From c6aab372cb20669e1a44672972c36071ad8d6c32 Mon Sep 17 00:00:00 2001
From: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Date: Sun, 26 Aug 2018 05:12:01 -0400
Subject: [PATCH] Compose the setting widget in a safer way.

Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
---
 mayan/apps/smart_settings/widgets.py | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/mayan/apps/smart_settings/widgets.py b/mayan/apps/smart_settings/widgets.py
index 824ddb4d26..36b5f00288 100644
--- a/mayan/apps/smart_settings/widgets.py
+++ b/mayan/apps/smart_settings/widgets.py
@@ -1,12 +1,10 @@
 from __future__ import unicode_literals
 
-from django.utils.safestring import mark_safe
+from django.utils.html import format_html
 
 
 def setting_widget(instance):
-    return mark_safe(
-        '''
-            <strong>{}</strong>
-            <p class="small">{}</p>
-        '''.format(instance, instance.help_text or '')
+    return format_html(
+        '<strong>{}</strong><p class="small">{}</p>', instance,
+        instance.help_text or ''
     )