Escapes the quotes and enable double encode

This commit is contained in:
Christophe HENRY 2021-03-20 15:00:24 +01:00
parent 5df9d5ff15
commit 731a8eef6a
2 changed files with 5 additions and 2 deletions

View File

@ -80,7 +80,7 @@ if ("source" == $style) {
# Gets the page title: the first occurrence with # at the line start
mb_ereg("#\s*([^\n]+)\n", $fileContents, $matches);
$page_title = @$matches[1];
$fileContents = htmlspecialchars($fileContents, ENT_HTML5|ENT_NOQUOTES, "UTF-8", false);
$fileContents = htmlspecialchars($fileContents, ENT_HTML5|ENT_QUOTES, "UTF-8", true);
echo <<<EOL
<!DOCTYPE html>
<html>

View File

@ -232,7 +232,7 @@ class GemtextTranslate_html {
if (empty($text)) {
$text = "&nbsp;";
} else {
$text = htmlspecialchars($text, ENT_HTML5|ENT_NOQUOTES, "UTF-8", false);
$text = htmlspecialchars($text, ENT_HTML5|ENT_QUOTES, "UTF-8", true);
$text = mb_ereg_replace("\ ([?!:;»€$])", self::NARROW_NO_BREAK_SPACE."\\1", $text);
$text = mb_ereg_replace("([«])\ ", "\\1".self::NARROW_NO_BREAK_SPACE, $text); # Espace fine insécable
@ -283,6 +283,9 @@ class GemtextTranslate_html {
$linkText = $link;
self::htmlPrepare($linkText);
} else {
// Don't double encode, just escapes quotes, "<" and ">".
// So "I'm&gt" becomes "I&apos;&gt". The & remains untouched.
$link = htmlspecialchars($link, ENT_HTML5|ENT_QUOTES, "UTF-8", false);
self::htmlPrepare($linkText);
if ($textDecoration) self::addTextDecoration($linkText);
}