diff --git a/contrib/limited_html_renderer.py b/contrib/limited_html_renderer.py
new file mode 100644
index 00000000..5576ccdc
--- /dev/null
+++ b/contrib/limited_html_renderer.py
@@ -0,0 +1,11 @@
+import html
+from mistletoe.html_renderer import HTMLRenderer
+
+class LimitedHTMLRenderer(HTMLRenderer):
+ @staticmethod
+ def render_html_block(token):
+ return html.escape(token.content)
+
+ @staticmethod
+ def render_html_span(token):
+ return html.escape(token.content)
diff --git a/test/test_contrib/test_limited_html_renderer.py b/test/test_contrib/test_limited_html_renderer.py
new file mode 100644
index 00000000..6554680a
--- /dev/null
+++ b/test/test_contrib/test_limited_html_renderer.py
@@ -0,0 +1,31 @@
+from contrib.limited_html_renderer import LimitedHTMLRenderer
+from mistletoe.block_token import Document
+import random
+import string
+from unittest import TestCase
+
+class TestLimitedHTMLRenderer(TestCase):
+ def setUp(self):
+ self.renderer = LimitedHTMLRenderer()
+ self.renderer.__enter__()
+ self.addCleanup(self.renderer.__exit__, None, None, None)
+
+ def check_render(self, inputString, expected, errormsg):
+ output = self.renderer.render(Document(inputString))
+ output = output.strip()
+ self.assertEqual(output, expected, errormsg)
+
+ def test_render_inline_div(self):
+ input = 'hello
'
+ output = '<div>hello</div>'
+ self.check_render(input, output, 'One line div is not escaped')
+
+ def test_render_inline_span(self):
+ input = 'hello'
+ output = '<span>hello</span>
'
+ self.check_render(input, output, 'One line span is not escaped')
+
+ def test_render_embedded_markdown(self):
+ input = '\n\n*hello*\n\n
'
+ output = '<div>\nhello
\n</div>'
+ self.check_render(input, output, 'Markdown inside div is unexpectedly escaped')