From cc6c4d0480c4c70ae3d757cc41ea367aa70826eb Mon Sep 17 00:00:00 2001
From: Harsh Singh <64768386+harshdoesdev@users.noreply.github.com>
Date: Mon, 11 Sep 2023 17:38:37 +0530
Subject: [PATCH] fix escape HTML in ftd.text (#1296)

* fix escape HTML in ftd.text

* added more characters in escape map

* fixed tests

* fixed test
---
 fastn-js/js/dom.js                 |  3 +-
 fastn-js/js/utils.js               | 21 ++++----
 fastn-js/js/virtual.js             |  2 +-
 ftd/t/js/01-basic.html             |  2 +-
 ftd/t/js/03-common-properties.html | 10 ++--
 ftd/t/js/09-text-properties.html   |  8 +--
 ftd/t/js/18-rive.html              |  2 +-
 ftd/t/js/31-advance-list.html      |  2 +-
 ftd/t/js/46-code-languages.html    | 44 ++++++++---------
 ftd/t/js/47-ftd-code-syntax.html   | 10 ++--
 ftd/t/js/53-link-color.html        |  4 +-
 ftd/t/js/56-title-fix.ftd          |  5 ++
 ftd/t/js/56-title-fix.html         | 79 ++++++++++++++++++++++++++++++
 13 files changed, 138 insertions(+), 54 deletions(-)
 create mode 100644 ftd/t/js/56-title-fix.ftd
 create mode 100644 ftd/t/js/56-title-fix.html

diff --git a/fastn-js/js/dom.js b/fastn-js/js/dom.js
index 9f205471bb..8b211f8970 100644
--- a/fastn-js/js/dom.js
+++ b/fastn-js/js/dom.js
@@ -1836,8 +1836,7 @@ class Node2 {
         } else if (kind === fastn_dom.PropertyKind.StringValue) {
             this.#rawInnerValue = staticValue;
             if (!ssr) {
-                let escapedHtmlValue = fastn_utils.escapeHtmlInMarkdown(staticValue);
-                staticValue = fastn_utils.markdown_inline(escapedHtmlValue);
+                staticValue = fastn_utils.markdown_inline(staticValue);
                 staticValue = fastn_utils.process_post_markdown(this.#node, staticValue);
             }
             this.#node.innerHTML = staticValue;
diff --git a/fastn-js/js/utils.js b/fastn-js/js/utils.js
index 70d9c89925..45fac08a34 100644
--- a/fastn-js/js/utils.js
+++ b/fastn-js/js/utils.js
@@ -421,21 +421,22 @@ let fastn_utils = {
     },
 
     escapeHtmlInMarkdown(str) {
+        if(typeof str !== 'string') {
+            return str;
+        }
+
         let result = "";
         let ch_map = {
-            '<': "&lt;"
+            '<': "&lt;",
+            '>': "&gt;",
+            '&': "&amp;",
+            '"': "&quot;",
+            "'": "&#39;",
+            '/': "&#47;",
         };
-        // To avoid replacing html characters inside <code> body
-        let backtick_found = false;
         for (var i = 0; i < str.length; i++) {
             let current = str[i];
-            if (current === '`') backtick_found = !backtick_found;
-            if (ch_map[current] !== undefined && !backtick_found) {
-                result += ch_map[current];
-            }
-            else {
-                result += current;
-            }
+            result += ch_map[current] ?? current;
         }
         return result;
     },
diff --git a/fastn-js/js/virtual.js b/fastn-js/js/virtual.js
index 96943ff361..15f293ebb5 100644
--- a/fastn-js/js/virtual.js
+++ b/fastn-js/js/virtual.js
@@ -68,7 +68,7 @@ class Node {
     toHtmlAsString() {
         const openingTag = `<${this.#tagName}${this.getDataIdString()}${this.getAttributesString()}${this.getClassString()}${this.getStyleString()}>`;
         const closingTag = `</${this.#tagName}>`;
-        const innerHTML = this.innerHTML;
+        const innerHTML = fastn_utils.escapeHtmlInMarkdown(this.innerHTML);
         const childNodes = this.#children.map(child => child.toHtmlAsString()).join('');
 
