Fix html renderer escaping valid entities

This should fix #403
2024-11-30 04:29:13 +01:00 · 2018-07-26 11:48:47 +08:00 · 2018-07-26 11:48:47 +08:00 · c5c549b063
commit c5c549b063
parent 670777b536
1 changed files with 29 additions and 3 deletions
--- a/esc.go
+++ b/esc.go
@ -17,10 +17,16 @@ func escapeHTML(w io.Writer, s []byte) {
 	for end < len(s) {
 		escSeq := htmlEscaper[s[end]]
 		if escSeq != nil {
+			isEntity, entityEnd := nodeIsEntity(s, end)
+			if isEntity {
+				w.Write(s[start : entityEnd+1])
+				start = entityEnd + 1
+			} else {
 				w.Write(s[start:end])
 				w.Write(escSeq)
 				start = end + 1
 			}
+		}
 		end++
 	}
 	if start < len(s) && end <= len(s) {
@ -28,6 +34,26 @@ func escapeHTML(w io.Writer, s []byte) {
 	}
 }

+func nodeIsEntity(s []byte, end int) (isEntity bool, endEntityPos int) {
+	isEntity = false
+	endEntityPos = end + 1
+
+	if s[end] == '&' {
+		for endEntityPos < len(s) {
+			if s[endEntityPos] == ';' {
+				isEntity = true
+				break
+			}
+			if !isalnum(s[endEntityPos]) && s[endEntityPos] != '&' && s[endEntityPos] != '#' {
+				break
+			}
+			endEntityPos++
+		}
+	}
+
+	return isEntity, endEntityPos
+}
+
 func escLink(w io.Writer, text []byte) {
 	unesc := html.UnescapeString(string(text))
 	escapeHTML(w, []byte(unesc))