Encode <, >, and & as entities during raw inlines.

author W. Trevor King <wking@drexel.edu>

Wed, 13 Oct 2010 21:21:42 +0000 (17:21 -0400)

committer W. Trevor King <wking@drexel.edu>

Wed, 13 Oct 2010 21:21:42 +0000 (17:21 -0400)
author W. Trevor King <wking@drexel.edu>
Wed, 13 Oct 2010 21:21:42 +0000 (17:21 -0400)
committer W. Trevor King <wking@drexel.edu>
Wed, 13 Oct 2010 21:21:42 +0000 (17:21 -0400)
diff --git a/IkiWiki/Plugin/inline.pm b/IkiWiki/Plugin/inline.pm

index a22440bc69bddfdc8b9311bef9c37d30c23577a0..84bd85adaf0ee3c4ef53009a97be931d7e19905a 100644 (file)
--- a/IkiWiki/Plugin/inline.pm
+++ b/IkiWiki/Plugin/inline.pm
@@ -5,6 +5,7 @@ package IkiWiki::Plugin::inline;
  use warnings;
  use strict;
  use Encode;
+use HTML::Entities;
  use IkiWiki 3.00;
  use URI;
  
@@ -483,7 +484,7 @@ sub get_inline_content ($$$) {
                              filter($page, $destpage,
                              readfile(srcfile($file))))));
         } elsif ($read_raw) {
-               $ret=readfile(srcfile($file));
+               $ret=encode_entities(readfile(srcfile($file)), '<>&');
         }
         $nested--;
         if (isinternal($page)) {
author	W. Trevor King <wking@drexel.edu>
	Wed, 13 Oct 2010 21:21:42 +0000 (17:21 -0400)
committer	W. Trevor King <wking@drexel.edu>
	Wed, 13 Oct 2010 21:21:42 +0000 (17:21 -0400)