search

philomena-dev / philomena

Next-generation imageboard
GNU Affero General Public License v3.0
84 stars 29 forks source link

Ensure HTML raw insertion is not used in template #247

Closed liamwhite closed 2 months ago

liamwhite commented 2 months ago

The == operator in Slime inserts iodata marked explicitly as safe. It is quite dangerous and should probably be avoided.