diff --git a/app/code/core/Mage/Core/Helper/Abstract.php b/app/code/core/Mage/Core/Helper/Abstract.php index 4495454f7af2a..e23267eb4a706 100755 --- a/app/code/core/Mage/Core/Helper/Abstract.php +++ b/app/code/core/Mage/Core/Helper/Abstract.php @@ -268,7 +268,7 @@ public function stripTags($data, $allowableTags = null, $escape = false) */ public function escapeUrl($data) { - return htmlspecialchars($data); + return htmlspecialchars($data, ENT_COMPAT, 'UTF-8', false); } /** diff --git a/dev/tests/integration/testsuite/Mage/Core/Helper/AbstractTest.php b/dev/tests/integration/testsuite/Mage/Core/Helper/AbstractTest.php index 88dd01337fdbd..680b8f73183a2 100644 --- a/dev/tests/integration/testsuite/Mage/Core/Helper/AbstractTest.php +++ b/dev/tests/integration/testsuite/Mage/Core/Helper/AbstractTest.php @@ -105,9 +105,10 @@ public function testStripTags() */ public function testEscapeUrl() { - $data = '"three'; - $expected = '<two>"three</two>'; + $data = 'http://example.com/search?term=this+%26+that&view=list'; + $expected = 'http://example.com/search?term=this+%26+that&view=list'; $this->assertEquals($expected, $this->_helper->escapeUrl($data)); + $this->assertEquals($expected, $this->_helper->escapeUrl($expected)); } public function testJsQuoteEscape()