From 3494c5df821501d1722ce08eb7867458a127d54f Mon Sep 17 00:00:00 2001
From: Shivansh Rai <shivansh@freebsd.org>
Date: Tue, 4 Jul 2017 18:30:18 +0530
Subject: [PATCH] Enable HTML escaping for code segments

---
 templates/cards.html    | 2 +-
 templates/memorize.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/cards.html b/templates/cards.html
index 8488169..08b8906 100644
--- a/templates/cards.html
+++ b/templates/cards.html
@@ -57,7 +57,7 @@
                     {% if card.type == 1 %}
                         {{ card.back|replace("\n", "<br />")|safe }}
                     {% else %}
-                        <pre><code>{{ card.back|safe }}</code></pre>
+                        <pre><code>{{ card.back|escape }}</code></pre>
                     {% endif %}
                 </td>
             </tr>
diff --git a/templates/memorize.html b/templates/memorize.html
index b42a3cb..ab93369 100644
--- a/templates/memorize.html
+++ b/templates/memorize.html
@@ -47,7 +47,7 @@
                                     </div>
                                 {% endif %}
                             {% else %}
-                                <pre><code>{{ card.back|safe }}</code></pre>
+                                <pre><code>{{ card.back|escape }}</code></pre>
                             {% endif %}
                         </div>
                     </div>