migrate-from-ppy.py: jinja2 autoescape

"By default, jinja2 sets autoescape to False. Consider using autoescape=True or use the select_autoescape function to mitigate XSS vulnerabilities."

Author: jeremydouglass

hack/migrate-from-ppy.py

@@ -29,7 +29,7 @@ def migrateItem(self, filename):
 
     def render(self, tree):
         property_template = jinja2.Environment(
-            loader=jinja2.FileSystemLoader(
+            autoescape=True, loader=jinja2.FileSystemLoader(
                 property_template_dir), trim_blocks='true')\
                 .get_template(property_template_file_name)
         subcategory = ''