URLs must be escaped inside XML, e.g. inside the <link> container, too.

[pkg/blosxom.git] / blosxom.cgi

diff --git a/blosxom.cgi b/blosxom.cgi
index fb2a45f6e12084e6d56ad3977d497c72e84eb97b..341d2967c87773a2922f7975c4ddef395afa8bfe 100755 (executable)
--- a/blosxom.cgi
+++ b/blosxom.cgi
@@ -673,6 +673,9 @@ sub generate {
                 my $escape_re = join '|' => keys %escape;
                 $title =~ s/($escape_re)/$escape{$1}/g;
                 $body  =~ s/($escape_re)/$escape{$1}/g;
+                $url   =~ s/($escape_re)/$escape{$1}/g;
+                $path  =~ s/($escape_re)/$escape{$1}/g;
+                $fn    =~ s/($escape_re)/$escape{$1}/g;
             }
 
             $story = &$interpolate($story);