Fixed lovebird.htmlescape() to escape &, " and '

This commit is contained in:
rxi 2017-04-29 15:53:40 +01:00
parent c8c5ed07a5
commit 1c88d17a91

View File

@ -497,8 +497,15 @@ function lovebird.parseurl(url)
end
local htmlescapemap = {
["<"] = "&lt;",
["&"] = "&amp;",
['"'] = "&quot;",
["'"] = "&#039;",
}
function lovebird.htmlescape(str)
return ( str:gsub("<", "&lt;") )
return ( str:gsub("[<&\"']", htmlescapemap) )
end