         return `${openingTag}${innerHTML}${childNodes}${closingTag}`;
diff --git a/ftd/t/js/01-basic.html b/ftd/t/js/01-basic.html
index 83b955ae5b..ae244c274f 100644
--- a/ftd/t/js/01-basic.html
+++ b/ftd/t/js/01-basic.html
@@ -16,7 +16,7 @@
     </style>
 </head>
 <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
-<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3">"Hello"</div><div data-id="4" class="__bgc-3">Hello</div><div data-id="5" class="__bgc-4">Hello</div></div></body><style id="styles">
+<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3">&quot;Hello&quot;</div><div data-id="4" class="__bgc-3">Hello</div><div data-id="5" class="__bgc-4">Hello</div></div></body><style id="styles">
     .__w-1 { width: 100%; }
 	.__h-2 { height: 100%; }
 	.__bgc-3 { background-color: #f3f3f3; }
diff --git a/ftd/t/js/03-common-properties.html b/ftd/t/js/03-common-properties.html
index 960545d287..2eba5dd5a9 100644
--- a/ftd/t/js/03-common-properties.html
+++ b/ftd/t/js/03-common-properties.html
@@ -68,19 +68,19 @@
 life One day however a small line of blind text by the name of Lorem
 Ipsum decided to leave for the far World of Grammar.</div></div><div data-id="104" class="ft_column __w-309 __p-310 __m-311 __g-312"><div data-id="105" class="__p-313 __bw-314 __bs-315 __bc-316 __cur-317">This text will show pointer cursor on hover</div><div data-id="106" class="__p-318 __bw-319 __bs-320 __bc-321 __cur-322">This text will show progress cursor on hover</div><div data-id="107" class="__p-323 __bw-324 __bs-325 __bc-326 __cur-327">This text will show zoom-in cursor on hover</div><div data-id="108" class="__p-328 __bw-329 __bs-330 __bc-331 __cur-332">This text will show help cursor on hover</div><div data-id="109" class="__p-333 __bw-334 __bs-335 __bc-336 __cur-337">This text will show cross-hair cursor on hover</div></div><div data-id="110" class="ft_column __w-338 __m-339 __g-340"><div data-id="111" class="ft_row __p-341 __bw-342 __bs-343 __bc-344 __res-345 __o-346"><div data-id="112">This row is resizable both directions</div></div><div data-id="113" class="ft_row __p-347 __bw-348 __bs-349 __bc-350 __res-351 __o-352"><div data-id="114">This row is resizable only horizontally</div></div><div data-id="115" class="ft_row __p-353 __bw-354 __bs-355 __bc-356 __res-357 __o-358"><div data-id="116">This row is resizable only vertically</div></div></div><div data-id="117" class="ft_row __w-359 __jc-360 __ali-361 __g-362"><div data-id="118" class="ft_column __bw-363 __bs-364 __bc-365 __mxh-366 __mxw-367"><div data-id="119" class="__p-368">Max Height of this container is 50px.
 If you add more text than it can accommodate, then it will overflow.</div></div><div data-id="120" class="ft_column __bw-369 __bs-370 __bc-371 __mnh-372 __g-373"><div data-id="121" class="__p-374">Min Height of this container is 100px</div><div data-id="122" class="__p-375">If more text are added inside this container, the text might overflow
-if it can't be accommodated.</div></div><div data-id="123" class="ft_column __bw-376 __bs-377 __bc-378 __mxw-379"><div data-id="124" class="__p-380">Max Width of this container is 300px.
+if it can&#39;t be accommodated.</div></div><div data-id="123" class="ft_column __bw-376 __bs-377 __bc-378 __mxw-379"><div data-id="124" class="__p-380">Max Width of this container is 300px.
 If you add more text than it can accommodate, then it will overflow.</div></div><div data-id="125" class="ft_column __bw-381 __bs-382 __bc-383 __mnw-384"><div data-id="126" class="__p-385">Min Width of this container is 400px</div></div></div><div data-id="127" class="ft_column __g-386"><div data-id="128" class="__w-387 __p-388 __bw-389 __bs-390 __bc-391 __white-space-392">But ere she from the church-door stepped She smiled and told us why:
 
