From 8cc933a02b8db309976e314caedfac0037a5f118 Mon Sep 17 00:00:00 2001
From: Christopher Szucko <cszucko@gmail.com>
Date: Sat, 10 Aug 2019 21:09:03 -0500
Subject: [PATCH 60/71] Escape HTML entities in comments
---
src/calibre/ebooks/metadata/html.py | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/calibre/ebooks/metadata/html.py b/src/calibre/ebooks/metadata/html.py
index 222afa83ea..dad218ae19 100644
--- a/src/calibre/ebooks/metadata/html.py
+++ b/src/calibre/ebooks/metadata/html.py
@@ -176,7 +176,7 @@ def get_metadata_(src, encoding=None):
mi = Metadata(title, string_to_authors(authors))
# Single-value text fields
- for field in ('publisher', 'isbn', 'comments'):
+ for field in ('publisher', 'isbn'):
val = get(field)
if val:
setattr(mi, field, val)
@@ -187,6 +187,12 @@ def get_metadata_(src, encoding=None):
if val:
setattr(mi, field, val)
+ # HTML fields
+ for field in ('comments',):
+ val = get(field)
+ if val:
+ setattr(mi, field, val.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", '''))
+
# Date fields
for field in ('pubdate', 'timestamp'):
try: