From 189eaf2bea02974e5935cc85ca7fb4488a4bb58b Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Wed, 29 Oct 2014 00:47:16 -0400
Subject: [PATCH] escape output

---
 src/controllers/admin.js          | 2 +-
 src/views/admin/advanced/logs.tpl | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/controllers/admin.js b/src/controllers/admin.js
index e5f0461785..4c0fe059ab 100644
--- a/src/controllers/admin.js
+++ b/src/controllers/admin.js
@@ -195,7 +195,7 @@ adminController.logs.get = function(req, res, next) {
 		}
 
 		res.render('admin/advanced/logs', {
-			data: data.toString()
+			data: validator.escape(data.toString())
 		});
 	});
 };
diff --git a/src/views/admin/advanced/logs.tpl b/src/views/admin/advanced/logs.tpl
index 52719cd47f..e4f8d2b2fc 100644
--- a/src/views/admin/advanced/logs.tpl
+++ b/src/views/admin/advanced/logs.tpl
@@ -3,7 +3,7 @@
 		<div class="panel panel-default">
 			<div class="panel-heading"><i class="fa fa-file-text-o"></i> Logs</div>
 			<div class="panel-body">
-				<pre><code>{data}</code></pre>
+				<pre>{data}</pre>
 			</div>
 		</div>
 	</div>