-'It was a wicked woman's curse,' Quoth she, 'and what care I?'
+&#39;It was a wicked woman&#39;s curse,&#39; Quoth she, &#39;and what care I?&#39;
 She smiled, and smiled, and passed it off Ere from the door she stept-</div><div data-id="129" class="__w-393 __p-394 __bw-395 __bs-396 __bc-397 __white-space-398">But ere she from the church-door stepped She smiled and told us why:
 
-'It was a wicked woman's curse,' Quoth she, 'and what care I?'
+&#39;It was a wicked woman&#39;s curse,&#39; Quoth she, &#39;and what care I?&#39;
 She smiled, and smiled, and passed it off Ere from the door she stept-</div><div data-id="130" class="__w-399 __p-400 __bw-401 __bs-402 __bc-403 __white-space-404">But ere she from the church-door stepped She smiled and told us why:
 
-'It was a wicked woman's curse,' Quoth she, 'and what care I?'
+&#39;It was a wicked woman&#39;s curse,&#39; Quoth she, &#39;and what care I?&#39;
 She smiled, and smiled, and passed it off Ere from the door she stept-</div><div data-id="131" class="__w-405 __p-406 __bw-407 __bs-408 __bc-409 __white-space-410">But ere she from the church-door stepped She smiled and told us why:
 
-'It was a wicked woman's curse,' Quoth she, 'and what care I?'
+&#39;It was a wicked woman&#39;s curse,&#39; Quoth she, &#39;and what care I?&#39;
 She smiled, and smiled, and passed it off Ere from the door she stept-</div></div><div data-id="132" class="ft_column __w-411"><div data-id="133" class="__as-412 __c-413">Start</div><div data-id="134" class="__as-414 __c-415">Center</div><div data-id="135" class="__as-416 __c-417">End</div></div><div data-id="136" class="a b c d __c-418">This is text with class</div><div data-id="137" class="ft_column __w-419 __p-420 __m-421 __bw-422 __bs-423 __bc-424"><div data-id="138" class="ft_column __w-425 __p-426 __bw-427 __bs-428 __bc-429"><div data-id="139" class="__pos-430 __t-431 __l-432 __c-433">Inside Inner Container</div></div></div><div data-id="140" class="ft_column __w-434 __p-435 __m-436 __bw-437 __bs-438 __bc-439"><div data-id="141" class="ft_column __w-440 __p-441 __bw-442 __bs-443 __bc-444"><div data-id="142" class="__pos-445 __t-446 __l-447 __c-448">Inside Outer Container</div></div></div><div data-id="143" class="ft_row __w-449 __jc-450"><div data-id="144">32</div><div data-id="145">1.123</div><div data-id="146">true</div></div><div data-id="147" class="ft_column __w-451 __bgc-452"><div data-id="148" class="__c-453 __fst-454 __fwt-455">These are stylized values</div><div data-id="149" class="__c-456 __fwt-457">1234</div><div data-id="150" class="__c-458 __td-459 __fst-460">3.142</div><div data-id="151" class="__c-461 __fwt-462">true</div></div><div data-id="152" class="ft_column __w-463 __m-464"><h1 data-id="153" class="__c-465">Hello World</h1></div><div data-id="154" class="ft_column __w-466 __m-467 __bw-468 __bs-469 __bc-470 __c-471 __jc-472 __ali-473"><div data-id="155">One</div><div data-id="156">Two</div><div data-id="157">Three</div></div><div data-id="158" class="ft_column __w-474 __h-475 __m-476 __box-shadow-477"></div></div></body><style id="styles">
     .__w-1 { width: 100%; }
 	.__h-2 { height: 100%; }
diff --git a/ftd/t/js/09-text-properties.html b/ftd/t/js/09-text-properties.html
index ec94b5e0b2..dbed024e6e 100644
--- a/ftd/t/js/09-text-properties.html
+++ b/ftd/t/js/09-text-properties.html
@@ -18,10 +18,10 @@
 <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
 <body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3" class="ft_column __w-3 __bw-4 __bs-5 __bc-6 __c-7 __g-8"><div data-id="4" class="__tt-9">capitalize</div><div data-id="5" class="__tt-10">LOWER</div><div data-id="6" class="__tt-11">upper</div></div><div data-id="7" class="ft_row __w-12 __p-13 __mt-14 __mb-15 __bgc-16"><div data-id="8" class="__c-17 __text-indent-18">This is some indented text.
 
