From 22a0be3f7b743ec42844edfb8d6359e28287774d Mon Sep 17 00:00:00 2001
From: William Entriken <github.com@phor.net>
Date: Sun, 3 Jan 2016 16:10:38 -0500
Subject: [PATCH] Escape html from site.title and page.title

---
 lib/site_template/_includes/head.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/site_template/_includes/head.html b/lib/site_template/_includes/head.html
index 41340ae5..1598d6fe 100644
--- a/lib/site_template/_includes/head.html
+++ b/lib/site_template/_includes/head.html
@@ -3,7 +3,7 @@
   <meta http-equiv="X-UA-Compatible" content="IE=edge">
   <meta name="viewport" content="width=device-width, initial-scale=1">
 
-  <title>{% if page.title %}{{ page.title }}{% else %}{{ site.title }}{% endif %}</title>
+  <title>{% if page.title %}{{ page.title | escape }}{% else %}{{ site.title | escape }}{% endif %}</title>
   <meta name="description" content="{% if page.excerpt %}{{ page.excerpt | strip_html | strip_newlines | truncate: 160 }}{% else %}{{ site.description }}{% endif %}">
 
   <link rel="stylesheet" href="{{ "/css/main.css" | prepend: site.baseurl }}">