tris/recoll
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Escape html characters in fields before inserting them in result paragraph. Closes issue #99

Browse Source
This commit is contained in:
Jean-Francois Dockes 2012-07-27 09:00:45 +02:00
parent 254a7dc972
commit 8e80123930
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/query/reslistpager.cpp
View File

@ -238,7 +238,7 @@ void ResListPager::displayDoc(RclConfig *config,
chunk << "<p style='margin: 0px;padding: 0px;clear: both;'>";
// Configurable stuff
map<string,string> subs;
map<string, string> subs;
subs["A"] = !richabst.empty() ? richabst : "";
subs["D"] = datebuf;
subs["I"] = iconurl;
@ -254,8 +254,12 @@ void ResListPager::displayDoc(RclConfig *config,
subs["t"] = escapeHtml(doc.meta[Rcl::Doc::keytt]);
subs["U"] = url;
// Let %(xx) access all metadata.
subs.insert(doc.meta.begin(), doc.meta.end());
// Let %(xx) access all metadata. HTML-neuter everything:
for (map<string,string>::iterator it = doc.meta.begin();
it != doc.meta.end(); it++) {
if (!it->first.empty())
subs[it->first] = escapeHtml(it->second);
}
string formatted;
pcSubst(parFormat(), formatted, subs);