From 32be2a8f559b7283f1431959b2bb2621d83a1cd9 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 9 Nov 2022 18:06:54 +0000 Subject: [PATCH] Escape html code --- markdown.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/markdown.py b/markdown.py index 87dffa990..1727f90fc 100644 --- a/markdown.py +++ b/markdown.py @@ -276,6 +276,13 @@ def _markdown_replace_code(markdown: str) -> str: changed = False section_active = False urlencode = False + html_escape_table = { + "&": "&", + '"': """, + "'": "'", + ">": ">", + "<": "<" + } for line in lines: if not line.strip(): # skip blank lines @@ -293,7 +300,10 @@ def _markdown_replace_code(markdown: str) -> str: if urlencode: lines[start_line] = '
\n'
                     lines[line_ctr] = '\n
' - + for line_num in range(start_line + 1, line_ctr): + lines[line_num] = \ + "".join(html_escape_table.get(char, char) + for char in lines[line_num]) section_active = False changed = True urlencode = False