From b652eebf358e82cf5ec73b6a1883ee98c9cc3dab Mon Sep 17 00:00:00 2001
From: Dmitry Shelepnev <mitshel@mail.ru>
Date: Thu, 16 Mar 2017 22:24:17 +0300
Subject: [PATCH] Use strip_tags for annotation show

---
 opds_catalog/feeds.py                        | 5 +++--
 sopds_web_backend/templates/sopds_books.html | 2 +-
 sopds_web_backend/views.py                   | 7 ++++---
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/opds_catalog/feeds.py b/opds_catalog/feeds.py
index d0c27fe..fc04112 100644
--- a/opds_catalog/feeds.py
+++ b/opds_catalog/feeds.py
@@ -5,6 +5,7 @@ from django.contrib.syndication.views import Feed
 from django.core.urlresolvers import reverse
 from django.shortcuts import render
 from django.db.models import Count, Min
+from django.utils.html import strip_tags
 
 from opds_catalog.models import Book, Catalog, Author, Genre, Series, bookshelf, Counter, lang_menu
 from opds_catalog import models
@@ -235,7 +236,7 @@ class CatalogsFeed(AuthFeed):
               
         for row in books_list[op.d2_first_pos:op.d2_last_pos+1]:
             p = {'is_catalog':0, 'lang_code': row.lang_code, 'filename': row.filename, 'path': row.path, \
-                  'registerdate': row.registerdate, 'id': row.id, 'annotation': row.annotation, \
+                  'registerdate': row.registerdate, 'id': row.id, 'annotation': strip_tags(row.annotation), \
                   'docdate': row.docdate, 'format': row.format, 'title': row.title, 'filesize': row.filesize//1000,
                   'authors':row.authors.values(), 'genres':row.genres.values(), 'series':row.series.values()}         
             items.append(p)
@@ -465,7 +466,7 @@ class SearchBooksFeed(AuthFeed):
         
         for row in books[start:finish+1]:
             p = {'doubles':0, 'lang_code': row.lang_code, 'filename': row.filename, 'path': row.path, \
-                  'registerdate': row.registerdate, 'id': row.id, 'annotation': row.annotation, \
+                  'registerdate': row.registerdate, 'id': row.id, 'annotation': strip_tags(row.annotation), \
                   'docdate': row.docdate, 'format': row.format, 'title': row.title, 'filesize': row.filesize//1000,
                   'authors':row.authors.values(), 'genres':row.genres.values(), 'series':row.series.values()}       
             if summary_DOUBLES_HIDE:
diff --git a/sopds_web_backend/templates/sopds_books.html b/sopds_web_backend/templates/sopds_books.html
index 1c7f01b..4ead100 100644
--- a/sopds_web_backend/templates/sopds_books.html
+++ b/sopds_web_backend/templates/sopds_books.html
@@ -88,7 +88,7 @@
 			</tr>
 			<tr>
 			<td colspan="2">
-			    <p style="font-size:80%;"> {{ b.annotation }} </p>
+			    <p style="font-size:80%;">{{ b.annotation }}</p>
 			</td>
 			</tr></table>
 		</div>			
diff --git a/sopds_web_backend/views.py b/sopds_web_backend/views.py
index d1d17f9..3cc8696 100644
--- a/sopds_web_backend/views.py
+++ b/sopds_web_backend/views.py
@@ -7,6 +7,7 @@ from django.utils.translation import ugettext as _
 from django.contrib.auth import authenticate, login, logout, REDIRECT_FIELD_NAME
 from django.contrib.auth.decorators import user_passes_test
 from django.core.urlresolvers import reverse, reverse_lazy
+from django.utils.html import strip_tags
 
 from opds_catalog import models
 from opds_catalog.models import Book, Author, Series, bookshelf, Counter, Catalog, Genre, lang_menu
@@ -191,9 +192,9 @@ def SearchBooksView(request):
         
         for row in books[start:finish+1]:
             p = {'doubles':0, 'lang_code': row.lang_code, 'filename': row.filename, 'path': row.path, \
-                  'registerdate': row.registerdate, 'id': row.id, 'annotation': row.annotation, \
+                  'registerdate': row.registerdate, 'id': row.id, 'annotation': strip_tags(row.annotation), \
                   'docdate': row.docdate, 'format': row.format, 'title': row.title, 'filesize': row.filesize//1000,
-                  'authors':row.authors.values(), 'genres':row.genres.values(), 'series':row.series.values()}       
+                  'authors':row.authors.values(), 'genres':row.genres.values(), 'series':row.series.values()}
             if summary_DOUBLES_HIDE:
                 title = p['title']
                 authors_set = {a['id'] for a in p['authors']}         
@@ -345,7 +346,7 @@ def CatalogsView(request):
           
     for row in books_list[op.d2_first_pos:op.d2_last_pos+1]:
         p = {'is_catalog':0, 'lang_code': row.lang_code, 'filename': row.filename, 'path': row.path, \
-              'registerdate': row.registerdate, 'id': row.id, 'annotation': row.annotation, \
+              'registerdate': row.registerdate, 'id': row.id, 'annotation': strip_tags(row.annotation), \
               'docdate': row.docdate, 'format': row.format, 'title': row.title, 'filesize': row.filesize//1000,
               'authors':row.authors.values(), 'genres':row.genres.values(), 'series':row.series.values()}         
         items.append(p)
-- 
GitLab