Markup

Plain text

Unless otherwise mentioned, all string fields in the API will be interpreted as plain text without any markup. This includes question titles, share messages, tag labels as well as the firstname, lastname, about and location of a user.

Example

A question with

{
    "title": "Can I <strong>use</strong> HTML?" 
}

is displayed in the Starmind frontend without interpreting the HTML tags as markup:

Can I <strong>use</strong> HTML?

HTML text with mentioning markup

The Starmind application expects the following string fields to contain HTML markup:

• Question description
• Solution description
• Comment description

Furthermore, these descriptions are parsed for mentions. A mention is a substring of the form [~John Doe|id:1234]. These are displayed in the Starmind frontend as a hyperlink to the profile of the user with id 1234, where the link gets the label John Doe. Furthermore, when such a mention is first submitted to the Starmind API, the user with id 1234 will receive a notification of type mention_in_question, mention_in_solution or mention_in_comment respectively.

Example

A comment with description

{
    "description": "Can I <strong>use</strong> HTML, [~Sherlock|id:1234]?" 
}

is displayed in the Starmind frontend with HTML markup and with parsed mentions:

Can I use HTML, Sherlock?

Sanitizing

The Starmind frontend sanitizes all user-generated HTML content before it is rendered in the browser. This removes all Javascript and other potentially malicious code, protecting the end-user from any injection attacks.

Beware! Every third-party client which renders content from the Starmind API must always sanitize the content to prevent any code which could be harmful in its specific environment from being executed!