From 1f3bcf2dcd82463421c16bd08f600d0b26a60203 Mon Sep 17 00:00:00 2001 From: Jim Meyer Date: Wed, 29 Apr 2015 11:27:20 -0700 Subject: [PATCH] escape all freeform text MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit title and name can also have & and ‘ as well as a few other reserved characters. --- atom.xml | 6 +++--- rss.xml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/atom.xml b/atom.xml index eab90b1..cec8613 100644 --- a/atom.xml +++ b/atom.xml @@ -5,19 +5,19 @@ title : Atom Feed - {{ site.title }} + {{ site.title | xml_escape }} {{ site.time | date_to_xmlschema }} {{ site.production_url }} - {{ site.author.name }} + {{ site.author.name | xml_escape }} {{ site.author.email }} {% for post in site.posts %} - {{ post.title }} + {{ post.title | xml_escape }} {{ post.date | date_to_xmlschema }} {{ site.production_url }}{{ post.id }} diff --git a/rss.xml b/rss.xml index cb0e9b9..49c236a 100644 --- a/rss.xml +++ b/rss.xml @@ -6,8 +6,8 @@ title : RSS Feed - {{ site.title }} - {{ site.title }} - {{ site.author.name }} + {{ site.title | xml_escape }} + {{ site.title | xml_escape }} - {{ site.author.name | xml_escape }} {{ site.production_url }}{{ site.rss_path }} {{ site.production_url }} {{ site.time | date_to_xmlschema }} @@ -16,7 +16,7 @@ title : RSS Feed {% for post in site.posts %} - {{ post.title }} + {{ post.title | xml_escape }} {{ post.content | xml_escape }} {{ site.production_url }}{{ post.url }} {{ site.production_url }}{{ post.id }}