Sanitized html output with hiccup (#294)

alxdb · malcolmsparks · commit 90d354a53183 · 2019-05-21T12:22:36.000+01:00
diff --git a/src/yada/body.clj b/src/yada/body.clj
@@ -8,6 +8,7 @@
    [clojure.tools.logging :refer :all]
    [hiccup.core :refer [html]]
    [hiccup.page :refer [xhtml]]
+   [hiccup.util :refer [escape-html]]
    [manifold.stream :refer [->source transform]]
    [yada.charset :as charset]
    [yada.status :refer [status]]
@@ -249,7 +250,7 @@
            (.printStackTrace error pw)
            (.flush pw)
            (let [s (String. (.toByteArray baos))]
-             [:pre s])))])
+             [:pre (escape-html s)])))])
 
     [:div
      [:p.footer
