From 227ea6c65073bb5d0e38c3758c35c347ad8a7215 Mon Sep 17 00:00:00 2001
From: debugtalk <mail@debugtalk.com>
Date: Thu, 31 May 2018 14:41:40 +0800
Subject: [PATCH] fix #155: xss prevention

---
 httprunner/report.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/httprunner/report.py b/httprunner/report.py
index cc6dcce5..9cdb5d0f 100644
--- a/httprunner/report.py
+++ b/httprunner/report.py
@@ -126,7 +126,7 @@ def stringify_body(meta_data, request_or_response):
                     b64encode(body).decode('utf-8')
                 )
             else:
-                body = body.decode("utf-8")
+                body = escape(body.decode("utf-8"))
         except UnicodeDecodeError:
             pass