-It only applies spacing at the beginning of the first line.</div></div><div data-id="9" class="ft_row __c-19 __g-20"><div data-id="10" class="__w-21 __p-22 __bw-23 __br-24 __ta-25">this is **text-align: center** text. a bit longer text so you can see what's going on.</div><div data-id="11" class="__w-26 __p-27 __bw-28 __br-29 __ta-30">this is **text-align: start** text. a bit longer text so you can see what's
-going on.</div><div data-id="12" class="__w-31 __p-32 __bw-33 __br-34 __ta-35">this is **text-align: end** text. a bit longer text so you can see what's going
-on.</div><div data-id="13" class="__w-36 __p-37 __bw-38 __br-39 __ta-40">this is **text-align: justify** text. a bit longer text so you can see what's going on.</div></div><div data-id="14" class="ft_column __w-41 __m-42"><div data-id="15" class="__bw-43 __bs-44 __wlc-45 __d-46 __o-47 __wbo-48">Lorem Ipsum is simply dummy text of the printing and typesetting industry.
-Lorem Ipsum has been the industry's standard dummy text ever since the 1500s,
+It only applies spacing at the beginning of the first line.</div></div><div data-id="9" class="ft_row __c-19 __g-20"><div data-id="10" class="__w-21 __p-22 __bw-23 __br-24 __ta-25">this is **text-align: center** text. a bit longer text so you can see what&#39;s going on.</div><div data-id="11" class="__w-26 __p-27 __bw-28 __br-29 __ta-30">this is **text-align: start** text. a bit longer text so you can see what&#39;s
+going on.</div><div data-id="12" class="__w-31 __p-32 __bw-33 __br-34 __ta-35">this is **text-align: end** text. a bit longer text so you can see what&#39;s going
+on.</div><div data-id="13" class="__w-36 __p-37 __bw-38 __br-39 __ta-40">this is **text-align: justify** text. a bit longer text so you can see what&#39;s going on.</div></div><div data-id="14" class="ft_column __w-41 __m-42"><div data-id="15" class="__bw-43 __bs-44 __wlc-45 __d-46 __o-47 __wbo-48">Lorem Ipsum is simply dummy text of the printing and typesetting industry.
+Lorem Ipsum has been the industry&#39;s standard dummy text ever since the 1500s,
 when an unknown printer took a galley of type and scrambled it to make a
 type specimen book. It has survived not only five centuries, but also the
 leap into electronic typesetting, remaining essentially unchanged. It was
diff --git a/ftd/t/js/18-rive.html b/ftd/t/js/18-rive.html
index b15ea0de47..76edf0598b 100644
--- a/ftd/t/js/18-rive.html
+++ b/ftd/t/js/18-rive.html
@@ -16,7 +16,7 @@
     </style>
 </head>
 <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
-<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><canvas data-id="3" class="__w-3 __bgc-4"></canvas><canvas data-id="4" class="__w-5"></canvas><div data-id="5">Start Idle</div><canvas data-id="6"></canvas><div data-id="7" class="__cur-6">Idle/ Run</div><div data-id="8" class="__cur-7">Wiper On/Off</div><div data-id="9" class="__cur-8">Rainy On/Off</div><div data-id="10" class="__cur-9">No Wiper On/Off</div><div data-id="11" class="__cur-10">Sunny On/Off</div><div data-id="12" class="__cur-11">Stationary On/Off</div><div data-id="13" class="__cur-12">Bouncing On/Off</div><div data-id="14" class="__cur-13">Broken On/Off</div></div></body><style id="styles">
+<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><canvas data-id="3" class="__w-3 __bgc-4"></canvas><canvas data-id="4" class="__w-5"></canvas><div data-id="5">Start Idle</div><canvas data-id="6"></canvas><div data-id="7" class="__cur-6">Idle&#47; Run</div><div data-id="8" class="__cur-7">Wiper On&#47;Off</div><div data-id="9" class="__cur-8">Rainy On&#47;Off</div><div data-id="10" class="__cur-9">No Wiper On&#47;Off</div><div data-id="11" class="__cur-10">Sunny On&#47;Off</div><div data-id="12" class="__cur-11">Stationary On&#47;Off</div><div data-id="13" class="__cur-12">Bouncing On&#47;Off</div><div data-id="14" class="__cur-13">Broken On&#47;Off</div></div></body><style id="styles">
