Enabled jinja2 escaping by default.
This commit is contained in:
parent
63aef74e10
commit
0ab7d48622
2 changed files with 4 additions and 3 deletions
|
@ -116,7 +116,8 @@ class MatematHTTPServer(HTTPServer):
|
||||||
self.pagelet_variables = pagelet_variables
|
self.pagelet_variables = pagelet_variables
|
||||||
# Set up the Jinja2 environment
|
# Set up the Jinja2 environment
|
||||||
self.jinja_env: jinja2.Environment = jinja2.Environment(
|
self.jinja_env: jinja2.Environment = jinja2.Environment(
|
||||||
loader=jinja2.FileSystemLoader(os.path.abspath(templateroot))
|
loader=jinja2.FileSystemLoader(os.path.abspath(templateroot)),
|
||||||
|
autoescape=jinja2.select_autoescape(default=True)
|
||||||
)
|
)
|
||||||
# Set up logger
|
# Set up logger
|
||||||
self.logger: logging.Logger = logging.getLogger('matemat.webserver')
|
self.logger: logging.Logger = logging.getLogger('matemat.webserver')
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
{% block head %}
|
{% block head %}
|
||||||
<title>{{ setupname }}</title>
|
<title>{{ setupname|safe }}</title>
|
||||||
<link rel="stylesheet" href="/css/matemat.css" />
|
<link rel="stylesheet" href="/css/matemat.css" />
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
</head>
|
</head>
|
||||||
|
@ -28,7 +28,7 @@
|
||||||
<footer>
|
<footer>
|
||||||
{% block footer %}
|
{% block footer %}
|
||||||
<ul>
|
<ul>
|
||||||
<li> {{ setupname }}
|
<li> {{ setupname|safe }}
|
||||||
<li> Matemat {{__version__}}
|
<li> Matemat {{__version__}}
|
||||||
<li> © 2018 s3lph
|
<li> © 2018 s3lph
|
||||||
<li> MIT License
|
<li> MIT License
|
||||||
|
|
Loading…
Reference in a new issue