From 0dc2c7ec10cf343e972ac9473fdc6f00ed331073 Mon Sep 17 00:00:00 2001
From: Jan Schneider <jan@horde.org>
Date: Fri, 27 Nov 2009 13:14:46 +0100
Subject: [PATCH] Revert "Fix escaping title (tooltip) text"

That broke line wrapping and introduced XSS vulnerabilities.

This reverts commit a1ba596addce9de898ff5df0d00ca5025bfea02a.
---
 framework/Core/lib/Horde.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/framework/Core/lib/Horde.php b/framework/Core/lib/Horde.php
index ca095d570..c152fe3cb 100644
--- a/framework/Core/lib/Horde.php
+++ b/framework/Core/lib/Horde.php
@@ -1318,7 +1318,7 @@ HTML;
      * @param string $class      The CSS class of the link
      * @param string $target     The window target to point to.
      * @param string $onclick    JavaScript action for the 'onclick' event.
-     * @param string $title      The link title (tooltip). Unescaped.
+     * @param string $title      The link title (tooltip).
      * @param string $accesskey  The access key to use.
      * @param array  $attributes Any other name/value pairs to add to the <a>
      *                           tag.
@@ -1331,7 +1331,10 @@ HTML;
                                        $attributes = array())
     {
         if (!empty($title)) {
-            $title = htmlspecialchars($title, ENT_QUOTES, Horde_Nls::getCharset());
+            $charset = Horde_Nls::getCharset();
+            $old_error = error_reporting(0);
+            $title = '&lt;pre&gt;' . preg_replace(array('/\n/', '/((?<!<br)\s{1,}(?<!\/>))/em', '/<br \/><br \/>/', '/<br \/>/'), array('', 'str_repeat("&nbsp;", strlen("$1"))', '&lt;br /&gt; &lt;br /&gt;', '&lt;br /&gt;'), nl2br(htmlspecialchars(htmlspecialchars($title, ENT_QUOTES, $charset), ENT_QUOTES, $charset))) . '&lt;/pre&gt;';
+            error_reporting($old_error);
         }
 
         return self::link($url, $title, $class, $target, $onclick, null, $accesskey, $attributes, false);
-- 
2.11.0