zhanshi/goldmark
1
0
Fork 0
mirror of https://github.com/yuin/goldmark synced 2025-03-04 23:04:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

html escape img alt attribute

Browse source
This commit is contained in:
jsteuer 2020-07-11 23:54:26 +02:00
parent b24f9b4dd7
commit b91c802b8c
2 changed files with 18 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
_test/extra.txt
View file

@ -142,3 +142,20 @@ bbb
//- - - - - - - - -//
<p><code>{%</code><em>name</em><code>%}</code></p>
//= = = = = = = = = = = = = = = = = = = = = = = =//
12: the alt attribute of img should be escaped
//- - - - - - - - -//
!["](quot.jpg)
!['](apos.jpg)
![<](lt.jpg)
![>](gt.jpg)
![&](amp.jpg)
//- - - - - - - - -//
<p><img src="quot.jpg" alt="&quot;" />
<img src="apos.jpg" alt="'" />
<img src="lt.jpg" alt="&lt;" />
<img src="gt.jpg" alt="&gt;" />
<img src="amp.jpg" alt="&amp;" /></p>
//= = = = = = = = = = = = = = = = = = = = = = = =//

2
renderer/html/html.go
View file

@ -564,7 +564,7 @@ func (r *Renderer) renderImage(w util.BufWriter, source []byte, node ast.Node, e
_, _ = w.Write(util.EscapeHTML(util.URLEscape(n.Destination, true)))
}
_, _ = w.WriteString(`" alt="`)
_, _ = w.Write(n.Text(source))
_, _ = w.Write(util.EscapeHTML(n.Text(source)))
_ = w.WriteByte('"')
if n.Title != nil {
_, _ = w.WriteString(` title="`)