From: Aidan Cornelius-Bell Date: Sat, 28 Dec 2024 22:19:40 +0000 (+1030) Subject: Fixed a weak Cross-Site Scripting attack surface X-Git-Url: https://gitweb.mndrdr.org/?a=commitdiff_plain;h=c6e6aed55e95c365e80d0ba17d39b8a1c68b02a0;p=arelpe.git Fixed a weak Cross-Site Scripting attack surface --- diff --git a/app/views/pubview/show_public.html.erb b/app/views/pubview/show_public.html.erb index efba06e..c27f80f 100644 --- a/app/views/pubview/show_public.html.erb +++ b/app/views/pubview/show_public.html.erb @@ -11,6 +11,6 @@
- <%= raw MarkdownRenderer.render(@page.content) %> + <%= MarkdownRenderer.render(@page.content).html_safe %>