renderer: HTML-escape admonition title and guard against empty attachments

mkDocsAdmonition: escape the admonition title with html.EscapeString before inserting it into the Confluence storage format XML. An unescaped title containing '<', '>', '&', or '"' would break the XML structure. image: add a len(attachments)==0 guard before accessing attachments[0] in the local-attachment code path. ResolveLocalAttachments always returns either an error or the requested attachments, so this is currently unreachable, but the explicit check prevents a future silent panic if the function's behaviour changes. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-17 07:57:37 +08:00 · 2026-03-13 09:03:58 +01:00 · 2026-03-13 09:03:58 +01:00 · 17436efd17
commit 17436efd17
parent 2b62ffd822
2 changed files with 6 additions and 1 deletions
--- a/renderer/image.go
+++ b/renderer/image.go
@ -2,6 +2,7 @@ package renderer

 import (
 	"bytes"
+	"fmt"
 	"path/filepath"
 	"strconv"
 	"strings"
@ -143,6 +144,9 @@ func (r *ConfluenceImageRenderer) renderImage(writer util.BufWriter, source []by
 			},
 		)
 	} else {
+		if len(attachments) == 0 {
+			return ast.WalkStop, fmt.Errorf("no attachment resolved for %q", string(n.Destination))
+		}

 		r.Attachments.Attach(attachments[0])

--- a/renderer/mkDocsAdmonition.go
+++ b/renderer/mkDocsAdmonition.go
@ -2,6 +2,7 @@ package renderer

 import (
 	"fmt"
+	stdhtml "html"
 	"strconv"

 	parser "github.com/stefanfritsch/goldmark-admonitions"
@ -81,7 +82,7 @@ func (r *ConfluenceMkDocsAdmonitionRenderer) renderMkDocsAdmonition(writer util.

 		title, _ := strconv.Unquote(string(n.Title))
 		if title != "" {
-			titleHTML := fmt.Sprintf("<p><strong>%s</strong></p>\n", title)
+			titleHTML := fmt.Sprintf("<p><strong>%s</strong></p>\n", stdhtml.EscapeString(title))
 			if _, err := writer.Write([]byte(titleHTML)); err != nil {
 				return ast.WalkStop, err
 			}