diff options
| author | Simon McVittie <smcv@debian.org> | 2018-02-28 09:40:45 +0000 |
|---|---|---|
| committer | Simon McVittie <smcv@debian.org> | 2018-02-28 09:55:53 +0000 |
| commit | 0e5c8ae806283d31bcfaf63f5af361f97dbe91f0 (patch) | |
| tree | cc1092757943956531dfc61a274245e3ba58ca4c | |
| parent | 4d355918f0ee478c63084661e617ba44ddc360bb (diff) | |
| download | ikiwiki-0e5c8ae806283d31bcfaf63f5af361f97dbe91f0.tar ikiwiki-0e5c8ae806283d31bcfaf63f5af361f97dbe91f0.tar.gz | |
preprocess: Escape most ASCII punctuation in error messages
This is a minimal version of what we should in principle do here,
which is to escape the error message in whatever way is correct for
embedding plain text in the surrounding wiki markup language.
This implementation approximates that by assuming that HTML entities,
alphanumerics and common punctuation characters are passed through the
markup language unaltered, but punctuation characters might be
misinterpreted.
Signed-off-by: Simon McVittie <smcv@debian.org>
| -rw-r--r-- | IkiWiki.pm | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/IkiWiki.pm b/IkiWiki.pm index 0d87242eb..7a38c8f89 100644 --- a/IkiWiki.pm +++ b/IkiWiki.pm @@ -1668,6 +1668,10 @@ sub preprocess ($$$;$$) { chomp $error; eval q{use HTML::Entities}; $error = encode_entities($error); + # Also encode most ASCII punctuation + # as entities so that error messages + # are not interpreted as Markdown etc. + $error = encode_entities($error, '[](){}!#$%*?@^`|~'."\\"); $ret="[[!$command <span class=\"error\">". gettext("Error").": $error"."</span>]]"; } |