From a94adf0627d0a66f936ae4294b4c60a23599746f Mon Sep 17 00:00:00 2001
From: =?utf8?q?=E4=BA=91=E4=B8=AD=E5=90=9B?= <me@abersheeran.com>
Date: Sat, 17 Aug 2019 00:12:12 +0800
Subject: [PATCH] Fix html escape

---
 starlette/middleware/errors.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/starlette/middleware/errors.py b/starlette/middleware/errors.py
index 9c9005c2..1f2c40b4 100644
--- a/starlette/middleware/errors.py
+++ b/starlette/middleware/errors.py
@@ -1,3 +1,4 @@
+import html
 import asyncio
 import inspect
 import traceback
@@ -221,7 +222,7 @@ class ServerErrorMiddleware:
             exc_html += self.generate_frame_html(frame, center_lineno, is_collapsed)
             is_collapsed = True
 
-        error = f"{traceback_obj.exc_type.__name__}: {traceback_obj}"
+        error = f"{traceback_obj.exc_type.__name__}: {html.escape(traceback_obj)}"
 
         return TEMPLATE.format(styles=STYLES, js=JS, error=error, exc_html=exc_html)
 
-- 
2.47.2