     .__w-1 { width: 100%; }
 	.__h-2 { height: 100%; }
 	.__w-3 { width: 500px; }
diff --git a/ftd/t/js/31-advance-list.html b/ftd/t/js/31-advance-list.html
index 77e7fb293f..09bb4cad41 100644
--- a/ftd/t/js/31-advance-list.html
+++ b/ftd/t/js/31-advance-list.html
@@ -16,7 +16,7 @@
     </style>
 </head>
 <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
-<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3" class="ft_row"><div data-id="4">fastn</div><div data-id="5">&nbsp;</div><div data-id="6">language</div></div><div data-id="7" class="ft_column __w-3 __p-4 __mb-5 __br-6 __bgc-7 __rl-8 __g-9"><div data-id="8" class="ft_column __w-10"><div data-id="9">Enter name:</div><input data-id="10" placeholder="Enter your name here..." class="__w-11 __rl-12"></input></div><div data-id="11" class="ft_column __w-13"><div data-id="12">Enter score:</div><input data-id="13" placeholder="Enter your score here..." value="0" class="__w-14 __rl-15"></input></div><comment data-id="14"></comment></div><comment data-id="15"></comment><div data-id="16" class="ft_row __w-16 __p-17 __mb-18 __bgc-19 __jc-20"><div data-id="17" class="ft_row __g-21"><div data-id="18" class="__cur-22">1</div><div data-id="19">Arpita</div></div><div data-id="20">100</div></div><div data-id="21" class="ft_row __w-23 __p-24 __mb-25 __bgc-26 __jc-27"><div data-id="22" class="ft_row __g-28"><div data-id="23" class="__cur-29">2</div><div data-id="24">Arpita</div></div><div data-id="25">90</div></div><div data-id="26" class="ft_row __g-30"><div data-id="27">Total items are:</div><div data-id="28">2</div></div></div></body><style id="styles">
+<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3" class="ft_row"><div data-id="4">fastn</div><div data-id="5">&amp;nbsp;</div><div data-id="6">language</div></div><div data-id="7" class="ft_column __w-3 __p-4 __mb-5 __br-6 __bgc-7 __rl-8 __g-9"><div data-id="8" class="ft_column __w-10"><div data-id="9">Enter name:</div><input data-id="10" placeholder="Enter your name here..." class="__w-11 __rl-12"></input></div><div data-id="11" class="ft_column __w-13"><div data-id="12">Enter score:</div><input data-id="13" placeholder="Enter your score here..." value="0" class="__w-14 __rl-15"></input></div><comment data-id="14"></comment></div><comment data-id="15"></comment><div data-id="16" class="ft_row __w-16 __p-17 __mb-18 __bgc-19 __jc-20"><div data-id="17" class="ft_row __g-21"><div data-id="18" class="__cur-22">1</div><div data-id="19">Arpita</div></div><div data-id="20">100</div></div><div data-id="21" class="ft_row __w-23 __p-24 __mb-25 __bgc-26 __jc-27"><div data-id="22" class="ft_row __g-28"><div data-id="23" class="__cur-29">2</div><div data-id="24">Arpita</div></div><div data-id="25">90</div></div><div data-id="26" class="ft_row __g-30"><div data-id="27">Total items are:</div><div data-id="28">2</div></div></div></body><style id="styles">
     .__w-1 { width: 100%; }
 	.__h-2 { height: 100%; }
 	.__w-3 { width: 500px; }
diff --git a/ftd/t/js/46-code-languages.html b/ftd/t/js/46-code-languages.html
index d2df355fa5..ece6dc9831 100644
--- a/ftd/t/js/46-code-languages.html
+++ b/ftd/t/js/46-code-languages.html
@@ -19,44 +19,44 @@
 <body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3" class="ft_column __g-3"><pre data-id="4" class="language-md fastn-theme-dark"><code data-id="5" class="language-md fastn-theme-dark"># Heading 1
 
