diff --git a/strictdoc/export/html/generators/view_objects/diff_screen_results_view_object.py b/strictdoc/export/html/generators/view_objects/diff_screen_results_view_object.py index 938b02ddb..98439cef6 100644 --- a/strictdoc/export/html/generators/view_objects/diff_screen_results_view_object.py +++ b/strictdoc/export/html/generators/view_objects/diff_screen_results_view_object.py @@ -60,7 +60,9 @@ def __init__( self.error_message: Optional[str] = None def render_screen(self, jinja_environment: Environment): - template = jinja_environment.get_template("screens/git/index.jinja") + template = jinja_environment.overlay(autoescape=False).get_template( + "screens/git/index.jinja" + ) return template.render(view_object=self) def render_url(self, url: str): diff --git a/strictdoc/export/html/html_templates.py b/strictdoc/export/html/html_templates.py index 04f1e11be..5769b7731 100644 --- a/strictdoc/export/html/html_templates.py +++ b/strictdoc/export/html/html_templates.py @@ -105,6 +105,7 @@ def __init__(self): loader=FileSystemLoader(environment.get_path_to_html_templates()), undefined=StrictUndefined, extensions=[AssertExtension], + autoescape=True, ) def jinja_environment(self) -> Environment: diff --git a/strictdoc/export/html/renderers/markup_renderer.py b/strictdoc/export/html/renderers/markup_renderer.py index a0d418143..1949e3860 100644 --- a/strictdoc/export/html/renderers/markup_renderer.py +++ b/strictdoc/export/html/renderers/markup_renderer.py @@ -1,6 +1,8 @@ # mypy: disable-error-code="attr-defined,no-untyped-call,no-untyped-def,var-annotated" from typing import Optional, Type, Union +from markupsafe import Markup + from strictdoc.backend.sdoc.models.anchor import Anchor from strictdoc.backend.sdoc.models.document import SDocDocument from strictdoc.backend.sdoc.models.inline_link import InlineLink @@ -141,7 +143,7 @@ def render_node_field( output = self.fragment_writer.write(parts_output) self.cache[(document_type, node_field, truncated)] = output - return output + return Markup(output) def render_free_text(self, document_type, free_text): assert isinstance(free_text, FreeText) diff --git a/strictdoc/export/html/templates/components/node_field/section_h/index.jinja b/strictdoc/export/html/templates/components/node_field/section_h/index.jinja index f2a3445a6..ab81f3988 100644 --- a/strictdoc/export/html/templates/components/node_field/section_h/index.jinja +++ b/strictdoc/export/html/templates/components/node_field/section_h/index.jinja @@ -14,7 +14,7 @@ {%- if sdoc_entity.context.title_number_string -%} {#- add title 'number' part to the accumulator -#} - {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". " -%} + {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". "|safe -%} {%- endif -%} {%- set title = sdoc_entity.reserved_title if sdoc_entity.is_requirement else sdoc_entity.title -%} diff --git a/strictdoc/export/html/templates/components/node_field/section_title/index.jinja b/strictdoc/export/html/templates/components/node_field/section_title/index.jinja index 6c6ba8804..4b5a2cc42 100644 --- a/strictdoc/export/html/templates/components/node_field/section_title/index.jinja +++ b/strictdoc/export/html/templates/components/node_field/section_title/index.jinja @@ -9,7 +9,7 @@ {%- if sdoc_entity.context.title_number_string -%} {#- add title 'number' part to the accumulator -#} - {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". " -%} + {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". "|safe -%} {%- endif -%} {%- set title = sdoc_entity.reserved_title if sdoc_entity.is_requirement else sdoc_entity.title -%} diff --git a/strictdoc/export/html/templates/components/node_field/title/index.jinja b/strictdoc/export/html/templates/components/node_field/title/index.jinja index 5f115c90e..77934acad 100644 --- a/strictdoc/export/html/templates/components/node_field/title/index.jinja +++ b/strictdoc/export/html/templates/components/node_field/title/index.jinja @@ -8,7 +8,7 @@ {%- if title_number is true -%} {%- if sdoc_entity.context.title_number_string %} {#- add title 'number' part to the accumulator -#} - {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". " -%} + {%- set field_content_ = field_content_ + sdoc_entity.context.title_number_string + ". "|safe -%} {%- endif -%} {%- endif -%}