From 161a092a7544d7abb1ee35a8c0ae0edf05a38481 Mon Sep 17 00:00:00 2001
From: Tassilo Horn <tsdh@gnu.org>
Date: Fri, 9 Jul 2021 22:36:59 +0200
Subject: [PATCH] Also escape & (in addition to < and >) when html_escape is
 true

---
 src/con.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/con.rs b/src/con.rs
index 5d9a8ae..66dc632 100644
--- a/src/con.rs
+++ b/src/con.rs
@@ -200,7 +200,9 @@ lazy_static! {
 
 fn maybe_html_escape(do_it: bool, text: &str) -> String {
     if do_it {
-        text.replace("<", "&lt;").replace(">", "&gt;")
+        text.replace("<", "&lt;")
+            .replace(">", "&gt;")
+            .replace("&", "&amp;")
     } else {
         text.to_string()
     }