sfeed

simple feed reader - forked from git.codemadness.org/sfeed
git clone git://src.gearsix.net/sfeed
Log | Files | Refs | Atom | README | LICENSE
commit 618a6561cd09f489e30ab652da1649a0d1fec1d5
parent 9670471dad9d245464ce97e61b57f2de05159be8
Author: Hiltjo Posthuma <hiltjo@codemadness.org>
Date:   Wed, 24 Nov 2021 21:52:47 +0100

sfeed_mbox: escape the link and enclosure text when using HTML content

commit ed8079dc3e8ce513c788a5ab11444aac221cbc5b added an option
$SFEED_MBOX_CONTENT with a content-type text/html to include the content.
However in this context the link and enclosure were not fully escaped.

Diffstat:

Msfeed_mbox.c | 4++--


1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sfeed_mbox.c b/sfeed_mbox.c
@@ -104,14 +104,14 @@ printfeed(FILE *fp, const char *feedname)
 				fputs("Link: <a href=\"", stdout);
 				xmlencode(fields[FieldLink], stdout);
 				fputs("\">", stdout);
-				fputs(fields[FieldLink], stdout);
+				xmlencode(fields[FieldLink], stdout);
 				fputs("</a><br/>\n", stdout);
 			}
 			if (fields[FieldEnclosure][0]) {
 				fputs("Enclosure: <a href=\"", stdout);
 				xmlencode(fields[FieldEnclosure], stdout);
 				fputs("\">", stdout);
-				fputs(fields[FieldEnclosure], stdout);
+				xmlencode(fields[FieldEnclosure], stdout);
 				fputs("</a><br/>\n", stdout);
 			}
 			fputs("</p>\n", stdout);