From 307d485d65bd74379a7eef36864d7f6208af7048 Mon Sep 17 00:00:00 2001
From: Constantin Ross <contact@constantinross.com>
Date: Tue, 22 Nov 2022 20:19:58 +0100
Subject: [PATCH] feat: escape link target around images

---
 src/Prismic/Dom/RichText.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Prismic/Dom/RichText.php b/src/Prismic/Dom/RichText.php
index a7a74f45..37232d8c 100644
--- a/src/Prismic/Dom/RichText.php
+++ b/src/Prismic/Dom/RichText.php
@@ -282,7 +282,7 @@ private static function serialize($element, $content, $linkResolver, $htmlSerial
                 $link = property_exists($element, 'linkTo') ? Link::asUrl($element->linkTo, $linkResolver) : null;
 
                 $target     = property_exists($element, 'linkTo') ? ($element->linkTo->target ?? null) : null;
-                $targetCode = $target ? ' target="' . $target . '"' : '';
+                $targetCode = $target ? ' target="' . htmlentities($target) . '"' : '';
 
                 return (
                     '<p class="block-img' . (isset($element->label) ? (' ' . $element->label) : '') . '">' .