HTML escaping is required to prevent XML validation errors for some characters like "&".

author: Thomas Lange <code@nerdmind.de> 2017-04-24 17:15:41 +0200
committer: Thomas Lange <code@nerdmind.de> 2017-04-24 17:15:41 +0200
commit: 39944454324b4c66b8cf2444cca17c149208dfac (patch)
tree: 69a3296ef2a7edee6a65dcce52d50530a6f51aac /template/standard/html/feed/item_page.php
parent: 1269b210f28591b3fda52ecc41b9d7bf1e598555 (diff)
download: blog-39944454324b4c66b8cf2444cca17c149208dfac.tar.gz
blog-39944454324b4c66b8cf2444cca17c149208dfac.tar.xz
blog-39944454324b4c66b8cf2444cca17c149208dfac.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/template/standard/html/feed/item_page.php b/template/standard/html/feed/item_page.php
index ac3d197..f1a7a4d 100644
--- a/template/standard/html/feed/item_page.php
+++ b/template/standard/html/feed/item_page.php
@@ -13,7 +13,7 @@
 	<guid isPermaLink="false"><?=$PAGE['GUID']?></guid>
 	<pubDate><?=parseDatetime($PAGE['ATTR']['TIME_INSERT'], '[RFC2822]')?></pubDate>
 	<dc:creator><?=escapeHTML($USER['ATTR']['FULLNAME'])?></dc:creator>
-	<description><?=description($PAGE['BODY']['HTML'], 400)?></description>
+	<description><?=escapeHTML(description($PAGE['BODY']['HTML'], 400))?></description>
 	<content:encoded>
 		<![CDATA[
 			<?=$PAGE['BODY']['HTML']?>
author	Thomas Lange <code@nerdmind.de>	2017-04-24 17:15:41 +0200
committer	Thomas Lange <code@nerdmind.de>	2017-04-24 17:15:41 +0200
commit	39944454324b4c66b8cf2444cca17c149208dfac (patch)
tree	69a3296ef2a7edee6a65dcce52d50530a6f51aac /template/standard/html/feed/item_page.php
parent	1269b210f28591b3fda52ecc41b9d7bf1e598555 (diff)
download	blog-39944454324b4c66b8cf2444cca17c149208dfac.tar.gz blog-39944454324b4c66b8cf2444cca17c149208dfac.tar.xz blog-39944454324b4c66b8cf2444cca17c149208dfac.zip