From: Paul Hänsch Date: Mon, 12 Jun 2023 15:41:31 +0000 (+0200) Subject: Security: put backslash-escaped characters through HTML escaping X-Git-Url: https://git.plutz.net/?a=commitdiff_plain;h=628929d8cbd7e2d59dd324f083fddd520c1c6c4d;p=cgilite Security: put backslash-escaped characters through HTML escaping --- diff --git a/markdown.awk b/markdown.awk index 7d7e0a5..af3d722 100755 --- a/markdown.awk +++ b/markdown.awk @@ -115,8 +115,8 @@ function inline( line, LOCAL, len, code, href, guard ) { return ""; # omit processing of escaped characters - } else if ( line ~ /^\\[]\\`\*_\{\}\(\)#\+-\.![]/) { - return substr(line, 2, 1) inline( substr(line, 3) ); + } else if ( line ~ /^\\./) { + return HTML(substr(line, 2, 1)) inline( substr(line, 3) ); # hard brakes } else if ( match(line, /^ \n/) ) {