diff --git a/lib/plugins/helper/toc.js b/lib/plugins/helper/toc.js
index ef7d058c7a..cb45495ae2 100644
--- a/lib/plugins/helper/toc.js
+++ b/lib/plugins/helper/toc.js
@@ -1,6 +1,7 @@
'use strict';
var cheerio;
+const _ = require('lodash');
function tocHelper(str, options) {
options = options || {};
@@ -25,7 +26,7 @@ function tocHelper(str, options) {
headings.each(function() {
var level = +this.name[1];
var id = $(this).attr('id');
- var text = $(this).html();
+ var text = _.escape($(this).text());
lastNumber[level - 1]++;
diff --git a/test/scripts/helpers/toc.js b/test/scripts/helpers/toc.js
index c4e0a84a0e..4ced44da2f 100644
--- a/test/scripts/helpers/toc.js
+++ b/test/scripts/helpers/toc.js
@@ -17,7 +17,8 @@ describe('toc', () => {
'Title 1.3.1
',
'Title 2
',
'Title 2.1
',
- 'Title should escape &, <, ', and "
'
+ 'Title should escape &, <, ', and "
',
+ ''
].join('');
var genResult = options => {
@@ -107,7 +108,13 @@ describe('toc', () => {
'',
'',
ifTrue(listNumber, '3. ', ''),
- 'Title should escape &, <, ', and "',
+ 'Title should escape &, <, ', and "',
+ '',
+ '',
+ '',
+ '',
+ ifTrue(listNumber, '4. ', ''),
+ 'Chapter 1 should be printed to toc',
'',
''
].join('');