[
https://issues.apache.org/jira/browse/DOXIA-726?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov closed DOXIA-726.
--------------------------------
> MarkdownSink: Incorrect escaping of <,>,",' and &
> -------------------------------------------------
>
> Key: DOXIA-726
> URL: https://issues.apache.org/jira/browse/DOXIA-726
> Project: Maven Doxia
> Issue Type: Bug
> Components: Module - Markdown
> Affects Versions: 2.0.0-M9
> Reporter: Konrad Windszus
> Assignee: Konrad Windszus
> Priority: Major
> Fix For: 2.0.0, 2.0.0-M10
>
>
> As Markdown emits all unknown characters "as-is" in the resulting HTML also
> all XML escape characters need to be leveraged in addition to the ones
> outlined in https://daringfireball.net/projects/markdown/syntax#backslash in
> {{Sink.text(...)}}. Currently only the latter is considered though which
> leads to incorrect output: The text value
> {code}
> "this is a <test>"
> {code}
> should lead to
> {code}
> "this is a <test>"
> {code}
> but right now the "<" and ">" are not escaped.
> Compare also with
> https://spec.commonmark.org/0.30/#entity-and-numeric-character-references.
> It needs to be ensured that all parsed XHTML elements which are not natively
> supported by the Sink API (i.e. don't lead to a dedicated event) are passed
> as is to the output (given the input is XHTML).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
