Fix XSS js injection

cas_server/templates/cas_server/base.html

@@ -58,7 +58,7 @@
                         class="alert alert-danger"
                     {% endif %}
                 {% endspaceless %}>
-                    <p>{{message|safe}}</p>
+                    <p>{{message}}</p>
                 </div>
             {% endfor %}
             {% if auto_submit %}</noscript>{% endif %}

cas_server/templates/cas_server/logout.html

@@ -2,6 +2,6 @@
 {% load staticfiles %}
 {% load i18n %}
 {% block content %}
-<div class="alert alert-success" role="alert">{{logout_msg|safe}}</div>
+<div class="alert alert-success" role="alert">{{logout_msg}}</div>
 {% endblock %}