[Fix] oscar: no HTML escaping prior to output

When results are fetched from any programming related documentation site
(like git-scm.com, docs.python.org etc), content in Info box is shown as
raw HTML code.

This change addresses the issue by using "safe" filter feature provided by
Django. See,
  - https://docs.djangoproject.com/en/3.0/ref/templates/builtins/#safe
  - Searx issue tracker (issue #1649), for more information.

Resolves: #1649
This commit is contained in:
Vipul 2019-12-22 01:21:22 +00:00
parent 36ca2dcc56
commit 6a5aae6530
No known key found for this signature in database
GPG Key ID: F5235B9F8C8E7794

View File

@ -6,7 +6,7 @@
<div class="panel-body"> <div class="panel-body">
{% if infobox.img_src %}<img class="img-responsive center-block infobox_part" src="{{ image_proxify(infobox.img_src) }}" alt="{{ infobox.infobox }}" />{% endif %} {% if infobox.img_src %}<img class="img-responsive center-block infobox_part" src="{{ image_proxify(infobox.img_src) }}" alt="{{ infobox.infobox }}" />{% endif %}
{% if infobox.content %}<bdi><p class="infobox_part">{{ infobox.content }}</p></bdi>{% endif %} {% if infobox.content %}<bdi><p class="infobox_part">{{ infobox.content | safe }}</p></bdi>{% endif %}
{% if infobox.attributes -%} {% if infobox.attributes -%}
<table class="table table-striped infobox_part"> <table class="table table-striped infobox_part">