From 4e310f34d8a6600c7a50b52fc671225f5d5af854 Mon Sep 17 00:00:00 2001
From: Case Duckworth
Date: Sat, 13 Aug 2022 21:13:40 -0500
Subject: Correctly escape everything from heredoc

---
 ht.awk | 20 +++++++-------------
 1 file changed, 7 insertions(+), 13 deletions(-)

diff --git a/ht.awk b/ht.awk
index 80eb464..2e8c5d2 100755
--- a/ht.awk
+++ b/ht.awk
@@ -14,19 +14,6 @@ BEGIN {
 	ATTR = DEFATTR
 }
 
-# Sure, let's do templating!  This makes it less... weird.
-# This has to come before raw handling so that code doesn't get expanded in raw sections.
-/\$/ {
-	if (RAW) {
-		gsub(/\$/, "\\\\&", $0)
-	} else {
-		# XXX: This is probably the dumbest way to do it.
-		gsub(/\$\$/, "$\a", $0)
-		gsub(/\$[^\a]/, "\\\\&", $0)
-		gsub(/\$\a/, "$", $0)
-	}
-}
-
 # Handle raw sections
 $0 ~ CONFIG["raw_delim"] {
 	RAW = ! RAW
@@ -45,6 +32,7 @@ $0 ~ CONFIG["raw_delim"] {
 }
 
 RAW {
+	gsub(/[\\\$]/, "\\\\&", $0)
 	bufpush(html_escape($0))
 	next
 }
@@ -70,6 +58,7 @@ $0 ~ ("^" COMMENT_DELIM) {
 	} else {
 		sep = "\n"
 	}
+	gsub(/\\/, "\\\\", $0)
 	$0 = html_escape($0)
 	# Loop through BLOCK_TYPES
 	for (bt in BLOCK_TYPES) {
@@ -141,6 +130,11 @@ $0 ~ ("^" COMMENT_DELIM) {
 			$0 = templ
 		}
 	}
+	# Escape stuff for the shell -- allow $$ to expand
+	gsub(/\$\$/, "$\a", $0)
+	gsub(/\$[^\a]/, "\\\\&", $0)
+	gsub(/\$\a/, "$", $0)
+	gsub(/`/, "\\`", $0)
 	# Push to buffer
 	bufpush($0, sep)
 }
-- 
cgit 1.4.1-21-gabe81