From 52ae9779923aef4d36f4b4138ce943e304008edd Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Wed, 28 Jul 2004 23:09:33 +0000
Subject: [PATCH] Run htmlspecialchars on title attribute text in
 get_archives_link().  Bug 0000162.

git-svn-id: https://develop.svn.wordpress.org/trunk@1497 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/template-functions-general.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/wp-includes/template-functions-general.php b/wp-includes/template-functions-general.php
index 3b4394a403..06394165b7 100644
--- a/wp-includes/template-functions-general.php
+++ b/wp-includes/template-functions-general.php
@@ -194,14 +194,16 @@ function single_month_title($prefix = '', $display = true ) {
 /* link navigation hack by Orien http://icecode.com/ */
 function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') {
 	$text = wptexturize($text);
+    $title_text = htmlspecialchars($text);
+
 	if ('link' == $format) {
-		return "\t<link rel='archives' title='$text' href='$url' />\n";
+		return "\t<link rel='archives' title='$title_text' href='$url' />\n";
 	} elseif ('option' == $format) {
 		return "\t<option value='$url'>$text</option>\n";
 	} elseif ('html' == $format) {
-		return "\t<li>$before<a href='$url' title='$text'>$text</a>$after</li>\n";
+		return "\t<li>$before<a href='$url' title='$title_text'>$text</a>$after</li>\n";
 	} else { // custom
-		return "\t$before<a href='$url' title='$text'>$text</a>$after\n";
+		return "\t$before<a href='$url' title='$title_text'>$text</a>$after\n";
 	}
 }