annotate env/encode/highlight.lua @ 46:aaba4d28dd53
Added missing HTML encoding for page titles (security fix!)
 | author | bsw | 
 | date | Mon Mar 15 03:04:19 2010 +0100 (2010-03-15) | 
 | parents | 5c601807d397 | 
 | children |  | 
 
 | rev | line source | 
| bsw@2 | 1 function encode.highlight(text) | 
| bsw@2 | 2   local text = encode.html(text) | 
| bsw@2 | 3   text = text:gsub("\027", "") | 
| bsw@2 | 4   text = text:gsub("\\\\", "\027b") | 
| bsw@2 | 5   text = text:gsub("\\%*", "\027a") | 
| bsw@2 | 6   text = text:gsub("%*([^%*]*)%*", '<span class="highlighted">%1</span>') | 
| bsw@2 | 7   text = text:gsub("\027a", "*") | 
| bsw@2 | 8   text = text:gsub("\027b", "\\") | 
| bsw@2 | 9   return text | 
| bsw@2 | 10 end |