Commits

Luke Plant committed d989fc6

Use a simpler/faster function for escaping HTML

Comments (0)

Files changed (2)

src/Blog/Utils.hs

    where
        rest = split cs delim
 
+replace :: Eq a => [a] -> [a] -> [a] -> [a]
+replace _ _ [] = []
+replace find repl s =
+    if take (length find) s == find
+        then repl ++ (replace find repl (drop (length find) s))
+        else [head s] ++ (replace find repl (tail s))
+
+escapeHtmlString s = replace "<" "&lt;" $ replace ">" "&gt;" $ replace "\"" "&quot;" $ replace "&" "&amp;" s

src/Blog/Views.hs

 import Blog.Links
 import Blog.Model
 import Blog.Templates
+import Blog.Utils (escapeHtmlString)
 import Data.ByteString.Lazy (ByteString)
 import Ella.Framework (default404, View)
 import Ella.GenUtils (utf8, with, exactParse, getTimestamp)
 import System.Time (ClockTime(..), toUTCTime)
 import Text.StringTemplate
 import Text.StringTemplate.GenericStandard
-import Text.XHtml (stringToHtml)
 import qualified Blog.Settings as Settings
 import qualified Data.Map as Map
 
 get_templates :: IO (STGroup ByteString)
 get_templates = do
   templates' <- directoryGroup Settings.template_path
-  return $ setEncoderGroup (show . stringToHtml) templates'
+  return $ setEncoderGroup escapeHtmlString templates'
 
 get_template :: String -> IO (StringTemplate ByteString)
 get_template name = do