Fix off-by-one error with HTML escaping

If the second-to-last character of a string should be escaped, but not the last, the last character was not being included in the result.
rinja-rs · Oct 25, 2018 · 7062aab · 7062aab
1 parent 5be6479
commit 7062aab
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/askama_shared/src/escaping.rs b/askama_shared/src/escaping.rs
@@ -96,7 +96,7 @@ pub fn escape(s: String) -> String {
             _ => panic!("incorrect indexing"),
         }
     }
-    if start < bytes.len() - 1 {
+    if start < bytes.len() {
         res.extend(&bytes[start..]);
     }
 
@@ -112,5 +112,6 @@ mod tests {
         assert_eq!(escape("<&>".to_string()), "&lt;&amp;&gt;");
         assert_eq!(escape("bla&".to_string()), "bla&amp;");
         assert_eq!(escape("<foo".to_string()), "&lt;foo");
+        assert_eq!(escape("bla&h".to_string()), "bla&amp;h");
     }
 }