protect & and < enities on html2xml
authorRadek Czajka <radoslaw.czajka@nowoczesnapolska.org.pl>
Wed, 10 Aug 2011 15:00:29 +0000 (17:00 +0200)
committerRadek Czajka <radoslaw.czajka@nowoczesnapolska.org.pl>
Wed, 10 Aug 2011 15:00:29 +0000 (17:00 +0200)
redakcja/static/js/wiki/xslt.js

index cc2d19f..9efeba3 100644 (file)
@@ -253,7 +253,7 @@ HTMLSerializer.prototype.serialize = function(rootElement, stripOuter)
                                break;
                        case TEXT_NODE:
                                self.result += text_buffer;
-                               text_buffer = token.node.nodeValue;
+                               text_buffer = token.node.nodeValue.replace('&', '&amp;').replace('<', '&lt;');
                                break;
                };
        };