diff options
| author | Adam Tauber <asciimoo@gmail.com> | 2016-12-09 19:10:33 +0100 |
|---|---|---|
| committer | Adam Tauber <asciimoo@gmail.com> | 2016-12-09 19:10:33 +0100 |
| commit | ef2ef7974ab9bf55c5193a30544f71d8ca04f7b0 (patch) | |
| tree | 6651c31542d35df20aeb5ed270b97eae42550541 | |
| parent | 7e1f27e45924147cc2219ddb9299460f202b206b (diff) | |
| download | searxng-ef2ef7974ab9bf55c5193a30544f71d8ca04f7b0.tar.gz searxng-ef2ef7974ab9bf55c5193a30544f71d8ca04f7b0.zip | |
[enh] central html escaping of results
| -rw-r--r-- | searx/webapp.py | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/searx/webapp.py b/searx/webapp.py index 8996aa2b9..352a49fb6 100644 --- a/searx/webapp.py +++ b/searx/webapp.py @@ -40,7 +40,7 @@ except: logger.critical("cannot import dependency: pygments") from sys import exit exit(1) - +from cgi import escape from datetime import datetime, timedelta from urllib import urlencode from urlparse import urlparse, urljoin @@ -433,8 +433,9 @@ def index(): for result in results: if output_format == 'html': if 'content' in result and result['content']: - result['content'] = highlight_content(result['content'][:1024], search_query.query.encode('utf-8')) - result['title'] = highlight_content(result['title'], search_query.query.encode('utf-8')) + result['content'] = highlight_content(escape(result['content'][:1024]), + search_query.query.encode('utf-8')) + result['title'] = highlight_content(escape(result['title']), search_query.query.encode('utf-8')) else: if result.get('content'): result['content'] = html_to_text(result['content']).strip() |