# HG changeset patch
# User souliane <souliane@mailoo.org>
# Date 1452340831 -3600
# Node ID 25931797db20deb290d1fb4640d1048803686d38
# Parent  a825700c01e4192dd0e291b846b50550bccc9e5c
server (blog/themes): sanitize tags + display tags URLs

diff -r a825700c01e4 -r 25931797db20 src/server/blog.py
--- a/src/server/blog.py	Sat Jan 09 12:14:39 2016 +0100
+++ b/src/server/blog.py	Sat Jan 09 13:00:31 2016 +0100
@@ -591,7 +591,7 @@
             if query_data:
                 self.url += '?{}'.format(urllib.urlencode(query_data))
             self.title = self.getText(entry, 'title')
-            self.tags = list(common.dict2iter('tag', entry))
+            self.tags = [sanitizeHtml(tag) for tag in common.dict2iter('tag', entry)]
 
             count_text = lambda count: D_('comments') if count > 1 else D_('comment')
 
diff -r a825700c01e4 -r 25931797db20 themes/default/static_blog.html
--- a/themes/default/static_blog.html	Sat Jan 09 12:14:39 2016 +0100
+++ b/themes/default/static_blog.html	Sat Jan 09 13:00:31 2016 +0100
@@ -45,7 +45,7 @@
             {% if entry.tags %}
                 <ul class="mblog_tags">
                 {% for tag in entry.tags %}
-                    <li><a>{{tag}}</a></li>
+                    <li><a href="{{base_url}}?tag={{tag}}">{{tag}}</a></li>
                 {% endfor %}
                 </ul>
             {% endif %}