Fakultas Ilmu Komputer UI

Skip to content
Snippets Groups Projects
Commit 6604e333 authored by t-ragilalbadrun's avatar t-ragilalbadrun
Browse files

Escape change name

parent 48d3844a
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
backend/app/views/main.py
+ 2
1
View file @ 6604e333
import html
from flask import (
Blueprint,
current_app as app,
......@@ -84,7 +85,7 @@ def delete_user_schedule(user_id, user_schedule_id):
def rename_user_schedule(user_id, user_schedule_id):
data = request.json
user_schedule = UserSchedule.objects(id=user_schedule_id).first()
user_schedule.name = data["name"]
user_schedule.name = html.escape(data["name"])
user_schedule.save()
return (jsonify({
'user_schedule': user_schedule.serialize()
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Excellence In Teamwork