encode special chars in atom payload

darcs-hash:20080714143042-84dde-8da6275ea2bf0e0ce4691d8f56e1b932727efcd8.gz
author: Evan Prodromou <evan@prodromou.name> 2008-07-14 10:30:42 -0400
committer: Evan Prodromou <evan@prodromou.name> 2008-07-14 10:30:42 -0400
commit: 37baa03880cabecce3074d7f4c07c3adb5821371 (patch)
tree: c6f6c10d8bc0b0e9d126d826b9862a7e50d79b99 /lib/jabber.php
parent: e81361812f502d54df0958198a95ada9d8703cbe (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/jabber.php b/lib/jabber.php
index d109e40c4..74e51d71a 100644
--- a/lib/jabber.php
+++ b/lib/jabber.php
@@ -105,8 +105,8 @@ function jabber_format_entry($profile, $notice) {
 	$entry .= "<author><name>" . $profile->nickname . "</name></author>\n";
 	$entry .= "<icon>" . common_profile_avatar_url($profile, AVATAR_PROFILE_SIZE) . "</icon>\n";
 	$entry .= "</source>\n";
-	$entry .= "<title>" . $msg . "</title>\n";
-	$entry .= "<summary>" . $msg . "</summary>\n";
+	$entry .= "<title>" . htmlspecialchars($msg) . "</title>\n";
+	$entry .= "<summary>" . htmlspecialchars($msg) . "</summary>\n";
 	$entry .= "<link rel='alternate' href='" . $noticeurl . "' />\n";
 	$entry .= "<id>". $notice->uri . "</id>\n";
 	$entry .= "<published>".common_date_w3dtf($notice->created)."</published>\n";
author	Evan Prodromou <evan@prodromou.name>	2008-07-14 10:30:42 -0400
committer	Evan Prodromou <evan@prodromou.name>	2008-07-14 10:30:42 -0400
commit	37baa03880cabecce3074d7f4c07c3adb5821371 (patch)
tree	c6f6c10d8bc0b0e9d126d826b9862a7e50d79b99 /lib/jabber.php
parent	e81361812f502d54df0958198a95ada9d8703cbe (diff)