html escaping complication

Can't escape things to entities if the template then escapes the entities. (aggregate doesn't have this problem.)
2008-11-18 02:48:24 -05:00 · 2008-11-18 02:48:24 -05:00 · e307eeda3d
parent 15269fed64
commit e307eeda3d
3 changed files with 7 additions and 3 deletions
--- a/IkiWiki/Plugin/recentchanges.pm
+++ b/IkiWiki/Plugin/recentchanges.pm
@ -160,10 +160,12 @@ sub store ($$$) { #{{{
 		);
 	}

-	# escape wikilinks and preprocessor stuff in commit messages
 	if (ref $change->{message}) {
 		foreach my $field (@{$change->{message}}) {
 			if (exists $field->{line}) {
+				# escape html
+				$field->{line} = encode_entities($field->{line});
+				# escape links and preprocessor stuff
 				$field->{line} = encode_entities($field->{line}, '\[\]');
 			}
 		}
--- a/IkiWiki/Plugin/recentchangesdiff.pm
+++ b/IkiWiki/Plugin/recentchangesdiff.pm
@ -39,6 +39,8 @@ sub pagetemplate (@) { #{{{
 			else {
 				$diff=join("", @lines);
 			}
+			# escape html
+			$diff = encode_entities($diff);
 			# escape links and preprocessor stuff
 			$diff = encode_entities($diff, '\[\]');
 			$template->param(diff => $diff);
--- a/templates/change.tmpl
+++ b/templates/change.tmpl
@ -32,14 +32,14 @@
 <div class=changelog>
 <TMPL_LOOP NAME="MESSAGE">
 <TMPL_IF NAME="LINE">
-<TMPL_VAR NAME="LINE" ESCAPE="HTML"><br />
+<TMPL_VAR NAME="LINE"><br />
 </TMPL_IF>
 </TMPL_LOOP>
 </div>
 <TMPL_IF NAME="DIFF">
 <div class=diff>
 <pre>
-<TMPL_VAR NAME="DIFF" ESCAPE="HTML">
+<TMPL_VAR NAME="DIFF">
 </pre>
 </div>
 </TMPL_IF>