HomePhabricator

Don't call {{escapeContent}} inside of attribute values

Authored by Catrope.

Description

Don't call {{escapeContent}} inside of attribute values

{{escapeContent}} is misnamed, what it really does is armor
its input if the format is HTML, preventing it from being
escaped. This is never appropriate to call in attribute values.

Bug: T103054
Change-Id: I389227baee0ee2a50a4d174c9717e43a9f45635a