SECURITY: Fix escaping of description field

Bug: T118682

Change-Id: Ic40d258964d526a66431f18d2d7f0a6ad2eca111
This commit is contained in:
Brian Wolff 2015-11-15 21:23:38 -05:00
parent 84ef237bde
commit f6c8566aa3

View file

@ -831,7 +831,7 @@ class TemplateDataBlob {
'mw-templatedata-doc-muted' => ( $paramObj->description === null )
]
],
Html::rawElement( 'p', [],
Html::element( 'p', [],
$paramObj->description !== null ?
$paramObj->description :
wfMessage( 'templatedata-doc-param-desc-empty' )->inLanguage( $lang )->text()