diff --git a/markdown.py b/markdown.py index 87dffa990..1727f90fc 100644 --- a/markdown.py +++ b/markdown.py @@ -276,6 +276,13 @@ def _markdown_replace_code(markdown: str) -> str: changed = False section_active = False urlencode = False + html_escape_table = { + "&": "&", + '"': """, + "'": "'", + ">": ">", + "<": "<" + } for line in lines: if not line.strip(): # skip blank lines @@ -293,7 +300,10 @@ def _markdown_replace_code(markdown: str) -> str: if urlencode: lines[start_line] = '
\n'
                     lines[line_ctr] = '\n
' - + for line_num in range(start_line + 1, line_ctr): + lines[line_num] = \ + "".join(html_escape_table.get(char, char) + for char in lines[line_num]) section_active = False changed = True urlencode = False