We fixed bug 65143 so that HTML entities aren't double-escaped when you edit.
But they are still double-escaped in no-JS (bug 66227)
and in placeholder text for a comment on a topic.
I.e. if the topic title has <>"& . the placeholder text in the add a comment textarea is
Comment on "<>"&"
Version: master
Severity: normal
Looks fine to me.
If I create a reply with text "''test'' do be doo" the placeholder renders like so without JavaScript which is valid HTML:
<textarea id="flow-post-s1pc47n64spmrjsn-form-content" name="topic_content" required data-flow-preview-template="flow_post" data-flow-expandable="true" class="mw-ui-input" type="text" placeholder="Reply to "'''test''' do be doo"" data-role="content"></textarea>
Similarly with the text "<div>foo</div>
the placeholder is just "foo"
Broken again. See http://en.wikipedia.beta.wmflabs.org/wiki/Topic:Ryngpk7gt93ir9of . It's now:
<textarea id="flow-post-ryngpk7gt93ir9of-form-content"
name="topic_content"
required
data-flow-preview-template="flow_post"
data-flow-expandable="true"
class="mw-ui-input"
type="text"
placeholder="Reply to "' &quot; &gt; &lt; ? / . , [ ] { } \ | ) ( * &amp; ^ % $ # @ ! ~ `""
data-role="content"></textarea>and the topic title is:
' " > < ? / . , [ ] { } \ | ) ( * & ^ % $ # @ ! ~ `
Change 161101 had a related patch set uploaded by EBernhardson:
Explicitly treat Message plaintext parameters as plaintext
Change 161101 merged by jenkins-bot:
Explicitly treat Message plaintext parameters as plaintext
Still present. See http://en.wikipedia.beta.wmflabs.org/wiki/Topic:Ryngpk7gt93ir9of .
Never mind, it looks like this was also Varnish caching.
Working now, with or without JS.