From 333a4acb10bd16e72436d37bf876c14836c2c6d9 Mon Sep 17 00:00:00 2001
From: Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
Date: Mon, 14 Jun 2021 15:34:10 +0530
Subject: Fix CRITICAL cross-site scripting (xss) issues identified in
 sonarcloud

Issue-ID: OPTFRA-966
Signed-off-by: Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
Change-Id: I75825cd8b98c78712e7c727952e9602ace4ea1c0
---
 solverapp.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/solverapp.py b/solverapp.py
index 39f2670..a2df317 100644
--- a/solverapp.py
+++ b/solverapp.py
@@ -16,7 +16,8 @@
 # -------------------------------------------------------------------------
 #
 
-from flask import request, g
+from flask import request
+from markupsafe import Markup
 
 from osdf.apps.baseapp import app, run_app
 from osdf.logging.osdf_logging import audit_log
@@ -50,7 +51,7 @@ def opt_model_create_rest_api():
 def opt_get_model_rest_api(model_id):
     """Retrieve model data
     """
-
+    model_id = Markup.escape(model_id)
     return retrieve_model_data(model_id)
 
 
-- 
cgit 1.2.3-korg