From e224c3b17b5feca3047657725cd73ada4a73beae Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Wed, 16 Mar 2022 15:41:57 +0530 Subject: tissue: Encode URIs for safety. * tissue/web.scm: Import (web uri). (issue-list-item-markup-writer-action): Encode URIs for safety. --- tissue/web.scm | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tissue/web.scm b/tissue/web.scm index 9f86cdb..36c0428 100644 --- a/tissue/web.scm +++ b/tissue/web.scm @@ -32,6 +32,7 @@ #:use-module (skribilo utils keywords) #:use-module (skribilo writer) #:use-module (sxml simple) + #:use-module (web uri) #:use-module (tissue conditions) #:use-module (tissue issue) #:use-module (tissue utils) @@ -108,14 +109,18 @@ NEW-EXTENSION." (define (issue-list-item-markup-writer-action markup engine) (sxml->xml `(li (@ (class "issue-list-item")) - (a (@ (href ,(replace-extension - (string-append "/" (markup-option markup #:file)) - "html"))) + (a (@ (href ,(string-append + "/" (encode-and-join-uri-path + (string-split + (replace-extension (markup-option markup #:file) + "html") + #\/))))) ,(markup-option markup #:title)) ,@(map (lambda (tag) - (let ((words (string-split tag (char-set #\- #\space)))) + (let ((words (string-split tag (char-set #\- #\s pace)))) `(a (@ (href ,(string-append (%tags-path) "/" - (sanitize-string tag) ".html")) + (uri-encode (sanitize-string tag)) + ".html")) (class ,(string-append "tag" (if (not (null? (lset-intersection string=? words -- cgit v1.2.3