From 588cc40aeec0165400421ef9612e81b6d2c7b936 Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Wed, 13 Jun 2012 23:40:19 +0200 Subject: Update to MediaWiki 1.19.1 --- includes/SkinTemplate.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'includes/SkinTemplate.php') diff --git a/includes/SkinTemplate.php b/includes/SkinTemplate.php index e41b5e7d..2dd00980 100644 --- a/includes/SkinTemplate.php +++ b/includes/SkinTemplate.php @@ -298,7 +298,11 @@ class SkinTemplate extends Skin { $tpl->set( 'specialpageattributes', '' ); # obsolete if ( $userlang !== $wgContLang->getHtmlCode() || $userdir !== $wgContLang->getDir() ) { - $attrs = " lang='$userlang' dir='$userdir'"; + $escUserlang = htmlspecialchars( $userlang ); + $escUserdir = htmlspecialchars( $userdir ); + // Attributes must be in double quotes because htmlspecialchars() doesn't + // escape single quotes + $attrs = " lang=\"$escUserlang\" dir=\"$escUserdir\""; $tpl->set( 'userlangattributes', $attrs ); } -- cgit v1.2.3-54-g00ecf