diff options
Diffstat (limited to 'includes/Sanitizer.php')
-rw-r--r-- | includes/Sanitizer.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php index f2dcbf94..c1c8daf3 100644 --- a/includes/Sanitizer.php +++ b/includes/Sanitizer.php @@ -725,7 +725,7 @@ class Sanitizer { * @return HTML-encoded text fragment */ static function encodeAttribute( $text ) { - $encValue = htmlspecialchars( $text ); + $encValue = htmlspecialchars( $text, ENT_QUOTES ); // Whitespace is normalized during attribute decoding, // so if we've been passed non-spaces we must encode them |