Harden xss security fix

[klemens-st]

@picandocodigo I realised the fix from #526 works well when someone uses excerpt_tag=script but if someone tries excerpt_tag="s(cript" the fix is ineffective, because to_html receives this value, escapes it with tag_escape so in the end it becomes script.

This small change prevents that.

[picandocodigo]

I was just working on adding more stuff to this same code! I'll add the commit to your branch.

Do we need to install svn manually on the GitHub Action?

[klemens-st]

Do we need to install svn manually on the GitHub Action?

Yes we do. I've just fixed it 😄

[klemens-st]

I've also just force pushed master to fix my commit message typo, sorry

[picandocodigo]

Thanks! Hopefully this will be the last fix for script 😅
I'll add the readme changes to this branch and if everything looks good on your side too we can tag 0.90.3

[klemens-st]

Yeah, that's great

[klemens-st]

Looks good, I'm almost sure there's no way to squeeze in script now 😆

[klemens-st]

Oh, I forgot to fix the deploy action so it failed, I'll fix it now.

[klemens-st]

It should be good now

[klemens-st]

Sorry again for the mess 😢 I've now fixed the deploy workflow and deleted the 0.90.3 tag so you can make the release again

[picandocodigo]

Haha, no worries! Thanks for the fix! I just pushed the tag again 👀