3 files changed, 12 insertions, 3 deletions

diff --git a/fietsboek/static/theme.css b/fietsboek/static/theme.css
index d373c93..fbb9c89 100644
--- a/fietsboek/static/theme.css
+++ b/fietsboek/static/theme.css
@@ -14,6 +14,10 @@ body {
   align-items: center;
 }
 
+.track-description img {
+    max-width: 100%;
+}
+
 .admin-badge-list * {
   margin-left: 5px;
   margin-right: 5px;
diff --git a/fietsboek/templates/details.jinja2 b/fietsboek/templates/details.jinja2
index f741d4e..5ef64b9 100644
--- a/fietsboek/templates/details.jinja2
+++ b/fietsboek/templates/details.jinja2
@@ -109,7 +109,9 @@
   </div>
   {% endif %}
   {% if description %}
-  {{ description }}
+  <div class="track-description">
+      {{ description }}
+  </div>
   <hr>
   {% endif %}
   <h2>{{ _("page.details.comments") }}</h2>
diff --git a/fietsboek/util.py b/fietsboek/util.py
index 9a8e596..56f0656 100644
--- a/fietsboek/util.py
+++ b/fietsboek/util.py
@@ -16,7 +16,10 @@ from sqlalchemy import select
 ALLOWED_TAGS = (bleach.sanitizer.ALLOWED_TAGS +
                 # Allow headings
                 ['h1', 'h2', 'h3', 'h4', 'h5', 'h6'] +
-                ['p'])
+                ['p'] + ['img'])
+
+ALLOWED_ATTRIBUTES = dict(bleach.sanitizer.ALLOWED_ATTRIBUTES)
+ALLOWED_ATTRIBUTES['img'] = ['alt', 'src']
 
 
 def safe_markdown(md_source):
@@ -31,7 +34,7 @@ def safe_markdown(md_source):
     :rtype: Markup
     """
     html = markdown.markdown(md_source, output_format='html5')
-    html = bleach.clean(html, tags=ALLOWED_TAGS)
+    html = bleach.clean(html, tags=ALLOWED_TAGS, attributes=ALLOWED_ATTRIBUTES)
     return Markup(html)