From e9bb160bcc0ea1d875f9a179ad714df35361176c Mon Sep 17 00:00:00 2001
From: Alexander Menk <alex.menk@gmail.com>
Date: Tue, 19 May 2015 17:04:47 +0200
Subject: [PATCH] ExceptionHandler: More Encoding

---
 src/Symfony/Component/Debug/ExceptionHandler.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Symfony/Component/Debug/ExceptionHandler.php b/src/Symfony/Component/Debug/ExceptionHandler.php
index fcb4e56c58..acfc63c227 100644
--- a/src/Symfony/Component/Debug/ExceptionHandler.php
+++ b/src/Symfony/Component/Debug/ExceptionHandler.php
@@ -382,10 +382,10 @@ EOF;
         if ($linkFormat = $this->fileLinkFormat) {
             $link = str_replace(array('%f', '%l'), array($path, $line), $linkFormat);
 
-            return sprintf(' in <a href="%s" title="Go to source">%s line %d</a>', $link, $file, $line);
+            return sprintf(' in <a href="%s" title="Go to source">%s line %d</a>', htmlspecialchars($link), htmlspecialchars($file), $line);
         }
 
-        return sprintf(' in <a title="%s line %3$d" ondblclick="var f=this.innerHTML;this.innerHTML=this.title;this.title=f;">%s line %d</a>', $path, $file, $line);
+        return sprintf(' in <a title="%s line %3$d" ondblclick="var f=this.innerHTML;this.innerHTML=this.title;this.title=f;">%s line %d</a>', htmlspecialchars($path), htmlspecialchars($file), $line);
     }
 
     /**