From 0a41a6a1c36d96637a3793bfc460fb38784407fb Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@users.mediawiki.org>
Date: Fri, 7 Jul 2006 04:45:19 +0000
Subject: [PATCH] Use Sanitizer::encodeAttribute instead of raw
 htmlspecialchars for encoding attributes in Xml::element. This does two
 things: * Preserves tabs and newlines as given (they would otherwise be
 normalized to spaces by the XML input processor) * When generating output
 back to wiki text, this avoids line-based block parsing breakage. (bug 6577)

---
 includes/Xml.php            | 2 +-
 maintenance/parserTests.txt | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/includes/Xml.php b/includes/Xml.php
index 6e2518fedf..529933676b 100644
--- a/includes/Xml.php
+++ b/includes/Xml.php
@@ -20,7 +20,7 @@ class Xml {
 		$out = '<' . $element;
 		if( !is_null( $attribs ) ) {
 			foreach( $attribs as $name => $val ) {
-				$out .= ' ' . $name . '="' . htmlspecialchars( $val ) . '"';
+				$out .= ' ' . $name . '="' . Sanitizer::encodeAttribute( $val ) . '"';
 			}
 		}
 		if( is_null( $contents ) ) {
diff --git a/maintenance/parserTests.txt b/maintenance/parserTests.txt
index 920f478863..0238051ceb 100644
--- a/maintenance/parserTests.txt
+++ b/maintenance/parserTests.txt
@@ -4448,6 +4448,15 @@ Fuzz testing: image with bogus manual thumbnail
 
 !!end
 
+!! test
+Fuzz testing: encoded newline in generated HTML replacements (bug 6577)
+!! input
+<pre dir="&#10;"></pre>
+!! result
+<pre dir="&#10;"></pre>
+
+!! end
+
 !! test
 Parsing optional HTML elements (Bug 6171)
 !! options
-- 
2.20.1