From 900415288542000c00747fe5789cf13a9264d7ab Mon Sep 17 00:00:00 2001
From: Jori Lallo <jtlallo@gmail.com>
Date: Mon, 20 Jun 2016 00:58:04 -0700
Subject: [PATCH] Escape unhighlighted code

---
 src/utils/markdown.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/utils/markdown.js b/src/utils/markdown.js
index b663cb1e2..475e70a10 100644
--- a/src/utils/markdown.js
+++ b/src/utils/markdown.js
@@ -2,14 +2,15 @@ import slug from 'slug';
 import marked, { Renderer } from 'marked';
 import highlight from 'highlight.js';
 import emojify from './emojify';
+import _escape from 'lodash/escape';
 
 slug.defaults.mode ='rfc3986';
 
 const renderer = new Renderer();
 renderer.code = (code, language) => {
   const validLang = !!(language && highlight.getLanguage(language));
-  const highlighted = validLang ? highlight.highlight(language, code).value : code;
-  return `<pre><code class="hljs ${language}">${highlighted}</code></pre>`;
+  const highlighted = validLang ? highlight.highlight(language, code).value : _escape(code);
+  return `<pre><code class="hljs ${language}">${ highlighted }</code></pre>`;
 };
 renderer.heading = (text, level) => {
   const headingSlug = slug(text);