diff options
| author | zeripath <art27@cantab.net> | 2020-09-02 21:19:42 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-09-02 16:19:42 -0400 |
| commit | dead2a9b2dc0ec22c0b7c53a17de7b4ce64a2680 (patch) | |
| tree | 53c267b4ef629045fde149b63f1061c8e9f86f5e /modules/highlight | |
| parent | 72eeb13e4d11efea2c71255c8d1f72d8a501fc40 (diff) | |
| download | gitea-dead2a9b2dc0ec22c0b7c53a17de7b4ce64a2680.tar.gz gitea-dead2a9b2dc0ec22c0b7c53a17de7b4ce64a2680.zip | |
Escape failed highlighted code (#12685)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'modules/highlight')
| -rw-r--r-- | modules/highlight/highlight.go | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/modules/highlight/highlight.go b/modules/highlight/highlight.go index a2bf93ee92..1a64108139 100644 --- a/modules/highlight/highlight.go +++ b/modules/highlight/highlight.go @@ -8,6 +8,7 @@ package highlight import ( "bufio" "bytes" + gohtml "html" "path/filepath" "strings" "sync" @@ -160,7 +161,7 @@ func plainText(code string, numLines int) map[int]string { if content == "" { content = "\n" } - m[line] = content + m[line] = gohtml.EscapeString(content) } return m } |