diff --git a/src/Symfony/Component/Debug/ExceptionHandler.php b/src/Symfony/Component/Debug/ExceptionHandler.php
index acfc63c227..8fb345da70 100644
--- a/src/Symfony/Component/Debug/ExceptionHandler.php
+++ b/src/Symfony/Component/Debug/ExceptionHandler.php
@@ -380,12 +380,12 @@ EOF;
$file = preg_match('#[^/\\\\]*$#', $path, $file) ? $file[0] : $path;
if ($linkFormat = $this->fileLinkFormat) {
- $link = str_replace(array('%f', '%l'), array($path, $line), $linkFormat);
+ $link = strtr($this->escapeHtml($linkFormat), array('%f' => $path, , '%l' => (int) $line));
- return sprintf(' in %s line %d', htmlspecialchars($link), htmlspecialchars($file), $line);
+ return sprintf(' in %s line %d', $link, $file, $line);
}
- return sprintf(' in %s line %d', htmlspecialchars($path), htmlspecialchars($file), $line);
+ return sprintf(' in %s line %d', $path, $file, $line);
}
/**
@@ -422,7 +422,7 @@ EOF;
}
/**
- * Returns an UTF-8 and HTML encoded string
+ * Returns an UTF-8 and HTML encoded string.
*/
protected static function utf8Htmlize($str)
{
@@ -441,7 +441,7 @@ EOF;
}
/**
- * HTML-encodes a string
+ * HTML-encodes a string.
*/
private function escapeHtml($str)
{
diff --git a/src/Symfony/Component/HttpKernel/DataCollector/DumpDataCollector.php b/src/Symfony/Component/HttpKernel/DataCollector/DumpDataCollector.php
index 32b99e562c..c2e89a1c32 100644
--- a/src/Symfony/Component/HttpKernel/DataCollector/DumpDataCollector.php
+++ b/src/Symfony/Component/HttpKernel/DataCollector/DumpDataCollector.php
@@ -100,9 +100,9 @@ class DumpDataCollector extends DataCollector implements DataDumperInterface
$name = $info->getTemplateName();
$src = $info->getEnvironment()->getLoader()->getSource($name);
$info = $info->getDebugInfo();
- if (isset($info[$trace[$i-1]['line']])) {
+ if (isset($info[$trace[$i - 1]['line']])) {
$file = false;
- $line = $info[$trace[$i-1]['line']];
+ $line = $info[$trace[$i - 1]['line']];
$src = explode("\n", $src);
$fileExcerpt = array();
@@ -259,7 +259,7 @@ class DumpDataCollector extends DataCollector implements DataDumperInterface
$name = strip_tags($this->style('', $name));
$file = strip_tags($this->style('', $file));
if ($fileLinkFormat) {
- $link = strtr($fileLinkFormat, array('%f' => $file, '%l' => (int) $line));
+ $link = strtr(strip_tags($this->style('', $fileLinkFormat)), array('%f' => $file, '%l' => (int) $line));
$name = sprintf(''.$s.'', $link, $file, $name);
} else {
$name = sprintf(''.$s.'', $file, $name);