patch.diff

commit 793a735077145e00b2d4157eee2911709a539892 (HEAD -> nchelluri/escape-curly-mojo, origin/nchelluri/escape-curly-mojo)
Author: Narsimham Chelluri <nchelluri@maxmind.com>
Date:   Thu Sep 28 14:02:55 2017 +0000

    Escape curly braces in Mojo

diff --git a/lib/MM/Controller/Website.pm b/lib/MM/Controller/Website.pm
index 3c4838358c..b1f6bc20a2 100644
--- a/lib/MM/Controller/Website.pm
+++ b/lib/MM/Controller/Website.pm
@@ -38,6 +38,7 @@ use MM::Databases;
 use MM::Model::User::Permissions;
 use MM::MojoX::Session::Proxy;
 use MM::Util::Validate qw( validate_email );
+use Mojo::Util qw( xml_escape );
 use Mojolicious::Plugin::ExposeControllerMethod;
 use Mojolicious::Plugin::MM::ExceptionHandler;
 use Mojolicious::Plugin::MM::Localizer;
@@ -81,6 +82,15 @@ sub startup ( $self, @ ) {
     $self->plugin('MM::Website::AdminURLFor');
     $self->plugin('MM::Website::StaticURLFor');
     $self->plugin('MM::PageKit');
+    $self->plugin(
+        'EPRenderer' => {
+            template => {
+                escape => sub($str) {
+                    return xml_escape( $str =~ s/\{/&#123;/gr );
+                }
+            }
+        }
+    );
     $self->plugin('ExposeControllerMethod');
     $self->plugin('WithCSRFProtection');