What is the best way to store WMD input/markdown in SQL server and display later?

Question

I\'m looking at using WMD in my project instead of my existing RadEditor. I have been reading a few posts on how to store and retrieve the data, and I want to make sure I h

Answer 1

I'm implementing Markdown in a Blog engine I'm writing (who doesn't write blog engines?), and I've also implemented Markdown in a number of customized CMSs I've written for clients.

I do it very similarly to how the Stack Overflow team does it:

1. I use the wmd.js as the client side editor.
2. I use the MarkdownSharp server side processing.
3. I use Jeff Atwood's Sanitize HTML to cover processing HTML.

Here are some resources that talk about Markdown:

• Introducing MarkdownSharp
• Three Markdown Gotchas
• Markdown, One Year Later
• Reverse Engineering the Markdown Editor
• WMD Edtior Reverse Engineered

Bottom line:

1. I store the post in the form it was submitted in; It's displayed using MarkdownSharp.
2. I sanitize the HTML using Jeff Atwood's approach (On output, not on input).
3. I utilize ASP.NET MVC 'best practices' (a highly subjective term) to deal with XSS and XSRF.