From 13eb6aa21612c44b1c9bca449541732214f089a8 Mon Sep 17 00:00:00 2001
From: Andreas Kloeckner <inform@tiker.net>
Date: Wed, 14 Feb 2018 23:56:50 -0600
Subject: [PATCH] Ensure that user-code generated actually consists of strings

---
 course/page/code.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/course/page/code.py b/course/page/code.py
index c7ed5a21..76963871 100644
--- a/course/page/code.py
+++ b/course/page/code.py
@@ -906,6 +906,9 @@ class PythonCodeQuestion(PageBaseWithTitle, PageBaseWithValue):
                     else:
                         return False
 
+                if not isinstance(s, six.text_type):
+                    return _("(Non-string in 'HTML' output filtered out)")
+
                 return bleach.clean(s,
                         tags=bleach.ALLOWED_TAGS + ["audio", "video", "source"],
                         attributes={
-- 
GitLab