Fix HTML escaping of to-source links

src/Symfony/Bridge/Twig/Extension/CodeExtension.php

@@ -49,7 +49,7 @@ class CodeExtension extends \Twig_Extension
             new \Twig_SimpleFilter('file_excerpt', array($this, 'fileExcerpt'), array('is_safe' => array('html'))),
             new \Twig_SimpleFilter('format_file', array($this, 'formatFile'), array('is_safe' => array('html'))),
             new \Twig_SimpleFilter('format_file_from_text', array($this, 'formatFileFromText'), array('is_safe' => array('html'))),
-            new \Twig_SimpleFilter('file_link', array($this, 'getFileLink'), array('is_safe' => array('html'))),
+            new \Twig_SimpleFilter('file_link', array($this, 'getFileLink')),
         );
     }
 

src/Symfony/Bundle/FrameworkBundle/Templating/Helper/CodeHelper.php

@@ -154,24 +154,25 @@ class CodeHelper extends Helper
      */
     public function formatFile($file, $line, $text = null)
     {
+        if (PHP_VERSION_ID >= 50400) {
+            $flags = ENT_QUOTES | ENT_SUBSTITUTE;
+        } else {
+            $flags = ENT_QUOTES;
+        }
+
         if (null === $text) {
             $file = trim($file);
             $fileStr = $file;
             if (0 === strpos($fileStr, $this->rootDir)) {
                 $fileStr = str_replace($this->rootDir, '', str_replace('\\', '/', $fileStr));
-                $fileStr = sprintf('<abbr title="%s">kernel.root_dir</abbr>/%s', $this->rootDir, $fileStr);
+                $fileStr = htmlspecialchars($fileStr, $flags, $this->charset);
+                $fileStr = sprintf('<abbr title="%s">kernel.root_dir</abbr>/%s', htmlspecialchars($this->rootDir, $flags, $this->charset), $fileStr);
             }
 
-            $text = "$fileStr at line $line";
+            $text = sprintf('%s at line %d', $fileStr, $line);
         }
 
         if (false !== $link = $this->getFileLink($file, $line)) {
-            if (PHP_VERSION_ID >= 50400) {
-                $flags = ENT_QUOTES | ENT_SUBSTITUTE;
-            } else {
-                $flags = ENT_QUOTES;
-            }
-
             return sprintf('<a href="%s" title="Click to open this file" class="file_link">%s</a>', htmlspecialchars($link, $flags, $this->charset), $text);
         }
 

src/Symfony/Component/Debug/ExceptionHandler.php

@@ -157,10 +157,11 @@ EOF
                         }
                         if (isset($trace['file']) && isset($trace['line'])) {
                             if ($linkFormat = ini_get('xdebug.file_link_format')) {
-                                $link = str_replace(array('%f', '%l'), array($trace['file'], $trace['line']), $linkFormat);
+                                $link = strtr($linkFormat, array('%f' => $trace['file'], '%l' => $trace['line']));
-                                $content .= sprintf(' in <a href="%s" title="Go to source">%s line %s</a>', $link, $trace['file'], $trace['line']);
+                                $link = htmlspecialchars($link, $flags, $this->charset);
+                                $content .= sprintf(' in <a href="%s" title="Go to source">%s line %d</a>', $link, htmlspecialchars($trace['file'], $flags, $this->charset), $trace['line']);
                             } else {
-                                $content .= sprintf(' in %s line %s', $trace['file'], $trace['line']);
+                                $content .= sprintf(' in %s line %d', htmlspecialchars($trace['file'], $flags, $this->charset), $trace['line']);
                             }
                         }
                         $content .= "</li>\n";