https://bugzilla.wikimedia.org/show_bug.cgi?id=64183
Chris Steipp changed:
What|Removed |Added
Group|security|
Component|Core
https://bugzilla.wikimedia.org/show_bug.cgi?id=64183
--- Comment #2 from Yaron Koren ---
We discussed it in the comments here:
https://gerrit.wikimedia.org/r/#/c/124995/
But based on what you're saying, it sounds like there was just a
misunderstanding about escaping vs. mangling of Javascript c
https://bugzilla.wikimedia.org/show_bug.cgi?id=64183
--- Comment #1 from Bartosz DziewoĆski ---
(In reply to Yaron Koren from comment #0)
I'm told that
> this is not correct behavior, so I'm submitting a bug for it.
By whom?
While it might not be the most fortunate behavior, Html::element only
