diff options
| -rwxr-xr-x | ht.awk | 16 |
1 files changed, 11 insertions, 5 deletions
| diff --git a/ht.awk b/ht.awk index a03c8be..a2189ec 100755 --- a/ht.awk +++ b/ht.awk | |||
| @@ -45,7 +45,7 @@ $0 ~ CONFIG["raw_delim"] { | |||
| 45 | } | 45 | } |
| 46 | 46 | ||
| 47 | RAW { | 47 | RAW { |
| 48 | bufpush($0) | 48 | bufpush(html_escape($0)) |
| 49 | next | 49 | next |
| 50 | } | 50 | } |
| 51 | 51 | ||
| @@ -70,10 +70,7 @@ $0 ~ ("^" COMMENT_DELIM) { | |||
| 70 | } else { | 70 | } else { |
| 71 | sep = "\n" | 71 | sep = "\n" |
| 72 | } | 72 | } |
| 73 | # Sanitize HTML | 73 | $0 = html_escape($0) |
| 74 | gsub(/&/, "\\\\\\&", $0) | ||
| 75 | gsub(/</, "\\\\\\<", $0) | ||
| 76 | gsub(/>/, "\\\\\\>", $0) | ||
| 77 | # Loop through BLOCK_TYPES | 74 | # Loop through BLOCK_TYPES |
| 78 | for (bt in BLOCK_TYPES) { | 75 | for (bt in BLOCK_TYPES) { |
| 79 | if (match($0, "^" bt "[ \t]*")) { | 76 | if (match($0, "^" bt "[ \t]*")) { |
| @@ -258,3 +255,12 @@ function html_end() | |||
| 258 | BUFFER = "" | 255 | BUFFER = "" |
| 259 | HTML = 0 | 256 | HTML = 0 |
| 260 | } | 257 | } |
| 258 | |||
| 259 | function html_escape(text) | ||
| 260 | { | ||
| 261 | # Sanitize HTML | ||
| 262 | gsub(/&/, "\\\\\\&", text) | ||
| 263 | gsub(/</, "\\\\\\<", text) | ||
| 264 | gsub(/>/, "\\\\\\>", text) | ||
| 265 | return text | ||
| 266 | } | ||