Prevent XSS attacks with wmd using the google-caja html sanitizer.

[osqa.git] / forum / skins / default / templates / question.html

diff --git a/forum/skins/default/templates/question.html b/forum/skins/default/templates/question.html
index aff082b9f98a53d3733e782ce0ef81b9776a9ece..228285730fd1946d0fbfe269fd765e4b6d94d203 100644 (file)
--- a/forum/skins/default/templates/question.html
+++ b/forum/skins/default/templates/question.html
@@ -21,6 +21,7 @@
         <script type='text/javascript' src='{% media  "/media/js/jquery.caret.js" %}'></script>\r
         <script type='text/javascript' src='{% media  "/media/js/wmd/showdown.js" %}'></script>\r
         <script type='text/javascript' src='{% media  "/media/js/wmd/wmd.js" %}'></script>\r
+        <script type='text/javascript' src='{% media  "/media/js/html_sanitizer.js" %}'></script>\r
         <link rel="stylesheet" type="text/css" href="{% media  "/media/js/wmd/wmd.css" %}" />\r
 \r
         {% if embed_youtube_videos %}\r
@@ -153,7 +154,7 @@
   \r
                 {% for answer in answers.paginator.page %}\r
                     <a name="{{ answer.id }}"></a>\r
-                    <div id="answer-container-{{ answer.id }}" class="answer {% post_classes answer %}">\r
+                    <div id="answer-container-{{ answer.id }}" class="answer {% post_classes answer %}{% ifequal answer.id focused_answer_id %} focusedAnswer{% endifequal %}">\r
                         <table style="width:100%;">\r
                             <tr>\r
                                 <td style="width:30px;vertical-align:top">\r