From adc2c881c77368abb8433b6a37367245d3bfbe3f Mon Sep 17 00:00:00 2001
From: colin <colin@cicadas.surf>
Date: Sun, 11 Aug 2024 21:26:01 -0700
Subject: escape bs in pre tags

---
 pastiche.lisp | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'pastiche.lisp')

diff --git a/pastiche.lisp b/pastiche.lisp
index e5141ae..2c16af5 100644
--- a/pastiche.lisp
+++ b/pastiche.lisp
@@ -149,6 +149,20 @@ E.g. you'd put this in a file.
     "A regular expression accepting paste file names, the sort returned
 from make-paste-filename."))
 
+(defun write-escaped-char (char &optional (stream *standard-output*))
+  (case char
+    (#\< (write-string "&lt;" stream))
+    (#\> (write-string "&gt;" stream))
+    (#\& (write-string "&amp;" stream))
+    (#\' (write-string "&#39;" stream))
+    (#\" (write-string "&quot;" stream))
+    (t (write-char char stream))))
+
+(defun escape-html-in-paste-content (str)
+  (with-output-to-string (*standard-output*)
+   (loop :for char :across str
+         :do (write-escaped-char char))))
+
 (http:defendpoint get-paste
   :get :route "paste" (:id +paste-id-regex+)
   :returns "text/html"
@@ -170,7 +184,7 @@ from make-paste-filename."))
        (html:<html>
         (html:<body>
          (html:<h2> (title paste))
-         (html:<pre> content)))
+         (html:<pre> (escape-html-in-paste-content content))))
        out))))
 
 
-- 
cgit v1.2.3