I think this got left off when doing the security scrub of html_safe. Changed the filter_html to trueby default to scrub any weird tags users may have put in the DB.
We may want to think about scrubbing user inputs before persisting data in the future.
I think this got left off when doing the security scrub of
html_safe
. Changed thefilter_html
totrue
by default to scrub any weird tags users may have put in the DB.We may want to think about scrubbing user inputs before persisting data in the future.