From 532bcd77fd1806d925efb04176f0cf9fe36568e1 Mon Sep 17 00:00:00 2001
From: Michael Hellein <michael.hellein@dealer.com>
Date: Thu, 2 May 2013 13:18:56 -0400
Subject: [PATCH] Disabled global HTML escaping, while always escaping within
 code blocks.

---
 lib/markdown.js     | 10 +++++++---
 test/interface.t.js | 13 +++++++++++++
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/lib/markdown.js b/lib/markdown.js
index 75ce6501..7aad2352 100644
--- a/lib/markdown.js
+++ b/lib/markdown.js
@@ -1434,10 +1434,14 @@ function escapeHTML( text ) {
              .replace( /'/g, "&#39;" );
 }
 
-function render_tree( jsonml ) {
+function render_tree( jsonml, options ) {
+  options = options || {};
+  // escape HTML in strings?
+  options.escape = options.escape || false;
+
   // basic case
   if ( typeof jsonml === "string" ) {
-    return escapeHTML( jsonml );
+    return options.escape ? escapeHTML( jsonml ) : jsonml;
   }
 
   var tag = jsonml.shift(),
@@ -1449,7 +1453,7 @@ function render_tree( jsonml ) {
   }
 
   while ( jsonml.length ) {
-    content.push( render_tree( jsonml.shift() ) );
+    content.push( render_tree( jsonml.shift(), {escape: tag == 'code'} ) );
   }
 
   var tag_attrs = "";
diff --git a/test/interface.t.js b/test/interface.t.js
index b52103e9..988ddd39 100644
--- a/test/interface.t.js
+++ b/test/interface.t.js
@@ -23,3 +23,16 @@ test("arguments untouched", function(t) {
 
   t.end();
 });
+
+test("code escaped", function(t){
+  var input = "Here is an <i>example</i> of HTML:\n\n    <p>Paragraph</p>",
+      tree = markdown.parse( input ),
+      output = markdown.toHTML( tree ),
+      expected = "<p>Here is an <i>example</i> of HTML:</p>\n\n<pre><code>&lt;p&gt;Paragraph&lt;/p&gt;</code></pre>";
+
+  // Escaping is done at the toHTML stage, so we test our escaping here,
+  // and not in features.
+  t.equivalent( expected, output, "HTML inside code blocks is escaped" );
+
+  t.end();
+});
\ No newline at end of file