Gum: HTML-escape tag names when rendering them

mikeabrahamsen · Jul 19, 2013 · 59779ff · 59779ff
1 parent 6e0954d
commit 59779ff
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/gum/templates/index.html b/gum/templates/index.html
@@ -28,7 +28,7 @@
 									{% if article.tags %}
 										<span>Tagged as : </span>
 										{% for tag in article.tags %}
-											<a class="danger label" href="{{ SITEURL }}/{{ tag.url }}">{{ tag }}</a>
+											<a class="danger label" href="{{ SITEURL }}/{{ tag.url }}">{{ tag|e }}</a>
 										{% endfor %}
 									{% endif %}
 								</div>

diff --git a/gum/templates/sidebar.html b/gum/templates/sidebar.html
@@ -33,7 +33,7 @@ <h4>Tags</h4>
 {% if tags %}
 	<ul>
 	{% for tag in tag_cloud %}
-	    <li class="tag-{{ tag.1 }}"><a href="{{ SITEURL }}/{{ tag.0.url }}">{{ tag.0 }}</a></li>
+	    <li class="tag-{{ tag.1 }}"><a href="{{ SITEURL }}/{{ tag.0.url }}">{{ tag.0|e }}</a></li>
 	{% endfor %}
 </ul>
 {% endif %}

diff --git a/gum/templates/tag.html b/gum/templates/tag.html
@@ -1,2 +1,2 @@
 {% extends "index.html" %}
-{% block title %}{{ SITENAME }} - {{ tag }}{% endblock %}
+{% block title %}{{ SITENAME }} - {{ tag|e }}{% endblock %}
diff --git a/gum/templates/tags.html b/gum/templates/tags.html
@@ -5,7 +5,7 @@
 {% for tag in tag_cloud %}
 <li class="tag-{{ tag.1 }}">
 	<a href="{{ SITEURL }}/{{ tag.0.url }}">
-		<i class="icon-tag icon-large"></i>{{ tag.0 }}
+		<i class="icon-tag icon-large"></i>{{ tag.0|e }}
 	</a>
 </li>
 {% endfor %}