9 yıl önce · e061c6e059
--- a/searx/engines/swisscows.py
+++ b/searx/engines/swisscows.py
@@ -10,6 +10,7 @@
 
				  @parse       url, title, content
			
 
				 """
			
 
				 
			
 
				+from cgi import escape
			
 
				 from json import loads
			
 
				 from urllib import urlencode, unquote
			
 
				 import re
			
@@ -77,7 +78,7 @@ def response(resp):
 
				 
			
 
				             # append result
			
 
				             results.append({'url': result['SourceUrl'],
			
 
				-                            'title': result['Title'],
			
 
				+                            'title': escape(result['Title']),
			
 
				                             'content': '',
			
 
				                             'img_src': img_url,
			
 
				                             'template': 'images.html'})
			
@@ -89,8 +90,8 @@ def response(resp):
 
				 
			
 
				             # append result
			
 
				             results.append({'url': result_url,
			
 
				-                            'title': result_title,
			
 
				-                            'content': result_content})
			
 
				+                            'title': escape(result_title),
			
 
				+                            'content': escape(result_content)})
			
 
				 
			
 
				     # parse images
			
 
				     for result in json.get('Images', []):
			
@@ -99,7 +100,7 @@ def response(resp):
 
				 
			
 
				         # append result
			
 
				         results.append({'url': result['SourceUrl'],
			
 
				-                        'title': result['Title'],
			
 
				+                        'title': escape(result['Title']),
			
 
				                         'content': '',
			
 
				                         'img_src': img_url,
			
 
				                         'template': 'images.html'})
			
--- a/searx/engines/yandex.py
+++ b/searx/engines/yandex.py
@@ -9,6 +9,7 @@
 
				  @parse       url, title, content
			
 
				 """
			
 
				 
			
 
				+from cgi import escape
			
 
				 from urllib import urlencode
			
 
				 from lxml import html
			
 
				 from searx.search import logger
			
@@ -51,8 +52,8 @@ def response(resp):
 
				     for result in dom.xpath(results_xpath):
			
 
				         try:
			
 
				             res = {'url': result.xpath(url_xpath)[0],
			
 
				-                   'title': ''.join(result.xpath(title_xpath)),
			
 
				-                   'content': ''.join(result.xpath(content_xpath))}
			
 
				+                   'title': escape(''.join(result.xpath(title_xpath))),
			
 
				+                   'content': escape(''.join(result.xpath(content_xpath)))}
			
 
				         except:
			
 
				             logger.exception('yandex parse crash')
			
 
				             continue