From 28af8900a3014b7cbb4556799a36960d0bdff2df Mon Sep 17 00:00:00 2001 From: Roan Horning Date: Mon, 27 Jan 2025 22:26:32 -0500 Subject: [PATCH] fix entity escape for xml data For title and other xml data replace &, <, >, ', and " with corresponding escape entities. Also use http_baseurl so complete urls will be generated. --- templates/rss-comments.tpl.xml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/templates/rss-comments.tpl.xml b/templates/rss-comments.tpl.xml index f092fcd..8b9b42d 100644 --- a/templates/rss-comments.tpl.xml +++ b/templates/rss-comments.tpl.xml @@ -3,9 +3,10 @@ + Hacker Public Radio ~ Comment Feed - about.html + about.html Comments Feed: Hacker Public Radio is a podcast that releases shows every weekday Monday through Friday. Our shows are produced by the community (you) and can be on any topic that is of interest to hackers and hobbyists. en-us Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) License @@ -15,14 +16,14 @@ https://www.rssboard.org/rss-specification 600 - images/hpr_feed_small.png + images/hpr_feed_small.png Hacker Public Radio ~ Comment Feed - about.html + about.html The Hacker Public Radio Old Microphone Logo 164 144 - + @@ -49,15 +50,15 @@ %--> - <!--% item.comment_author_name %--> says: <!--% item.comment_title %--> - feedback.nospam@nospam.hackerpublicradio.org () - eps/hpr/index.html#comments + <!--% item.comment_author_name | html_strip | xml_entity %--> says: <!--% item.comment_title | html_strip | xml_entity %--> + feedback.nospam@nospam.hackerpublicradio.org () + eps/hpr/index.html#comments - RE: hpr:: by
+ RE: hpr:: by

]]> - eps/hpr/index.html#comment_ + eps/hpr/index.html#comment_ -- 2.43.5