From a66b995be7d187a208bf7f66ce4d83911ba5932f Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Fri, 22 Jun 2018 16:07:48 +0200
Subject: Explicit quotes decoding (#1947)

* Explicit quotes decoding

* Explicit htmlspecialchars_decode and htmlspecialchars
---
 app/views/helpers/export/opml.phtml               | 8 ++++----
 app/views/helpers/index/normal/entry_bottom.phtml | 2 +-
 app/views/helpers/javascript_vars.phtml           | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

(limited to 'app/views/helpers')

diff --git a/app/views/helpers/export/opml.phtml b/app/views/helpers/export/opml.phtml
index 236cca303..edb4d4eda 100644
--- a/app/views/helpers/export/opml.phtml
+++ b/app/views/helpers/export/opml.phtml
@@ -16,11 +16,11 @@ foreach ($this->categories as $key => $cat) {
 
 	foreach ($cat['feeds'] as $feed) {
 		$opml_array['body'][$key]['@outlines'][] = array(
-			'text' => htmlspecialchars_decode($feed->name()),
+			'text' => htmlspecialchars_decode($feed->name(), ENT_QUOTES),
 			'type' => 'rss',
-			'xmlUrl' => htmlspecialchars_decode($feed->url()),
-			'htmlUrl' => htmlspecialchars_decode($feed->website()),
-			'description' => htmlspecialchars_decode($feed->description()),
+			'xmlUrl' => htmlspecialchars_decode($feed->url(), ENT_QUOTES),
+			'htmlUrl' => htmlspecialchars_decode($feed->website(), ENT_QUOTES),
+			'description' => htmlspecialchars_decode($feed->description(), ENT_QUOTES),
 		);
 	}
 }
diff --git a/app/views/helpers/index/normal/entry_bottom.phtml b/app/views/helpers/index/normal/entry_bottom.phtml
index 793c644f9..6417da4cb 100644
--- a/app/views/helpers/index/normal/entry_bottom.phtml
+++ b/app/views/helpers/index/normal/entry_bottom.phtml
@@ -81,7 +81,7 @@
 			<ul class="dropdown-menu">
 				<li class="dropdown-close"><a href="#close">❌</a></li><?php
 				foreach($tags as $tag) {
-					?><li class="item"><a href="<?php echo _url('index', 'index', 'search', '#' . htmlspecialchars_decode($tag)); ?>"><?php echo $tag; ?></a></li><?php
+					?><li class="item"><a href="<?php echo _url('index', 'index', 'search', '#' . htmlspecialchars_decode($tag, ENT_QUOTES)); ?>"><?php echo $tag; ?></a></li><?php
 				} ?>
 			</ul>
 		</div>
diff --git a/app/views/helpers/javascript_vars.phtml b/app/views/helpers/javascript_vars.phtml
index 1b9b614d2..d7b3e4360 100644
--- a/app/views/helpers/javascript_vars.phtml
+++ b/app/views/helpers/javascript_vars.phtml
@@ -56,4 +56,4 @@ echo htmlspecialchars(json_encode(array(
 	'icons' => array(
 		'close' => _i('close'),
 	),
-), JSON_UNESCAPED_UNICODE), ENT_NOQUOTES);
+), JSON_UNESCAPED_UNICODE), ENT_NOQUOTES, 'UTF-8');
-- 
cgit v1.2.3