From 2896491e79470707c9c38ad89acbe8dbea34bad3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christopher=20Ram=C3=ADrez?= <chris.ramirezg@gmail.com>
Date: Wed, 13 May 2015 10:27:46 -0600
Subject: [PATCH] Fix critical issues in regexs used by _unescape_entities
 function.

---
 secretary.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/secretary.py b/secretary.py
index 1c291a7..8dca2f2 100644
--- a/secretary.py
+++ b/secretary.py
@@ -307,11 +307,11 @@ class Renderer(object):
         and unescapes HTML codes for >, <, & and "
         """
         unescape_rules = {
-            r'(?is)({([{|%])[^%|}]*?)(</?text:s.*?>)(.*?[%|}]})': r'\1 \4',
-            r'(?is)({([{|%])[^%|}]*?)(&gt;)(.*?[%|}]})'         : r'\1>\4',
-            r'(?is)({([{|%])[^%|}]*?)(&lt;)(.*?[%|}]})'         : r'\1<\4',
-            r'(?is)({([{|%])[^%|}]*?)(&amp;)(.*?[%|}]})'        : r'\1&\4',
-            r'(?is)({([{|%])[^%|}]*?)(&quot;)(.*?[%|}]})'       : r'\1"\4',
+            r'(?is)({([{%])[^%}]*?)(</?text:s.*?>)(.*?[%}]})': r'\1 \4',
+            r'(?is)({([{%])[^%}]*?)(&gt;)(.*?[%}]})'         : r'\1>\4',
+            r'(?is)({([{%])[^%}]*?)(&lt;)(.*?[%}]})'         : r'\1<\4',
+            r'(?is)({([{%])[^%}]*?)(&amp;)(.*?[%}]})'        : r'\1&\4',
+            r'(?is)({([{%])[^%}]*?)(&quot;)(.*?[%}]})'       : r'\1"\4',
         }
 
         for regexp, replacement in unescape_rules.items():