lib/markly/renderer/html_renderer.rb in markly-0.3.0 vs lib/markly/renderer/html_renderer.rb in markly-0.4.0
- old
+ new
@@ -1,7 +1,9 @@
# frozen_string_literal: true
+require 'cgi'
+
module Markly
class HTMLRenderer < Renderer
def initialize(ids: false, **options)
super(**options)
@@ -15,10 +17,10 @@
def id_for(node)
if @ids
id = node.to_plaintext.chomp.downcase.gsub(/\s+/, '-')
- return " id=\"#{id}\""
+ return " id=\"#{CGI.escape_html id}\""
end
end
def header(node)
block do