diff --git a/strictdoc/export/html/generators/view_objects/diff_screen_results_view_object.py b/strictdoc/export/html/generators/view_objects/diff_screen_results_view_object.py
index 938b02ddb..98439cef6 100644
--- a/strictdoc/export/html/generators/view_objects/diff_screen_results_view_object.py
+++ b/strictdoc/export/html/generators/view_objects/diff_screen_results_view_object.py
@@ -60,7 +60,9 @@ def __init__(
self.error_message: Optional[str] = None
def render_screen(self, jinja_environment: Environment):
- template = jinja_environment.get_template("screens/git/index.jinja")
+ template = jinja_environment.overlay(autoescape=False).get_template(
+ "screens/git/index.jinja"
+ )
return template.render(view_object=self)
def render_url(self, url: str):
diff --git a/strictdoc/export/html/html_templates.py b/strictdoc/export/html/html_templates.py
index 04f1e11be..5769b7731 100644
--- a/strictdoc/export/html/html_templates.py
+++ b/strictdoc/export/html/html_templates.py
@@ -105,6 +105,7 @@ def __init__(self):
loader=FileSystemLoader(environment.get_path_to_html_templates()),
undefined=StrictUndefined,
extensions=[AssertExtension],
+ autoescape=True,
)
def jinja_environment(self) -> Environment:
diff --git a/strictdoc/export/html/renderers/markup_renderer.py b/strictdoc/export/html/renderers/markup_renderer.py
index a0d418143..1949e3860 100644
--- a/strictdoc/export/html/renderers/markup_renderer.py
+++ b/strictdoc/export/html/renderers/markup_renderer.py
@@ -1,6 +1,8 @@
# mypy: disable-error-code="attr-defined,no-untyped-call,no-untyped-def,var-annotated"
from typing import Optional, Type, Union
+from markupsafe import Markup
+
from strictdoc.backend.sdoc.models.anchor import Anchor
from strictdoc.backend.sdoc.models.document import SDocDocument
from strictdoc.backend.sdoc.models.inline_link import InlineLink
@@ -141,7 +143,7 @@ def render_node_field(
output = self.fragment_writer.write(parts_output)
self.cache[(document_type, node_field, truncated)] = output
- return output
+ return Markup(output)
def render_free_text(self, document_type, free_text):
assert isinstance(free_text, FreeText)
diff --git a/strictdoc/export/html/templates/components/node_field/section_h/index.jinja b/strictdoc/export/html/templates/components/node_field/section_h/index.jinja
index f2a3445a6..ab81f3988 100644
--- a/strictdoc/export/html/templates/components/node_field/section_h/index.jinja
+++ b/strictdoc/export/html/templates/components/node_field/section_h/index.jinja
@@ -14,7 +14,7 @@
{%- if sdoc_entity.context.title_number_string -%}
{#- add title 'number' part to the accumulator -#}
- {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". " -%}
+ {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". "|safe -%}
{%- endif -%}
{%- set title = sdoc_entity.reserved_title if sdoc_entity.is_requirement else sdoc_entity.title -%}
diff --git a/strictdoc/export/html/templates/components/node_field/section_title/index.jinja b/strictdoc/export/html/templates/components/node_field/section_title/index.jinja
index 6c6ba8804..4b5a2cc42 100644
--- a/strictdoc/export/html/templates/components/node_field/section_title/index.jinja
+++ b/strictdoc/export/html/templates/components/node_field/section_title/index.jinja
@@ -9,7 +9,7 @@
{%- if sdoc_entity.context.title_number_string -%}
{#- add title 'number' part to the accumulator -#}
- {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". " -%}
+ {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". "|safe -%}
{%- endif -%}
{%- set title = sdoc_entity.reserved_title if sdoc_entity.is_requirement else sdoc_entity.title -%}
diff --git a/strictdoc/export/html/templates/components/node_field/title/index.jinja b/strictdoc/export/html/templates/components/node_field/title/index.jinja
index 5f115c90e..77934acad 100644
--- a/strictdoc/export/html/templates/components/node_field/title/index.jinja
+++ b/strictdoc/export/html/templates/components/node_field/title/index.jinja
@@ -8,7 +8,7 @@
{%- if title_number is true -%}
{%- if sdoc_entity.context.title_number_string %}
{#- add title 'number' part to the accumulator -#}
- {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". " -%}
+ {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". "|safe -%}
{%- endif -%}
{%- endif -%}