Escape characters for security purposes...

This commit is contained in:
Maxim 2020-03-06 00:00:49 -06:00 committed by GitHub
parent 8aa577dbeb
commit c51f07d2fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions

View File

@ -2,7 +2,7 @@
import os, hashlib, json, base64 import os, hashlib, json, base64
# Flask imports # Flask imports
from flask import Flask, request, render_template, session, send_from_directory, url_for, redirect from flask import Flask, request, render_template, session, send_from_directory, url_for, redirect, escape
from flask_uploads import UploadSet, configure_uploads, ALL from flask_uploads import UploadSet, configure_uploads, ALL
from werkzeug.utils import secure_filename from werkzeug.utils import secure_filename
@ -29,7 +29,7 @@ with open(NOTES_PTH) as infile:
try: try:
notesJson = json.load(infile) notesJson = json.load(infile)
for entry in notesJson: for entry in notesJson:
notesListEncoded.append(entry) notesListEncoded.append(escape(entry))
entryDecoded = str(base64.urlsafe_b64decode( entry.encode("utf-8") ), "utf-8") entryDecoded = str(base64.urlsafe_b64decode( entry.encode("utf-8") ), "utf-8")
notesListDecoded.append(entryDecoded) notesListDecoded.append(entryDecoded)
except Exception as e: except Exception as e: