
+This line is separated from the one above by two newlines, so it will be a *separate paragraph*.
+
+This line is also a separate paragraph, but...
+This line is only separated by a single newline, so it's a separate line in the *same paragraph*.
+```
+
+Here's a line for us to start with.
+
+This line is separated from the one above by two newlines, so it will be a *separate paragraph*.
+
+This line is also begins a separate paragraph, but...  
+This line is only separated by a single newline, so it's a separate line in the *same paragraph*.
+
+(Technical note: *Markdown Here* uses GFM line breaks, so there's no need to use MD's two-space line breaks.)
+
+
+## Youtube videos
+
+They can't be added directly but you can add an image with a link to the video like this:
+
+```no-highlight
+<a href="http://www.youtube.com/watch?feature=player_embedded&v=YOUTUBE_VIDEO_ID_HERE
+" target="_blank"><img src="http://img.youtube.com/vi/YOUTUBE_VIDEO_ID_HERE/0.jpg" 
+alt="IMAGE ALT TEXT HERE" width="240" height="180" border="10" /></a>
+```
+
+Or, in pure Markdown, but losing the image sizing and border:
+
+```no-highlight
+[![IMAGE ALT TEXT HERE](http://img.youtube.com/vi/YOUTUBE_VIDEO_ID_HERE/0.jpg)](http://www.youtube.com/watch?v=YOUTUBE_VIDEO_ID_HERE)
+```
+
+Referencing a bug by #bugID in your git commit links it to the slip. For example #1. 
+
+---
+
+License: [CC-BY](https://creativecommons.org/licenses/by/3.0/)    
+    """
+    raw_rendered_html = MarkupRenderer.markdown(test_md, clean_html=False)
+    bleached_rendered_html = MarkupRenderer.markdown(test_md, clean_html=True)
+    assert raw_rendered_html == bleached_rendered_html
 
 
 def test_rst_xss_link():