 ## Heading 2
-</code></pre><pre data-id="6" class="language-sh fastn-theme-dark"><code data-id="7" class="language-sh fastn-theme-dark">#!/bin/bash
+</code></pre><pre data-id="6" class="language-sh fastn-theme-dark"><code data-id="7" class="language-sh fastn-theme-dark">#!&#47;bin&#47;bash
 
 # This is a comment
-echo "Hello, World!"
+echo &quot;Hello, World!&quot;
 
 # Variables
-name="John"
+name=&quot;John&quot;
 age=30
 
-echo "My name is $name and I am $age years old."
-</code></pre><pre data-id="8" class="language-py fastn-theme-dark"><code data-id="9" class="language-py fastn-theme-dark">print("Hello World")
-</code></pre><pre data-id="10" class="language-html fastn-theme-dark"><code data-id="11" class="language-html fastn-theme-dark">&lt;h1> Hello World &lt;/h1>
+echo &quot;My name is $name and I am $age years old.&quot;
+</code></pre><pre data-id="8" class="language-py fastn-theme-dark"><code data-id="9" class="language-py fastn-theme-dark">print(&quot;Hello World&quot;)
+</code></pre><pre data-id="10" class="language-html fastn-theme-dark"><code data-id="11" class="language-html fastn-theme-dark">&amp;lt;h1&gt; Hello World &amp;lt;&#47;h1&gt;
 </code></pre><pre data-id="12" class="language-ftd fastn-theme-dark"><code data-id="13" class="language-ftd fastn-theme-dark">-- ftd.text: Hello World
 </code></pre><pre data-id="14" class="language-js fastn-theme-dark"><code data-id="15" class="language-js fastn-theme-dark">function foo() {
-    return 'Hello World';
+    return &#39;Hello World&#39;;
 }
 </code></pre><pre data-id="16" class="language-json fastn-theme-dark"><code data-id="17" class="language-json fastn-theme-dark">{
-  "name": "John Doe",
-  "age": 30,
-  "email": "john@example.com",
-  "isSubscribed": true,
-  "address": {
-    "street": "123 Main St",
-    "city": "Anytown",
-    "country": "USA"
+  &quot;name&quot;: &quot;John Doe&quot;,
+  &quot;age&quot;: 30,
+  &quot;email&quot;: &quot;john@example.com&quot;,
+  &quot;isSubscribed&quot;: true,
+  &quot;address&quot;: {
+    &quot;street&quot;: &quot;123 Main St&quot;,
+    &quot;city&quot;: &quot;Anytown&quot;,
+    &quot;country&quot;: &quot;USA&quot;
   },
-  "hobbies": ["reading", "hiking", "cooking"]
+  &quot;hobbies&quot;: [&quot;reading&quot;, &quot;hiking&quot;, &quot;cooking&quot;]
 }
-</code></pre><pre data-id="18" class="language-sql fastn-theme-dark"><code data-id="19" class="language-sql fastn-theme-dark">SELECT first_name, last_name, age FROM customers WHERE age >= 18;
+</code></pre><pre data-id="18" class="language-sql fastn-theme-dark"><code data-id="19" class="language-sql fastn-theme-dark">SELECT first_name, last_name, age FROM customers WHERE age &gt;= 18;
 </code></pre><pre data-id="20" class="language-rs fastn-theme-dark"><code data-id="21" class="language-rs fastn-theme-dark">fn main() {
-    // Printing
-    println!("Hello, World!");
+    &#47;&#47; Printing
+    println!(&quot;Hello, World!&quot;);
 
-    // Variables
-    let name = "Alice";
+    &#47;&#47; Variables
+    let name = &quot;Alice&quot;;
     let age = 25;
 
