diff options
| author | Valentin Popov <valentineus@gmail.com> | 2018-04-04 00:16:44 +0300 |
|---|---|---|
| committer | Valentin Popov <valentineus@gmail.com> | 2018-04-04 00:16:44 +0300 |
| commit | 8ad20776ad6babf0fd66fab21cfce486da56a070 (patch) | |
| tree | a4f679c23e6fdc877b02a3026fb31fb3087b2320 | |
| parent | cb2aa93e083b4f59b52586afeaf47a1b5802a3e2 (diff) | |
| download | popov.link-8ad20776ad6babf0fd66fab21cfce486da56a070.tar.xz popov.link-8ad20776ad6babf0fd66fab21cfce486da56a070.zip | |
Added security to the post template
Signed-off-by: Valentin Popov <valentineus@gmail.com>
| -rw-r--r-- | _layouts/post.html | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/_layouts/post.html b/_layouts/post.html index 17e18f4..aa5b6ca 100644 --- a/_layouts/post.html +++ b/_layouts/post.html @@ -2,11 +2,17 @@ layout: default --- -<!-- Content of the post --> <div class="post"> - <h1 class="post-title">{{ page.title }}</h1> + <!-- Header --> + <h1 class="post-title"> + {{ page.title | smartify | strip_html | normalize_whitespace }} + </h1> + + <!-- Date --> <span class="post-date">{{ page.date | date_to_long_string }}</span> - {{ content }} + + <!-- Contents --> + {{ content | normalize_whitespace }} </div> <!-- Comments on the post --> @@ -14,9 +20,9 @@ layout: default <div id="disqus_thread"></div> <script type="text/javascript" defer> var disqus_config = function() { - this.page.identifier = '{{ page.url | relative_url }}'; - this.page.title = '{{ page.title }}'; - this.page.url = '{{ page.url | absolute_url }}'; + this.page.identifier = '{{ page.id | slugify }}'; + this.page.title = '{{ page.title | smartify | strip_html | normalize_whitespace }}'; + this.page.url = '{{ page.url | absolute_url | uri_escape }}'; }; (function() { |