From: Aidan Cornelius-Bell <aidan@cornelius-bell.com>
Date: Sat, 28 Dec 2024 22:19:40 +0000 (+1030)
Subject: Fixed a weak Cross-Site Scripting attack surface
X-Git-Url: https://gitweb.mndrdr.org/?a=commitdiff_plain;h=c6e6aed55e95c365e80d0ba17d39b8a1c68b02a0;p=arelpe.git

Fixed a weak Cross-Site Scripting attack surface
---

diff --git a/app/views/pubview/show_public.html.erb b/app/views/pubview/show_public.html.erb
index efba06e..c27f80f 100644
--- a/app/views/pubview/show_public.html.erb
+++ b/app/views/pubview/show_public.html.erb
@@ -11,6 +11,6 @@
 
 <div class="post">
   <div class="container">
-    <%= raw MarkdownRenderer.render(@page.content) %>
+    <%= MarkdownRenderer.render(@page.content).html_safe %>
   </div>
 </div>