the repository which powers this website
Properly escape ampersands inside HTML attributes
Ampersands ("&") appearing inside HTML attributes need to be translated
to "&". Otherwise, invalid XHTML will be generated at various
places, such as at tree views containing links to submodules.
Signed-off-by: Lukas Fleischer <[email protected]>
Signed-off-by: Lars Hjemli <[email protected]>
| -rw-r--r-- | html.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -138,7 +138,7 @@ void html_attr(const char *txt) const char *t = txt; while(t && *t){ int c = *t; - if (c=='<' || c=='>' || c=='\'' || c=='\"') { + if (c=='<' || c=='>' || c=='\'' || c=='\"' || c=='&') { html_raw(txt, t - txt); if (c=='>') html(">"); @@ -148,6 +148,8 @@ void html_attr(const char *txt) html("'"); else if (c=='"') html("""); + else if (c=='&') + html("&"); txt = t+1; } t++; |