diff options
| author | Christian Neukirchen <chneukirchen@gmail.com> | 2008-09-25 16:12:26 +0200 |
|---|---|---|
| committer | Christian Neukirchen <chneukirchen@gmail.com> | 2008-09-25 16:12:26 +0200 |
| commit | c3bb52e4479e43700ef0a90755904c92351d046d (patch) | |
| tree | 2c4b135f54ce29fd712d66f9d9aae6caacdf944d | |
| parent | 8e3971851583cea8b80ee3cefcd065c50eac8c9a (diff) | |
| download | trivium-c3bb52e4479e43700ef0a90755904c92351d046d.tar.gz trivium-c3bb52e4479e43700ef0a90755904c92351d046d.tar.xz trivium-c3bb52e4479e43700ef0a90755904c92351d046d.zip | |
Escape link URLs
| -rw-r--r-- | trivium.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/trivium.rb b/trivium.rb index 3e45eb5..fc5d652 100644 --- a/trivium.rb +++ b/trivium.rb @@ -62,8 +62,8 @@ class Dots < String case name when "link" title, desc = body.split("|", 2) - %{<p class="link"><span><a href="#{args.strip}">#{title.strip}</a>#{ - SpanBlueCloth.new(desc.to_s).to_html}</span></p>} + %{<p class="link"><span><a href="#{CGI.escapeHTML(args.strip)}">#{ + title.strip}</a>#{SpanBlueCloth.new(desc.to_s).to_html}</span></p>} when "quote" if args.strip.empty? src = "" |