From 6063c8b3b3c10a0f62801ceaca70c18aea2990be Mon Sep 17 00:00:00 2001
From: Noelle Leigh <noelle@tilde.town>
Date: Mon, 2 Jun 2025 17:14:51 -0400
Subject: [PATCH] Escape HTML characters when printing the train

Since it's wrapped in a `<pre>`, I assume it's meant to be inserted into
HTML?
---
 tilde-train.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tilde-train.py b/tilde-train.py
index c71ff1d..2251870 100755
--- a/tilde-train.py
+++ b/tilde-train.py
@@ -41,6 +41,7 @@ import curses
 from signal import signal, SIGINT
 import time # allowing the loop steps of train animation to be slowed
 import string # for input validation
+from html import escape
 from inspect import cleandoc
 from pathlib import Path
 
@@ -339,7 +340,7 @@ train_str = "\n".join(train)
 
 if print_train:
   print("<pre>")
-  print(train_str)
+  print(escape(train_str))
   print("</pre>")
   sys.exit()