Escape HTML when displaying search results

src/scripts/tutti/4_search.js

@@ -37,10 +37,10 @@ $(document).ready(function() {
 								hitFree +
 							'</div>' +
 							'<div class="search-hit-name" title="' + hit.name + '">' +
-								hit._highlightResult.name.value + ' ' +
+								hit.name + ' ' +
 							'</div>' +
 							'<div class="search-hit-meta">' +
-								'<span class="project">' + hit._highlightResult.project.name.value + '</span> · ' +
+								'<span class="project">' + hit.project.name + '</span> · ' +
 								'<span class="node_type">' + hit.node_type + '</span>' +
 								hitMedia +
 							'</div>' +

src/templates/nodes/search.jade

@@ -134,9 +134,9 @@ script(type="text/template", id="hit-template")
 				span free
 			| {{/is_free}}
 		.search-hit-name
-			| {{{ _highlightResult.name.value }}}
+			| {{ name }}
 		.search-hit-meta
-			span.project {{{ project.name }}} ·
+			span.project {{ project.name }}
 			span.node_type {{{ node_type }}}
 			| {{#media}}
 			span.media · {{{ media }}}

src/templates/projects/sharing.jade

@@ -96,7 +96,9 @@ script.
 				limit: 10,
 				templates: {
 					suggestion: function (hit) {
-						return hit._highlightResult.full_name.value + ' (' + hit._highlightResult.username.value + ')';
+						var suggestion = hit.full_name + ' (' + hit.username + ')';
+						var $p = $('p').text(suggestion);
+						return $p.html();
 					}
 				}
 			}

src/templates/users/index.jade

@@ -55,10 +55,10 @@ script(type="text/template", id="facet-template")
 script(type="text/template", id="hit-template")
 	.search-hit.users(data-user-id='{{ objectID }}')
 		.search-hit-name
-			| {{{ _highlightResult.full_name.value }}}
+			| {{ full_name }}
-			small ({{{ username }}})
+			small ({{ username }})
 		.search-hit-roles
-			| {{{ roles }}}
+			| {{ roles }}
 
 
 // Pagination template