prevent double escaping of & in htmlsafe
authorpaul <paul@plutz.net>
Fri, 15 Apr 2016 11:07:39 +0000 (11:07 +0000)
committerpaul <paul@plutz.net>
Fri, 15 Apr 2016 11:07:39 +0000 (11:07 +0000)
svn path=/trunk/; revision=28

cgi.sh

diff --git a/cgi.sh b/cgi.sh
index 408201f..bba2854 100755 (executable)
--- a/cgi.sh
+++ b/cgi.sh
@@ -84,9 +84,9 @@ urlsafe(){
 
 htmlsafe(){
   printf %s "$*" \
-  | sed 's;<;\&lt\;;g;
+  | sed 's;&;\&amp\;;g;
+         s;<;\&lt\;;g;
          s;>;\&gt\;;g;
-         s;&;\&amp\;;g;
          s;";\&quot\;;g;
          s;'\'';\&apos\;;g;'
 }