diff options
| -rw-r--r-- | inc/parser/xhtml.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/inc/parser/xhtml.php b/inc/parser/xhtml.php index f58b52029..d1e7a2354 100644 --- a/inc/parser/xhtml.php +++ b/inc/parser/xhtml.php @@ -878,6 +878,11 @@ class Doku_Renderer_xhtml extends Doku_Renderer { //remove double encodings in titles $link['title'] = str_replace('&amp;','&',$link['title']); + // be sure there are no bad chars in url or title + // (we can't do this for name because it can contain an img tag) + $link['url'] = strtr($link['url'],array('>'=>'%3E','<'=>'%3C','"'=>'%22')); + $link['title'] = strtr($link['title'],array('>'=>'>','<'=>'<','"'=>'"')); + $ret = ''; $ret .= $link['pre']; $ret .= '<a href="'.$link['url'].'"'; |