diff options
Diffstat (limited to 'js')
-rw-r--r-- | js/lib/html.js | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/js/lib/html.js b/js/lib/html.js index 3c1ed4c..1f1b0ba 100644 --- a/js/lib/html.js +++ b/js/lib/html.js @@ -213,6 +213,20 @@ var renderNodes = function(block) { return buffer.join(''); }; +var sub = function(s) { + if (s === '&') { + return '&'; + } else if (s === '<') { + return '<'; + } else if (s === '>') { + return '>'; + } else if (s === '"') { + return '"'; + } else { + return s; + } +}; + // The HtmlRenderer object. function HtmlRenderer(){ @@ -225,15 +239,9 @@ function HtmlRenderer(){ // set to " " if you want to ignore line wrapping in source escape: function(s, preserve_entities) { if (preserve_entities) { - return s.replace(/[&](?![#](x[a-f0-9]{1,8}|[0-9]{1,8});|[a-z][a-z0-9]{1,31};)/gi, '&') - .replace(/[<]/g, '<') - .replace(/[>]/g, '>') - .replace(/["]/g, '"'); + return s.replace(/[&](?:[#](x[a-f0-9]{1,8}|[0-9]{1,8});|[a-z][a-z0-9]{1,31};)|[&<>"]/gi, sub); } else { - return s.replace(/[&]/g, '&') - .replace(/[<]/g, '<') - .replace(/[>]/g, '>') - .replace(/["]/g, '"'); + return s.replace(/[&<>"]/g, sub); } }, render: renderNodes |