html escaping complication

Can't escape things to entities if the template then escapes the entities.
(aggregate doesn't have this problem.)

3 files changed, 7 insertions, 3 deletions

diff --git a/IkiWiki/Plugin/recentchanges.pm b/IkiWiki/Plugin/recentchanges.pm
index 39a123ccf..4d7023c1c 100644
--- a/IkiWiki/Plugin/recentchanges.pm
+++ b/IkiWiki/Plugin/recentchanges.pm
@@ -160,10 +160,12 @@ sub store ($$$) { #{{{
 		);
 	}
 
-	# escape wikilinks and preprocessor stuff in commit messages
 	if (ref $change->{message}) {
 		foreach my $field (@{$change->{message}}) {
 			if (exists $field->{line}) {
+				# escape html
+				$field->{line} = encode_entities($field->{line});
+				# escape links and preprocessor stuff
 				$field->{line} = encode_entities($field->{line}, '\[\]');
 			}
 		}
diff --git a/IkiWiki/Plugin/recentchangesdiff.pm b/IkiWiki/Plugin/recentchangesdiff.pm
index bc793bada..08cec3f5a 100644
--- a/IkiWiki/Plugin/recentchangesdiff.pm
+++ b/IkiWiki/Plugin/recentchangesdiff.pm
@@ -39,6 +39,8 @@ sub pagetemplate (@) { #{{{
 			else {
 				$diff=join("", @lines);
 			}
+			# escape html
+			$diff = encode_entities($diff);
 			# escape links and preprocessor stuff
 			$diff = encode_entities($diff, '\[\]');
 			$template->param(diff => $diff);
diff --git a/templates/change.tmpl b/templates/change.tmpl
index 0aebae61e..0e61a80f4 100644
--- a/templates/change.tmpl
+++ b/templates/change.tmpl
@@ -32,14 +32,14 @@
 <div class=changelog>
 <TMPL_LOOP NAME="MESSAGE">
 <TMPL_IF NAME="LINE">
-<TMPL_VAR NAME="LINE" ESCAPE="HTML"><br />
+<TMPL_VAR NAME="LINE"><br />
 </TMPL_IF>
 </TMPL_LOOP>
 </div>
 <TMPL_IF NAME="DIFF">
 <div class=diff>
 <pre>
-<TMPL_VAR NAME="DIFF" ESCAPE="HTML">
+<TMPL_VAR NAME="DIFF">
 </pre>
 </div>
 </TMPL_IF>