diff options
| author | Michal Čihař <michal@cihar.com> | 2016-07-12 13:29:35 +0300 |
|---|---|---|
| committer | Michal Čihař <michal@cihar.com> | 2016-07-12 13:29:35 +0300 |
| commit | e9a4de70a769312d3dce61b69f65015cdd2c4681 (patch) | |
| tree | 22f90b6731b601bca1c950073065457cd9e0d5b6 /libraries | |
| parent | 0a4cdc25f1b30db18186726d9122e68b4cba120a (diff) | |
Escape HTML in Mediawiki comments
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'libraries')
| -rw-r--r-- | libraries/plugins/export/ExportMediawiki.class.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libraries/plugins/export/ExportMediawiki.class.php b/libraries/plugins/export/ExportMediawiki.class.php index 89afe7100e..d955f9ca0f 100644 --- a/libraries/plugins/export/ExportMediawiki.class.php +++ b/libraries/plugins/export/ExportMediawiki.class.php @@ -344,7 +344,7 @@ class ExportMediawiki extends ExportPlugin // see http://www.mediawiki.org/wiki/Help:Formatting $comment = $this->_exportCRLF(); $comment .= '<!--' . $this->_exportCRLF(); - $comment .= $text . $this->_exportCRLF(); + $comment .= htmlspecialchars($text) . $this->_exportCRLF(); $comment .= '-->' . str_repeat($this->_exportCRLF(), 2); return $comment; |