From 51ccc462b4df286b58379ee8d053da0437e65859 Mon Sep 17 00:00:00 2001
From: Samuel Gaist <samuel.gaist@idiap.ch>
Date: Fri, 4 Jan 2019 09:35:42 +0100
Subject: [PATCH] [utils] Fix security issue detected by bandit

---
 beat/editor/utils.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/beat/editor/utils.py b/beat/editor/utils.py
index bc8d2509..20c74aba 100644
--- a/beat/editor/utils.py
+++ b/beat/editor/utils.py
@@ -25,6 +25,9 @@
 #                                                                             #
 ###############################################################################
 
+"""
+Helper methods and utilities
+"""
 
 import os
 import sys
@@ -36,8 +39,10 @@ import logging
 logger = logging.getLogger(__name__)
 
 
-ENV = jinja2.Environment(loader=jinja2.PackageLoader(__name__, "templates"))
-"""Jinja2 environment for loading our templates"""
+# Jinja2 environment for loading our templates
+ENV = jinja2.Environment(
+    loader=jinja2.PackageLoader(__name__, "templates"), autoescape=True
+)
 
 
 def generate_database(views=None):
@@ -129,13 +134,14 @@ TEMPLATE_FUNCTION = dict(
     plotters=generate_plotter,
 )
 
-"""Functions for template instantiation within beat.editor"""
-
 
 class PythonFileAlreadyExistsError(Exception):
     pass
 
 
+# Functions for template instantiation within beat.editor
+
+
 def generate_python_template(entity, name, confirm, config, **kwargs):
     """Generates a template for a BEAT entity with the given named arguments
 
-- 
GitLab