From 54e737c1718b4bb9e15667ee2a3d6babf95a6169 Mon Sep 17 00:00:00 2001
From: King_DuckZ <king_duckz@gmx.com>
Date: Tue, 25 Apr 2017 22:08:30 +0100
Subject: [PATCH] Escape html in non-plaintext responses.

---
 src/pastie_response.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/pastie_response.cpp b/src/pastie_response.cpp
index ca154d0..04fe75b 100644
--- a/src/pastie_response.cpp
+++ b/src/pastie_response.cpp
@@ -18,6 +18,7 @@
 #include "pastie_response.hpp"
 #include "incredis/incredis.hpp"
 #include "settings_bag.hpp"
+#include "escapist.hpp"
 #include <ciso646>
 #include <srchilite/sourcehighlight.h>
 #include <srchilite/langmap.h>
@@ -73,7 +74,8 @@ namespace tawashi {
 			highlighter.setGenerateEntireDoc(false);
 			highlighter.setGenerateLineNumbers(true);
 			const auto lang = m_lang_file;
-			std::istringstream iss(*pastie);
+			Escapist houdini;
+			std::istringstream iss(houdini.escape_html(*pastie));
 
 			highlighter.highlight(iss, parStream, lang);
 		}