Handle HTML reserved characters in headers

So far I haven't seen any HTML reserved characters (&, <, >, ", ') in the strings processed by `emphasize_stuff_in_headers()`, so this PR may be unnecessary. However, this PR will ensure that any such characters will be properly escaped in the HTML output.
This commit is contained in:
David Cooper 2017-02-27 11:49:51 -05:00 committed by GitHub
parent 84d142a6cf
commit 0ada7b100c
1 changed files with 3 additions and 1 deletions

View File

@ -1926,7 +1926,9 @@ emphasize_stuff_in_headers(){
-e "s/X-AspNet-Version/${yellow}X-AspNet-Version${off}/g"
if "$do_html"; then
html_out "$(tm_out "$1" | sed -e "s/\([0-9]\)/${html_brown}\1${html_off}/g" \
html_out "$(tm_out "$1" | sed -e 's/\&/\&amp;/g' \
-e 's/</\&lt;/g' -e 's/>/\&gt;/g' -e 's/"/\&quot;/g' -e "s/'/\&apos;/g" \
-e "s/\([0-9]\)/${html_brown}\1${html_off}/g" \
-e "s/Debian/${html_yellow}\Debian${html_off}/g" \
-e "s/Win32/${html_yellow}\Win32${html_off}/g" \
-e "s/Win64/${html_yellow}\Win64${html_off}/g" \