diff --git a/pagure/doc_utils.py b/pagure/doc_utils.py
index 0506489..6765063 100644
--- a/pagure/doc_utils.py
+++ b/pagure/doc_utils.py
@@ -89,13 +89,17 @@ def convert_readme(content, ext, view_file_url=None):
provided.
'''
output = content
+ safe = False
if ext and ext in ['.rst']:
+ safe = True
output = convert_doc(content, view_file_url)
elif ext and ext in ['.mk']:
output = markdown.markdown(content)
+ safe = True
elif not ext or (ext and ext in ['.text', '.txt']):
+ safe = True
output = '%s
' % content
- return output
+ return output, safe
def load_doc(endpoint):
diff --git a/pagure/templates/docs.html b/pagure/templates/docs.html
index 29ff911..0ca64cc 100644
--- a/pagure/templates/docs.html
+++ b/pagure/templates/docs.html
@@ -72,9 +72,9 @@
{% if content %}
- {% autoescape false %}
- {{ content }}
- {% endautoescape %}
+ {% if safe }}
+ {{ content |safe }}
+ {% endif %}
{% endif %}
diff --git a/pagure/ui/docs.py b/pagure/ui/docs.py
index c4f2362..7d6cf59 100644
--- a/pagure/ui/docs.py
+++ b/pagure/ui/docs.py
@@ -64,10 +64,10 @@ def __get_tree_and_content(repo_obj, commit, path):
if isinstance(blob_or_tree, pygit2.TreeEntry): # Returned a file
ext = os.path.splitext(blob_or_tree.name)[1]
blob_obj = repo_obj[blob_or_tree.oid]
- content = pagure.doc_utils.convert_readme(blob_obj.data, ext)
+ content, safe = pagure.doc_utils.convert_readme(blob_obj.data, ext)
tree = sorted(tree_obj, key=lambda x: x.filemode)
- return (tree, content, extended)
+ return (tree, content, safe, extended)
# URLs
@@ -124,7 +124,7 @@ def view_docs(repo, username=None, branchname=None, filename=None):
if commit:
try:
- (tree, content, extended) = __get_tree_and_content(
+ (tree, content, safe, extended) = __get_tree_and_content(
repo_obj, commit, path)
if extended:
filename += '/'
@@ -141,4 +141,5 @@ def view_docs(repo, username=None, branchname=None, filename=None):
filename=filename,
tree=tree,
content=content,
+ safe=safe,
)