Skip to content

Commit

Permalink
Escape post.title in atom.xml.
Browse files Browse the repository at this point in the history 
If post.title were to contain one of '&', '<', or '>', the XML would
become invalid. xml_escape is a Jekyll extension of Liquid to safely
escape values.

Using straight Liquid, this could also be done with:

<title type="html">
    {{ post.title | escape
                  | replace:'&','&amp;'
                  | replace:'<','&lt;'
                  | replace:'>','&gt;' }}
</title>

(Note, type=html and then the additional XML escaping.)
  • Loading branch information
@aprescott
aprescott committed Apr 25, 2017
1 parent db7c72f commit 2c4acbc
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion atom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ layout: nil

{% for post in site.posts %}
<entry>
<title>{{ post.title }}</title>
<title>{{ post.title | xml_escape }}</title>
<link href="http://blog.rubygems.org{{ post.url }}"/>
<updated>{{ post.date | date_to_xmlschema }}</updated>
<id>http://blog.rubygems.org{{ post.id }}</id>
Expand Down

0 comments on commit 2c4acbc

Please sign in to comment.