-    println!("My name is {} and I am {} years old.", name, age);
+    println!(&quot;My name is {} and I am {} years old.&quot;, name, age);
 }
 </code></pre></div></div></body><style id="styles">
     .__w-1 { width: 100%; }
diff --git a/ftd/t/js/47-ftd-code-syntax.html b/ftd/t/js/47-ftd-code-syntax.html
index 905977c8cc..c97874d88f 100644
--- a/ftd/t/js/47-ftd-code-syntax.html
+++ b/ftd/t/js/47-ftd-code-syntax.html
@@ -16,13 +16,13 @@
     </style>
 </head>
 <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
-<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3" class="ft_row __w-3 __pt-4 __pb-5 __jc-6"><pre data-id="4" class="language-ftd fastn-theme-light"><code data-id="5" class="language-ftd fastn-theme-light">/-- ds.code:
+<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3" class="ft_row __w-3 __pt-4 __pb-5 __jc-6"><pre data-id="4" class="language-ftd fastn-theme-light"><code data-id="5" class="language-ftd fastn-theme-light">&#47;-- ds.code:
 lang: ftd
 
 fooo
 </code></pre><pre data-id="6" class="language-ftd fastn-theme-light"><code data-id="7" class="language-ftd fastn-theme-light">;; Section Comment
 
-/-- ftd.text:
+&#47;-- ftd.text:
 color: red
 
 This is body part of ftd.text
@@ -31,7 +31,7 @@
 
 -- ftd.text: Hello ;; This is inline comment
 
--- import: fastn-community.github.io/bling/quote
+-- import: fastn-community.github.io&#47;bling&#47;quote
 
 ;; Component invocation
 
@@ -96,7 +96,7 @@
 $loop$: $foo as $ui
 </code></pre><pre data-id="8" class="language-ftd fastn-theme-dark"><code data-id="9" class="language-ftd fastn-theme-dark">;; Section Comment
 
-/-- ftd.text:
+&#47;-- ftd.text:
 color: red
 
 This is body part of ftd.text
@@ -105,7 +105,7 @@
 
 -- ftd.text: Hello ;; This is inline comment
 
--- import: fastn-community.github.io/bling/quote
+-- import: fastn-community.github.io&#47;bling&#47;quote
 
 ;; Component invocation
 
diff --git a/ftd/t/js/53-link-color.html b/ftd/t/js/53-link-color.html
index a2126a6d6f..ac8937a99b 100644
--- a/ftd/t/js/53-link-color.html
+++ b/ftd/t/js/53-link-color.html
@@ -16,9 +16,9 @@
     </style>
 </head>
 <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
-<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><a data-id="3" href="https://google.com">Click me</a><div data-id="4">Hello world [Test](https://google.com)
+<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><a data-id="3" href="https://google.com">Click me</a><div data-id="4">Hello world [Test](https:&#47;&#47;google.com)
 
