From a81ff78c0a7500ef30792d217d2c9e32e8402d56 Mon Sep 17 00:00:00 2001 From: Christopher Szucko Date: Sat, 10 Aug 2019 21:09:03 -0500 Subject: [PATCH] Escape HTML entities in comments --- src/calibre/ebooks/metadata/html.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/calibre/ebooks/metadata/html.py b/src/calibre/ebooks/metadata/html.py index 222afa83ea..dad218ae19 100644 --- a/src/calibre/ebooks/metadata/html.py +++ b/src/calibre/ebooks/metadata/html.py @@ -176,7 +176,7 @@ def get_metadata_(src, encoding=None): mi = Metadata(title, string_to_authors(authors)) # Single-value text fields - for field in ('publisher', 'isbn', 'comments'): + for field in ('publisher', 'isbn'): val = get(field) if val: setattr(mi, field, val) @@ -187,6 +187,12 @@ def get_metadata_(src, encoding=None): if val: setattr(mi, field, val) + # HTML fields + for field in ('comments',): + val = get(field) + if val: + setattr(mi, field, val.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''')) + # Date fields for field in ('pubdate', 'timestamp'): try: