]> git.deb.at Git - pkg/blosxom.git/blobdiff - blosxom.cgi
projects / pkg / blosxom.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Bugfix: Default RSS feed failed feed validation at http://www.feedvalidator.org/...
[pkg/blosxom.git] / blosxom.cgi
diff --git a/blosxom.cgi b/blosxom.cgi
index e415d60984c50e6f0596c595632d5a429ebb5546..2e6181fee151acdaa4a6685941cf9b4d3ada775a 100755 (executable)
--- a/blosxom.cgi
+++ b/blosxom.cgi
@@ -661,17 +661,30 @@ sub generate {
             }
 
             if ( $encode_xml_entities && $content_type =~ m{\bxml\b} ) {
             }
 
             if ( $encode_xml_entities && $content_type =~ m{\bxml\b} ) {
+                # Escape special characters inside the <link> container
+
+                # The following line should be moved more towards to top for
+                # performance reasons -- Axel Beckert, 2008-07-22
+                my $url_escape_re = qr([^-/a-zA-Z0-9:._]);
+
+                $url   =~ s($url_escape_re)(sprintf('%%%02X', ord($&)))eg;
+                $path  =~ s($url_escape_re)(sprintf('%%%02X', ord($&)))eg;
+                $fn    =~ s($url_escape_re)(sprintf('%%%02X', ord($&)))eg;
 
                 # Escape <, >, and &, and to produce valid RSS
                 my %escape = (
                     '<' => '&lt;',
                     '>' => '&gt;',
                     '&' => '&amp;',
 
                 # Escape <, >, and &, and to produce valid RSS
                 my %escape = (
                     '<' => '&lt;',
                     '>' => '&gt;',
                     '&' => '&amp;',
-                    '"' => '&quot;'
+                    '"' => '&quot;',
+                    "'" => '&apos;'
                 );
                 my $escape_re = join '|' => keys %escape;
                 $title =~ s/($escape_re)/$escape{$1}/g;
                 $body  =~ s/($escape_re)/$escape{$1}/g;
                 );
                 my $escape_re = join '|' => keys %escape;
                 $title =~ s/($escape_re)/$escape{$1}/g;
                 $body  =~ s/($escape_re)/$escape{$1}/g;
+                $url   =~ s/($escape_re)/$escape{$1}/g;
+                $path  =~ s/($escape_re)/$escape{$1}/g;
+                $fn    =~ s/($escape_re)/$escape{$1}/g;
             }
 
             $story = &$interpolate($story);
             }
 
             $story = &$interpolate($story);