Fix xss #48

Merged
Plume_migration_agent merged 5 commits from master into master 2018-06-11 11:47:07 +00:00

5 commits

Author SHA1 Message Date
fdb-hiroshima
96f027e506
fix double escape 2018-06-11 12:33:32 +02:00
Trinity Pointard
7d9609671c change post.content and comment.content's types from String to SafeString 2018-06-11 12:22:43 +02:00
Trinity Pointard
bb1442db8a create new type SafeString to sanitise and store unsafe html 2018-06-11 11:44:17 +02:00
Trinity Pointard
e7cadbf764 fix double-escaping on login page and disallow html on summary 2018-06-11 11:19:44 +02:00
Trinity Pointard
daf4de07be rename templates from .tera to .html.tera to enable auto-escaping of html 2018-06-11 11:19:39 +02:00