From ff2e465a7c75432b79f9b26ff0393f86bb1bc35c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=BB=84=E6=96=87=E7=9D=BF?= <a390517426@gmail.com>
Date: Wed, 8 Mar 2017 18:03:27 +0800
Subject: [PATCH] One possible fix for #2198

---
 lib/plugins/helper/toc.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/plugins/helper/toc.js b/lib/plugins/helper/toc.js
index 5f3f7e5f90..263497120e 100644
--- a/lib/plugins/helper/toc.js
+++ b/lib/plugins/helper/toc.js
@@ -1,6 +1,7 @@
 'use strict';
 
 var cheerio;
+var escapeHTML = require('hexo-util').escapeHTML;
 
 function tocHelper(str, options) {
   options = options || {};
@@ -25,7 +26,7 @@ function tocHelper(str, options) {
   headings.each(function() {
     var level = +this.name[1];
     var id = $(this).attr('id');
-    var text = $(this).text();
+    var text = escapeHTML($(this).text());
 
     lastNumber[level - 1]++;