From d20243c06aa157dbfedccf1af26702576e39e922 Mon Sep 17 00:00:00 2001
From: csteipp <csteipp@wikimedia.org>
Date: Thu, 3 Dec 2015 16:12:41 -0800
Subject: [PATCH] Add warning comment on formatLinksInComment

Bug: T120324
Change-Id: If4423e14737a7e9d80661da27ad6f5463798a7d7
---
 includes/Linker.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/includes/Linker.php b/includes/Linker.php
index 842d276d2a..5255b9a133 100644
--- a/includes/Linker.php
+++ b/includes/Linker.php
@@ -1393,7 +1393,10 @@ class Linker {
 	 * is ignored
 	 *
 	 * @todo FIXME: Doesn't handle sub-links as in image thumb texts like the main parser
-	 * @param string $comment Text to format links in
+	 * @param string $comment Text to format links in. WARNING! Since the output of this
+	 *	function is html, $comment must be sanitized for use as html. You probably want
+	 *	to pass $comment through Sanitizer::escapeHtmlAllowEntities() before calling
+	 *	this function.
 	 * @param Title|null $title An optional title object used to links to sections
 	 * @param bool $local Whether section links should refer to local page
 	 * @param string|null $wikiId Id of the wiki to link to (if not the local wiki),
-- 
2.20.1