diff options
| -rw-r--r-- | pastiche.lisp | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/pastiche.lisp b/pastiche.lisp index e5141ae..2c16af5 100644 --- a/pastiche.lisp +++ b/pastiche.lisp @@ -149,6 +149,20 @@ E.g. you'd put this in a file. "A regular expression accepting paste file names, the sort returned from make-paste-filename.")) +(defun write-escaped-char (char &optional (stream *standard-output*)) + (case char + (#\< (write-string "<" stream)) + (#\> (write-string ">" stream)) + (#\& (write-string "&" stream)) + (#\' (write-string "'" stream)) + (#\" (write-string """ stream)) + (t (write-char char stream)))) + +(defun escape-html-in-paste-content (str) + (with-output-to-string (*standard-output*) + (loop :for char :across str + :do (write-escaped-char char)))) + (http:defendpoint get-paste :get :route "paste" (:id +paste-id-regex+) :returns "text/html" @@ -170,7 +184,7 @@ from make-paste-filename.")) (html:<html> (html:<body> (html:<h2> (title paste)) - (html:<pre> content))) + (html:<pre> (escape-html-in-paste-content content)))) out)))) |