Fix script injection using markdown

Fixes #16
author: rubenwardy <rw@rubenwardy.com> 2018-03-24 19:19:04 +0000
committer: rubenwardy <rw@rubenwardy.com> 2018-03-24 19:19:04 +0000
commit: 4898b69ea050c584050cf9e82854b1a42a7602b8 (patch)
tree: c32a3dcdb84747094bb204beea27e8a6cca9652a
parent: c9073a83246cf70ba011684949505e7644bb9e9b (diff)
download: cheatdb-4898b69ea050c584050cf9e82854b1a42a7602b8.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/app/__init__.py b/app/__init__.py
index d9c2b38..b5aa36c 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -9,7 +9,7 @@ app = Flask(__name__)
 app.config.from_pyfile(os.environ["FLASK_CONFIG"])
 
 menu.Menu(app=app)
-markdown.Markdown(app, extensions=["fenced_code"])
+markdown.Markdown(app, extensions=["fenced_code"], safe_mode=True, output_format="html5")
 github = GitHub(app)
 
 from . import models
author	rubenwardy <rw@rubenwardy.com>	2018-03-24 19:19:04 +0000
committer	rubenwardy <rw@rubenwardy.com>	2018-03-24 19:19:04 +0000
commit	4898b69ea050c584050cf9e82854b1a42a7602b8 (patch)
tree	c32a3dcdb84747094bb204beea27e8a6cca9652a
parent	c9073a83246cf70ba011684949505e7644bb9e9b (diff)
download	cheatdb-4898b69ea050c584050cf9e82854b1a42a7602b8.tar.xz