From 86644abf07d36fb0395dd3b2e919084c5b4e7691 Mon Sep 17 00:00:00 2001
From: domverse <domverse@domverse-berlin.eu>
Date: Wed, 25 Mar 2026 22:44:23 +0100
Subject: [PATCH] fix: tojson filter must return Markup to avoid HTML-escaping
 quotes

Jinja2 autoescaping turns " into &quot; after filters run unless
the filter returns a Markup (safe) object. json.dumps alone produced
broken JS (const REPLICA_NAME = &quot;name&quot;;).
Wrap json.dumps output in markupsafe.Markup to prevent escaping.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 app/main.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/main.py b/app/main.py
index 16aa2ea..ac1b93a 100644
--- a/app/main.py
+++ b/app/main.py
@@ -129,9 +129,10 @@ def create_app() -> FastAPI:
 
     # Templates
     import json as _json
+    from markupsafe import Markup as _Markup
     templates_dir = Path(__file__).parent / "templates"
     templates = Jinja2Templates(directory=str(templates_dir))
-    templates.env.filters["tojson"] = _json.dumps
+    templates.env.filters["tojson"] = lambda v: _Markup(_json.dumps(v))
 
     # Register UI routes (must come before API to avoid catch-all conflicts)
     from .ui.routes import router as ui_router, setup_templates