Contents of code blocks are not escaped

[techninja1008]

Bug Report

Environment

Zola version: 0.14.0

Expected Behavior

When using a code block in a page that includes special characters (such as </>), these should be HTML escaped to display properly in a browser.

Current Behavior

These characters are not escaped and are directly copied to the HTML output.

Step to reproduce

1. Create a basic Zola project
2. Create a markdown page containing "Hello world!"

When opening in a browser, the page will say "Hello world!", when it should say "Hello world!"

I'm happy to submit a PR if I can have directions as to roughly where this may be occurring. Zola is a really nice project (dare I say my new favourite static site generator) and I am looking forwards to using it regularly!

[Keats]

Ah damn, it must have been forgotten in the codeblock rewrite :(
Definitely needs to make it and release a 0.14.1 fixing that.

[Keats]

Can you post the reproduction in a code block? Ironically GH escapes everything

[techninja1008]

I don't have it currently, but it was a MIT license with an email address in the copyright line inside < and >

[Keats]

It's very odd, both class and inline highlighters should definitely escape the HTML, it does so in my tests. When you have time, I'd love a full repro

[techninja1008]

Added a minimal repro there, was produced by using the same version of Zola and zola init with the following log:

Welcome to Zola!
Please answer a few questions to get started quickly.
Any choices made can be changed by modifying the `config.toml` file later.
> What is the URL of your site? (https://example.com): 
> Do you want to enable Sass compilation? [Y/n]: n
> Do you want to enable syntax highlighting? [y/N]: 
> Do you want to build a search index of the content? [y/N]:  

Done! Your site was created in /home/danny/Workspace/projects/github-tcnj/zola-escape-repro

Get started by moving into the directory and using the built-in server: `zola serve`
Visit https://www.getzola.org for the full documentation.