From 6dffd12c87dcf1ce13ac0d077be8882378b87278 Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@users.mediawiki.org>
Date: Mon, 4 Jul 2005 06:35:36 +0000
Subject: [PATCH] * Fix correct use of escaping in edit toolbar bits

---
 RELEASE-NOTES            |  1 +
 skins/common/wikibits.js | 17 +++++++++++------
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index ef3f97c8fa..27e2cae7f3 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -463,6 +463,7 @@ of MediaWiki:Newpagetext) to &action=edit, if page is new.
 * (bug 2642) watchdetails message in several languages used  <a></a> instead of [ ]
 * (bug 2181) basic CSB language localisation by Tomasz G. Sienicki (thanks for the patch)
 * (bug 2632) also adjust height when zooming an image by giving only width
+* Fix correct use of escaping in edit toolbar bits
 
 
 === Caveats ===
diff --git a/skins/common/wikibits.js b/skins/common/wikibits.js
index 8726e646c9..c251c78732 100644
--- a/skins/common/wikibits.js
+++ b/skins/common/wikibits.js
@@ -261,7 +261,8 @@ function toggleToc() {
 // we use it to avoid creating the toolbar where javascript is not enabled
 function addButton(imageFile, speedTip, tagOpen, tagClose, sampleText) {
 
-	speedTip=escapeQuotes(speedTip);
+	imageFile=escapeQuotesHTML(imageFile);
+	speedTip=escapeQuotesHTML(speedTip);
 	tagOpen=escapeQuotes(tagOpen);
 	tagClose=escapeQuotes(tagClose);
 	sampleText=escapeQuotes(sampleText);
@@ -280,7 +281,7 @@ function addButton(imageFile, speedTip, tagOpen, tagClose, sampleText) {
 	document.write("<a href=\"javascript:insertTags");
 	document.write("('"+tagOpen+"','"+tagClose+"','"+sampleText+"');\">");
 
-        document.write("<img width=\"23\" height=\"22\" src=\""+imageFile+"\" border=\"0\" alt=\""+speedTip+"\" title=\""+speedTip+"\""+mouseOver+">");
+	document.write("<img width=\"23\" height=\"22\" src=\""+imageFile+"\" border=\"0\" alt=\""+speedTip+"\" title=\""+speedTip+"\""+mouseOver+">");
 	document.write("</a>");
 	return;
 }
@@ -306,17 +307,21 @@ function addInfobox(infoText,text_alert) {
 
 function escapeQuotes(text) {
 	var re=new RegExp("'","g");
-	text=text.replace(re,"&#39;");
-	re=new RegExp('"',"g");
-	text=text.replace(re,'&quot;');
+	text=text.replace(re,"\\'");
 	re=new RegExp("\\n","g");
 	text=text.replace(re,"\\n");
-	return text;
+	return escapeQuotesHTML(text);
 }
 
 function escapeQuotesHTML(text) {
+	var re=new RegExp('&',"g");
+	text=text.replace(re,"&amp;");
 	var re=new RegExp('"',"g");
 	text=text.replace(re,"&quot;");
+	var re=new RegExp('<',"g");
+	text=text.replace(re,"&lt;");
+	var re=new RegExp('>',"g");
+	text=text.replace(re,"&gt;");
 	return text;
 }
 
-- 
2.20.1