From 563d07cdc535712eba85660f9997a9ad80f2b14e Mon Sep 17 00:00:00 2001
From: Stefano Pigozzi <ste.pigozzi@gmail.com>
Date: Sat, 21 Jul 2018 19:47:16 +0200
Subject: [PATCH] Escape correctly

---
 webserver.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webserver.py b/webserver.py
index 74a7eb18..5d025e0b 100644
--- a/webserver.py
+++ b/webserver.py
@@ -176,7 +176,7 @@ def page_wiki(key: str):
         db_session.close()
         if wiki_page is None:
             return render_template("wiki.html", key=key)
-        converted_md = Markup(markdown2.markdown(escape(wiki_page.content),
+        converted_md = Markup(markdown2.markdown(wiki_page.content.replace("<", "&lt;"),
                               extras=["spoiler", "tables"]))
         return render_template("wiki.html", key=key, wiki_page=wiki_page, converted_md=converted_md,
                                wiki_log=wiki_latest_edit)