diff options
| author | (quasar) nebula <towerofnix@gmail.com> | 2021-03-24 21:21:32 -0300 |
|---|---|---|
| committer | (quasar) nebula <towerofnix@gmail.com> | 2021-03-24 21:21:32 -0300 |
| commit | 18b970bd7384858e3c2f12c0a71f2c2b012aede2 (patch) | |
| tree | 67963bbd97c0bb293267aa7771c5d792321347d1 | |
| parent | 3fa97ac7235362921b5638ea757b518eaae28333 (diff) | |
html attribute value escaping fixes
| -rwxr-xr-x | upd8.js | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/upd8.js b/upd8.js index d71e1ba9..8ee41059 100755 --- a/upd8.js +++ b/upd8.js @@ -422,7 +422,7 @@ function genStrings(stringsJSON, defaultJSON = null) { // strings from embedding HTML tags or accidentally including characters // that throw HTML parsers off. for (const key of Object.keys(stringsJSON)) { - stringsJSON[key] = escapeAttributeValue(stringsJSON[key]); + stringsJSON[key] = he.encode(stringsJSON[key], {useNamedReferences: true}); } // It's time to cre8te the actual langauge function! @@ -1899,7 +1899,9 @@ function stringifyArtistData() { } function escapeAttributeValue(value) { - return he.encode(value, {useNamedReferences: true}); + return value + .replaceAll('"', '"') + .replaceAll("'", '''); } function attributes(attribs) { |