From 6791cb09c322e1ff6e7b471a3bd2219a44e25801 Mon Sep 17 00:00:00 2001
From: Mehmet Korkmaz <mehmet@mkorkmaz.com>
Date: Sat, 18 Feb 2017 01:32:30 +0300
Subject: [PATCH] Security and CS fixes

---
 rsanic/rsanic.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/rsanic/rsanic.py b/rsanic/rsanic.py
index 5ca9fdb..239441e 100644
--- a/rsanic/rsanic.py
+++ b/rsanic/rsanic.py
@@ -52,9 +52,9 @@ async def handler(self, request, **args):
             return_type = handler['return_type']
         except KeyError:
             return_type = self.config.default_return_type
-        module_name, class_name = handler['controller'].rsplit(".", 1)
+        handler_parts = handler['controller'].rsplit(".", 1)
         module_path = handler['controller']
-        controller_obj = getattr(importlib.import_module(module_path), class_name.title())
+        controller_obj = getattr(importlib.import_module(module_path), handler_parts[1].title())
         controller = controller_obj(container=self.container, request=request)
         controller.application_global()
         controller.controller_global()
@@ -70,7 +70,7 @@ async def handler(self, request, **args):
     def html_response(self, handler, controller_response):
         bcc = FileSystemBytecodeCache()
         loader = FileSystemLoader(self.config['app_dir'] + '/templates')
-        jinja = Environment(bytecode_cache=bcc, loader=loader)
+        jinja = Environment(bytecode_cache=bcc, loader=loader, autoescape=True)
         jinja.globals['config'] = self.config
         template_path = handler['controller'].replace('.', '/') + '.html'
         template = jinja.get_template(template_path)