diff options
| -rwxr-xr-x | httpd/cgi-bin/check | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/httpd/cgi-bin/check b/httpd/cgi-bin/check index c784aed..fd17f36 100755 --- a/httpd/cgi-bin/check +++ b/httpd/cgi-bin/check @@ -2083,15 +2083,21 @@ sub escape_comment # # Return $_[0] encoded for HTML entities (cribbed from merlyn). # -# Note that this is used both for HTML and XML escaping. +# Note that this is used both for HTML and XML escaping (so e.g. no '). # sub ent { - local $_ = shift; - return '' unless defined; # Eliminate warnings + my $str = shift; + return '' unless defined($str); # Eliminate warnings - s(["<&>']){'&#' . ord($&) . ';'}ge; # should switch to hex sooner or later - return $_; + # should switch to hex sooner or later + $str =~ s/&/&/g; + $str =~ s/</</g; + $str =~ s/>/>/g; + $str =~ s/"/"/g; + $str =~ s/'/'/g; + + return $str; } # |