-This is awesome [Test](https://google.com)</div></div></body><style id="styles">
+This is awesome [Test](https:&#47;&#47;google.com)</div></div></body><style id="styles">
     .__w-1 { width: 100%; }
 	.__h-2 { height: 100%; }
     </style>
diff --git a/ftd/t/js/56-title-fix.ftd b/ftd/t/js/56-title-fix.ftd
new file mode 100644
index 0000000000..5336920e87
--- /dev/null
+++ b/ftd/t/js/56-title-fix.ftd
@@ -0,0 +1,5 @@
+-- ftd.text:
+
+this is a `<title>` 
+
+;; Escaped Output: this is a `&lt;title&gt;`
diff --git a/ftd/t/js/56-title-fix.html b/ftd/t/js/56-title-fix.html
new file mode 100644
index 0000000000..255d8cb981
--- /dev/null
+++ b/ftd/t/js/56-title-fix.html
@@ -0,0 +1,79 @@
+<html>
+<head>
+    <meta charset="UTF-8">
+    
+    <meta content="fastn" name="generator">
+    
+    
+    <script>
+        let __fastn_package_name__ = "foo";
+    </script>
+
+    <script src="fastn-js.js"></script>
+
+    <style>
+       
+    </style>
+</head>
+<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
+<body data-id="1"><div data-id="2" class="ft_column __w-1 __h-2"><div data-id="3">this is a `&lt;title&gt;`</div></div></body><style id="styles">
+    .__w-1 { width: 100%; }
+	.__h-2 { height: 100%; }
+    </style>
+<script>
+    (function() {
+        let global = {
+};
+let main = function (parent) {
+  let __fastn_super_package_name__ = __fastn_package_name__;
+  __fastn_package_name__ = "foo";
+  try {
+    let parenti0 = fastn_dom.createKernel(parent, fastn_dom.ElementKind.Text);
+    parenti0.setProperty(fastn_dom.PropertyKind.StringValue, "this is a `<title>`", inherited);
+  } finally {
+    __fastn_package_name__ = __fastn_super_package_name__;
+  }
+}
+global["main"] = main;
+fastn_dom.codeData.availableThemes["coldark-theme.dark"] = "../../theme_css/coldark-theme.dark.css";
+fastn_dom.codeData.availableThemes["coldark-theme.light"] = "../../theme_css/coldark-theme.light.css";
+fastn_dom.codeData.availableThemes["coy-theme"] = "../../theme_css/coy-theme.css";
+fastn_dom.codeData.availableThemes["dracula-theme"] = "../../theme_css/dracula-theme.css";
+fastn_dom.codeData.availableThemes["duotone-theme.dark"] = "../../theme_css/duotone-theme.dark.css";
+fastn_dom.codeData.availableThemes["duotone-theme.earth"] = "../../theme_css/duotone-theme.earth.css";
+fastn_dom.codeData.availableThemes["duotone-theme.forest"] = "../../theme_css/duotone-theme.forest.css";
+fastn_dom.codeData.availableThemes["duotone-theme.light"] = "../../theme_css/duotone-theme.light.css";
+fastn_dom.codeData.availableThemes["duotone-theme.sea"] = "../../theme_css/duotone-theme.sea.css";
+fastn_dom.codeData.availableThemes["duotone-theme.space"] = "../../theme_css/duotone-theme.space.css";
+fastn_dom.codeData.availableThemes["fastn-theme.dark"] = "../../theme_css/fastn-theme.dark.css";
+fastn_dom.codeData.availableThemes["fastn-theme.light"] = "../../theme_css/fastn-theme.light.css";
+fastn_dom.codeData.availableThemes["fire.light"] = "../../theme_css/fire.light.css";
+fastn_dom.codeData.availableThemes["gruvbox-theme.dark"] = "../../theme_css/gruvbox-theme.dark.css";
+fastn_dom.codeData.availableThemes["gruvbox-theme.light"] = "../../theme_css/gruvbox-theme.light.css";
+fastn_dom.codeData.availableThemes["laserwave-theme"] = "../../theme_css/laserwave-theme.css";
+fastn_dom.codeData.availableThemes["material-theme.dark"] = "../../theme_css/material-theme.dark.css";
+fastn_dom.codeData.availableThemes["material-theme.light"] = "../../theme_css/material-theme.light.css";
+fastn_dom.codeData.availableThemes["nightowl-theme"] = "../../theme_css/nightowl-theme.css";
+fastn_dom.codeData.availableThemes["one-theme.dark"] = "../../theme_css/one-theme.dark.css";
+fastn_dom.codeData.availableThemes["one-theme.light"] = "../../theme_css/one-theme.light.css";
+fastn_dom.codeData.availableThemes["vs-theme.dark"] = "../../theme_css/vs-theme.dark.css";
+fastn_dom.codeData.availableThemes["vs-theme.light"] = "../../theme_css/vs-theme.light.css";
+fastn_dom.codeData.availableThemes["ztouch-theme"] = "../../theme_css/ztouch-theme.css";
+
+        let main_wrapper = function (parent) {
+            let parenti0 = fastn_dom.createKernel(parent, fastn_dom.ElementKind.Column);
+            parenti0.setProperty(fastn_dom.PropertyKind.Width, fastn_dom.Resizing.FillContainer, inherited);
+            parenti0.setProperty(fastn_dom.PropertyKind.Height, fastn_dom.Resizing.FillContainer, inherited);
+            main(parenti0);
+        }
+        fastn_virtual.hydrate(main_wrapper);
+        ftd.post_init();
+    })();
+
+    window.onload = function() {
+        fastn_utils.resetFullHeight();
+        fastn_utils.setFullHeight();
+    };
+
+</script>
+</html>