Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

lat4732's avatar
lat4732
OP
4 years ago
Level 12

How to edit spatie/laravel-markdown html elements (blocks)

Hey!

I installed spatie/laravel-markdown and implemented it in my code by adding <x-markdown>{{ $post->content }}</x-markdown> (note that it's not <x-markdown>{!! $post->content !!}</x-markdown> - which one is the right way?) where the post is displayed (I have no idea if that is the right implementation of this package). Adding the triple " ` " before and after a code/text while posting a thread results in this:

visualization

(I show that the box with the code goes beyond the field of the main box)

How can I edit these markdown html elements the best way? Also do you have any suggestions on how to use this package the best&securely way?

P.S.: I tried Sinnbeck's package but some errors occur on installation (through composer)

0 likes
7 replies
aleahy's avatar

I would use {!! $post->content !!} and sanitize the output with a package like stevebauman/purify to get rid of anything nasty.

lat4732's avatar
lat4732
OP
4 years ago
Level 12

@aleahy so when the user insert in their code block <script src="..."></script> it will be literally removed. What a brilliant idea. Joke aside, that's not what I'm looking for. Thanks tho!

aleahy's avatar

@Laralex Just went back through the docs and found what looks like a solution.

You can pass options to commonmark through the x-markdown tag. I believe the one you want is 'html_input' => 'escape'

<x-markdown :options="['html_input' => 'escape']">
   {!! $post->content !!}}
<x-markdown>

https://spatie.be/docs/laravel-markdown/v1/using-the-blade-component/passing-options-to-commonmark

https://commonmark.thephpleague.com/1.6/security/

Otherwise you will need to clean the content yourself because laravel will use htmlspecialchars on anything between {{ }}.

lat4732's avatar
lat4732
OP
4 years ago
Level 12

@aleahy Still the same output

visualization

<x-markdown :options="['html_input' => 'escape']">{!! $post->content !!}</x-markdown>
Snapey's avatar

What does the text in the database look like?

You haven't previously created a markdown.blade.php component?

lat4732's avatar
lat4732
OP
4 years ago
Level 12

@Snapey I haven't worked on this project for 3 days and now when I opened it everything looks fine. Wow.. Programming is so strange sometimes. Anyways, the text looks just like inserted.

visualization1

visuzliation3

visualization2

I haven't created markdown.blade.php, do I have to? And how to actually apply css and change some settings for this markdown?

Please or to participate in this conversation.