utils: html_xss(): Add ' and &

They REALLY should have been there from the beginning...
2021-06-15 18:21:47 +02:00 · 2021-06-15 18:21:47 +02:00 · 88816a4015
commit 88816a4015
parent a930b7aea6
1 changed files with 7 additions and 1 deletions
--- a/utils.cpp
+++ b/utils.cpp
@ -46,6 +46,12 @@ std::string utils::html_xss(std::string_view str)
 		case '%':
 			result += "&#37;";
 			break;
+		case '\'':
+			result += "&#x27;";
+			break;
+		case '&':
+			result += "&amp;";
+			break;
 		default:
 			result += c;
 		}
@ -93,7 +99,7 @@ std::vector<std::string> utils::split(const std::string &str, char delim)
 // TODO: can easily break if we pass a regex here
 std::vector<std::string> utils::split(const std::string &str, const std::string &delim)
 {
-	std::regex regex { delim + "+" };
+	std::regex regex{delim + "+"};
 	return split(str, regex);
 }