From 0d0bdf470e628f0614e36ac0e54727203e9de6ab Mon Sep 17 00:00:00 2001 From: David Lynch Date: Tue, 2 Mar 2021 02:30:05 -0600 Subject: [PATCH] Escape chapter titles when building templates Unescaped ampersands cause validation errors... TODO: should move away from string substitution to build XHTML Refs #56 --- ebook/__init__.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ebook/__init__.py b/ebook/__init__.py index b7e8a93..a3d3bd4 100644 --- a/ebook/__init__.py +++ b/ebook/__init__.py @@ -2,6 +2,7 @@ from .epub import make_epub from .cover import make_cover from .cover import make_cover_from_url +import html import unicodedata import datetime import requests @@ -90,7 +91,7 @@ def chapter_html(story, titleprefix=None, normalize=False): chapters.append(( title, f'{story.id}/chapter{i + 1}.html', - html_template.format(title=title, text=contents) + html_template.format(title=html.escape(title), text=contents) )) if story.footnotes: chapters.append(("Footnotes", f'{story.id}/footnotes.html', html_template.format(title="Footnotes", text='\n\n'.join(story.footnotes))))