From a0cdc7a91923d6ca2f3fbd86490be6d7963d9dee Mon Sep 17 00:00:00 2001 From: Florian Dieminger Date: Mon, 7 Oct 2024 15:53:56 +0200 Subject: [PATCH] fix(templ): escapte titles --- crates/rari-doc/src/html/links.rs | 4 ++-- crates/rari-doc/src/templ/templs/badges.rs | 1 + crates/rari-doc/src/templ/templs/embeds/livesample.rs | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/crates/rari-doc/src/html/links.rs b/crates/rari-doc/src/html/links.rs index 443ff473..25d1e6ba 100644 --- a/crates/rari-doc/src/html/links.rs +++ b/crates/rari-doc/src/html/links.rs @@ -34,7 +34,7 @@ pub fn render_internal_link( } if let Some(title) = title { out.push_str("\" title=\""); - out.push_str(title); + out.push_str(&html_escape::encode_quoted_attribute(title)); } if modifier.only_en_us { out.push_str("\" class=\"only-in-en-us") @@ -157,7 +157,7 @@ pub fn render_link_via_page( out.push_str(&url); if let Some(title) = title { out.push_str("\" title=\""); - out.push_str(title); + out.push_str(&html_escape::encode_quoted_attribute(title)); } out.push_str("\">"); if code { diff --git a/crates/rari-doc/src/templ/templs/badges.rs b/crates/rari-doc/src/templ/templs/badges.rs index f01a6f66..93af2401 100644 --- a/crates/rari-doc/src/templ/templs/badges.rs +++ b/crates/rari-doc/src/templ/templs/badges.rs @@ -60,6 +60,7 @@ pub fn write_badge( abbreviation: &str, typ: &str, ) -> std::fmt::Result { + let title = html_escape::encode_quoted_attribute(title); write!( out, r#" diff --git a/crates/rari-doc/src/templ/templs/embeds/livesample.rs b/crates/rari-doc/src/templ/templs/embeds/livesample.rs index 3e20d7d4..67d499ba 100644 --- a/crates/rari-doc/src/templ/templs/embeds/livesample.rs +++ b/crates/rari-doc/src/templ/templs/embeds/livesample.rs @@ -22,7 +22,7 @@ pub fn live_sample( let id = RariApi::anchorize(&id); let mut out = String::new(); out.push_str(r#"