From c6e6aed55e95c365e80d0ba17d39b8a1c68b02a0 Mon Sep 17 00:00:00 2001
From: Aidan Cornelius-Bell <aidan@cornelius-bell.com>
Date: Sun, 29 Dec 2024 08:49:40 +1030
Subject: [PATCH] Fixed a weak Cross-Site Scripting attack surface

---
 app/views/pubview/show_public.html.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/pubview/show_public.html.erb b/app/views/pubview/show_public.html.erb
index efba06e..c27f80f 100644
--- a/app/views/pubview/show_public.html.erb
+++ b/app/views/pubview/show_public.html.erb
@@ -11,6 +11,6 @@
 
 <div class="post">
   <div class="container">
-    <%= raw MarkdownRenderer.render(@page.content) %>
+    <%= MarkdownRenderer.render(@page.content).html_safe %>
   </div>
 </div>
-- 
2.39.5