From 161a092a7544d7abb1ee35a8c0ae0edf05a38481 Mon Sep 17 00:00:00 2001 From: Tassilo Horn Date: Fri, 9 Jul 2021 22:36:59 +0200 Subject: [PATCH] Also escape & (in addition to < and >) when html_escape is true --- src/con.rs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/con.rs b/src/con.rs index 5d9a8ae..66dc632 100644 --- a/src/con.rs +++ b/src/con.rs @@ -200,7 +200,9 @@ lazy_static! { fn maybe_html_escape(do_it: bool, text: &str) -> String { if do_it { - text.replace("<", "<").replace(">", ">") + text.replace("<", "<") + .replace(">", ">") + .replace("&", "&") } else { text.to_string() }