Escape retrievedfrom message in the skin

author Niklas Laxström <niklas.laxstrom@gmail.com>

Sat, 6 Dec 2014 09:52:47 +0000 (10:52 +0100)

committer Umherirrender <umherirrender_de.wp@web.de>

Sat, 20 Dec 2014 21:19:28 +0000 (21:19 +0000)
author Niklas Laxström <niklas.laxstrom@gmail.com>
Sat, 6 Dec 2014 09:52:47 +0000 (10:52 +0100)
committer Umherirrender <umherirrender_de.wp@web.de>
Sat, 20 Dec 2014 21:19:28 +0000 (21:19 +0000)
diff --git a/includes/skins/Skin.php b/includes/skins/Skin.php

index 1a4ec98..04c02d6 100644 (file)
--- a/includes/skins/Skin.php
+++ b/includes/skins/Skin.php
@@ -646,8 +646,9 @@ abstract class Skin extends ContextSource {
                         $url = htmlspecialchars( wfExpandIRI( $this->getTitle()->getCanonicalURL() ) );
                 }
  
-               return $this->msg( 'retrievedfrom', '<a dir="ltr" href="' . $url
-                       . '">' . $url . '</a>' )->text();
+               return $this->msg( 'retrievedfrom' )
+                       ->rawParams( '<a dir="ltr" href="' . $url. '">' . $url . '</a>' )
+                       ->escaped();
         }
  
         /**
author	Niklas Laxström <niklas.laxstrom@gmail.com>
	Sat, 6 Dec 2014 09:52:47 +0000 (10:52 +0100)
committer	Umherirrender <umherirrender_de.wp@web.de>
	Sat, 20 Dec 2014 21:19:28 +0000 (21:19 +0000)