From 9053b4410f14a2ceb2b14f9af42dc46c742dc196 Mon Sep 17 00:00:00 2001
From: Radek Czajka <radoslaw.czajka@nowoczesnapolska.org.pl>
Date: Wed, 10 Aug 2011 17:00:29 +0200
Subject: [PATCH] protect & and < enities on html2xml

---
 redakcja/static/js/wiki/xslt.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/redakcja/static/js/wiki/xslt.js b/redakcja/static/js/wiki/xslt.js
index cc2d19f2..9efeba3b 100644
--- a/redakcja/static/js/wiki/xslt.js
+++ b/redakcja/static/js/wiki/xslt.js
@@ -253,7 +253,7 @@ HTMLSerializer.prototype.serialize = function(rootElement, stripOuter)
 				break;
 			case TEXT_NODE:
 				self.result += text_buffer;
-				text_buffer = token.node.nodeValue;
+				text_buffer = token.node.nodeValue.replace('&', '&amp;').replace('<', '&lt;');
 				break;
 		};
 	};
-- 
2.20.1