WikiPageValue to use Sanitizer on caption/label output / Test XSS injection

[mwjames]

This PR is made in reference to: # [0]

This PR addresses or contains:

• Use Sanitizer::removeHTMLtags instead of htmlspecialchars_decode

This PR includes:

• Tests (unit/integration)
• CI build passed

[0] http://wikimedia.7.x6.nabble.com/Modify-table-header-in-quot-further-results-quot-td5068597.html

[mwjames]

@kghbln FYI

[0] query headers should display with the same output now in Special:Ask as compared with embedded queries.

[0] http://sandbox.semantic-mediawiki.org/wiki/Modify_table_head

[kghbln]

query headers should display with the same output now in Special:Ask as compared with embedded queries.

@stefahn FYI

@mwjames Great, this works perfect now! Many thanks! I probably should have come up with this earlier: Will it be possible to allow just wiki links like [[page|label]] and [[page]] for intro and outro?

[stefahn]

@kghbln Thanks for informing me on this!

@mwjames Great work! Thanks a lot! Waiting for the next release in which this improvement will be included.

[mwjames]

Will it be possible to allow just wiki links like [[page|label]] and [[page]] for intro and outro?

It's a different function but #2007 should help providing the expected results.

[kghbln]

It's a different function but #2007 should help providing the expected results.

WOW, this is great. Thanks a lot!