[DatFile] Make sure that everything is HTML encoded

2025-12-16 19:14:27 +00:00 · 2016-10-05 10:19:58 -07:00
parent a95c2e05ff
commit 0b04d50542
1 changed files with 2 additions and 2 deletions
--- a/SabreTools.Helper/Objects/Dat/DatFile.cs
+++ b/SabreTools.Helper/Objects/Dat/DatFile.cs
@@ -3852,7 +3852,7 @@ namespace SabreTools.Helper
 						foreach (Tuple<string, string> kvp in rom.Infos)
 						{
-							state += "\t\t<info name=\"" + kvp.Item1 + "\" value=\"" + kvp.Item2 + "\" />\n";
+							state += "\t\t<info name=\"" + HttpUtility.HtmlEncode(kvp.Item1) + "\" value=\"" + HttpUtility.HtmlEncode(kvp.Item2) + "\" />\n";
 						}
 						break;
 				}
@@ -4435,7 +4435,7 @@ namespace SabreTools.Helper
 						foreach (Tuple<string, string> kvp in rom.Features)
 						{
-							state += "\t\t\t<feature name=\"" + kvp.Item1 + "\" value=\"" + kvp.Item2 + "\"/>\n";
+							state += "\t\t\t<feature name=\"" + HttpUtility.HtmlEncode(kvp.Item1) + "\" value=\"" + HttpUtility.HtmlEncode(kvp.Item2) + "\"/>\n";
 						}
 						switch (rom.Type)