How to allow basic html formatting?

[Liero]

Expectation

I would like to allow some basic html formatting tags just like on github or stackoverflow. The rest should be encoded. Is there any way to allow only specific html tags, like <b>, <i> etc...?

Expected Result

E.g.:
<b>sample</b>: sample
<script>alert('a')</script>: <script>alert('a')</script>

What was attempted

Bu default no html tags are encoded, so the script code snipped actually shows alert. When I turn html tags off, the no html formatting is applied.

[Simon-Tang]

I think the way to do this may be to override the renderer (https://github.com/chjj/marked#renderer) to have your custom handling of HTML elements (see the html method). It looks like html is invoked for tags like <script> but not for tags like <b>.

[UziTech]

Yes, the way to do this would be to override the renderer.html function