===================================================================
RCS file: /cvs/mandoc/html.c,v
retrieving revision 1.178
retrieving revision 1.179
diff -u -p -r1.178 -r1.179
--- mandoc/html.c	2014/10/27 13:31:04	1.178
+++ mandoc/html.c	2014/10/27 16:29:06	1.179
@@ -1,4 +1,4 @@
-/*	$Id: html.c,v 1.178 2014/10/27 13:31:04 schwarze Exp $ */
+/*	$Id: html.c,v 1.179 2014/10/27 16:29:06 schwarze Exp $ */
 /*
  * Copyright (c) 2008-2011, 2014 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2011, 2012, 2013, 2014 Ingo Schwarze <schwarze@openbsd.org>
@@ -437,40 +437,28 @@ print_encode(struct html *h, const char *p, int norecu
 		case ESCAPE_UNICODE:
 			/* Skip past "u" header. */
 			c = mchars_num2uc(seq + 1, len - 1);
-
-			/*
-			 * XXX Security warning:
-			 * For now, forbid Unicode obfuscation of ASCII
-			 * characters.  An audit of the callers is
-			 * required before this can be removed.
-			 */
-
-			if (c < 0x80)
-				c = 0xFFFD;
-
-			printf("&#x%x;", c);
 			break;
 		case ESCAPE_NUMBERED:
 			c = mchars_num2char(seq, len);
-			if ( ! ('\0' == c || print_escape(c)))
-				putchar(c);
 			break;
 		case ESCAPE_SPECIAL:
 			c = mchars_spec2cp(h->symtab, seq, len);
-			if (c <= 0)
-				break;
-			if (c < 0x20 || c > 0x7e)
-				printf("&#%d;", c);
-			else if ( ! print_escape(c))
-				putchar(c);
 			break;
 		case ESCAPE_NOSPACE:
 			if ('\0' == *p)
 				nospace = 1;
-			break;
+			continue;
 		default:
-			break;
+			continue;
 		}
+		if (c <= 0)
+			continue;
+		if (c < 0x20 || (c > 0x7E && c < 0xA0))
+			c = 0xFFFD;
+		if (c > 0x7E)
+			printf("&#%d;", c);
+		else if ( ! print_escape(c))
+			putchar(c);
 	}
 
 	return(nospace);