특정 입력 값에 대한 escape 처리를 스킨 출력 시 적용되지 않는 문제 고침

- @kijin 님께서 알려주셨습니다

classes/display/HTMLDisplayHandler.php

@@ -39,8 +39,9 @@ class HTMLDisplayHandler
 	{
 		$oTemplate = TemplateHandler::getInstance();
 
-		// compile module tpl
-		// deprecated themes skin
+		// SECISSUE https://github.com/xpressengine/xe-core/issues/1583
+		$oSecurity = new Security();
+		$oSecurity->encodeHTML('is_keyword', 'search_keyword', 'search_target', 'order_target', 'order_type');
 
 		$template_path = $oModule->getTemplatePath();
 
@@ -83,13 +84,8 @@ class HTMLDisplayHandler
 		}
 
 		$tpl_file = $oModule->getTemplateFile();
-
 		$output = $oTemplate->compile($template_path, $tpl_file);
 
-		// SECISSUE https://github.com/xpressengine/xe-core/issues/1583
-		$oSecurity = new Security();
-		$oSecurity->encodeHTML('is_keyword', 'search_keyword', 'search_target', 'order_target', 'order_type');
-
 		// add .x div for adminitration pages
 		if(Context::getResponseMethod() == 'HTML')
 		{