aboutsummaryrefslogtreecommitdiff
path: root/controller
diff options
context:
space:
mode:
Diffstat (limited to 'controller')
-rw-r--r--controller/notescontroller.php15
1 files changed, 10 insertions, 5 deletions
diff --git a/controller/notescontroller.php b/controller/notescontroller.php
index c599e75..a54cfe3 100644
--- a/controller/notescontroller.php
+++ b/controller/notescontroller.php
@@ -77,7 +77,10 @@ class NotesController extends Controller
//head
$xw->startElement('head');
- $xw->writeElement('title', $note->title);
+ $xw->writeElement(
+ 'title',
+ htmlspecialchars_decode($note->title, ENT_QUOTES | ENT_HTML5)
+ );
$xw->startElement('meta');
$xw->writeAttribute('name', 'author');
@@ -112,8 +115,9 @@ class NotesController extends Controller
//body
$xw->startElement('body');
-
- $xw->writeElement('h1', $note->title);
+ $xw->writeElement(
+ 'h1', htmlspecialchars_decode($note->title, ENT_QUOTES | ENT_HTML5)
+ );
$converter = new \OCA\Grauphel\Converter\CleanHtml();
$converter->internalLinkHandler = array($this, 'htmlNoteLinkHandler');
@@ -159,8 +163,9 @@ class NotesController extends Controller
$converter = new \OCA\Grauphel\Converter\ReStructuredText();
$converter->internalLinkHandler = array($this, 'textNoteLinkHandler');
try {
- $text = $note->title . "\n"
- . str_repeat('*', strlen($note->title)) . "\n"
+ $title = htmlspecialchars_decode($note->title, ENT_QUOTES | ENT_HTML5);
+ $text = $title . "\n"
+ . str_repeat('*', strlen($title)) . "\n"
. "\n";
$text .= $converter->convert($note->{'note-content'});
return new \OCA\Grauphel\Response\TextResponse($text);
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-03 16:48:52 +0000