From: Jeroen De Dauw <jeroendedauw@users.mediawiki.org>
Date: Mon, 30 Jan 2012 12:24:24 +0000 (+0000)
Subject: fix xss
X-Git-Tag: 1.31.0-rc.0~25011
X-Git-Url: http://git.cyclocoop.org/%24action?a=commitdiff_plain;h=8bdd53ee0538921c11105f79515a0014f1bfc9aa;p=lhc%2Fweb%2Fwiklou.git

fix xss
---

diff --git a/includes/Action.php b/includes/Action.php
index 2dcdf78ec9..a5bcb053bd 100644
--- a/includes/Action.php
+++ b/includes/Action.php
@@ -328,7 +328,7 @@ abstract class Action {
 	 * @return String
 	 */
 	protected function getDescription() {
-		return wfMsg( strtolower( $this->getName() ) );
+		return wfMsgHtml( strtolower( $this->getName() ) );
 	}
 
 	/**
diff --git a/includes/actions/CreditsAction.php b/includes/actions/CreditsAction.php
index 3b2f77eb2e..1072d253f0 100644
--- a/includes/actions/CreditsAction.php
+++ b/includes/actions/CreditsAction.php
@@ -30,7 +30,7 @@ class CreditsAction extends FormlessAction {
 	}
 
 	protected function getDescription() {
-		return wfMsg( 'creditspage' );
+		return wfMsgHtml( 'creditspage' );
 	}
 
 	/**
diff --git a/includes/actions/WatchAction.php b/includes/actions/WatchAction.php
index 5cd2ce7d9e..e8ae3b6e86 100644
--- a/includes/actions/WatchAction.php
+++ b/includes/actions/WatchAction.php
@@ -31,7 +31,7 @@ class WatchAction extends FormAction {
 	}
 
 	protected function getDescription() {
-		return wfMsg( 'addwatch' );
+		return wfMsgHtml( 'addwatch' );
 	}
 
 	/**