XWIKI-20275: Improved escaping on XWiki.AttachmentSelector

xwiki-platform-core/xwiki-platform-attachment/xwiki-platform-attachment-ui/src/main/resources/XWiki/AttachmentSelector.xml

@@ -371,8 +371,10 @@ $xwiki.jsx.use($attachmentPickerDocName)
   $!targetDocument.use($targetDocument.getObject($options.classname, $options.object))##
   #attachmentPicker_displayAttachmentGallery($targetDocument, $targetAttachDocument, $options)
 
+  #set ($cancelLinkName = $services.rendering.escape($services.rendering.escape($services.localization.render("${translationPrefix}.cancel"), 'xwiki/2.1'), 'xwiki/2.1'))
+  #set ($cancelLinkTarget = $services.rendering.escape($services.model.serialize($targetDocument), 'xwiki/2.1'))
   (% class="gallery_buttons buttons" %)(((
-  (% class="buttonwrapper secondary" %)[[$services.localization.render("${translationPrefix}.cancel")>>${targetDocument}||class="button secondary" id="attachment-picker-close"]]
+  (% class="buttonwrapper secondary" %)[[$cancelLinkName>>$cancelLinkTarget||class="button secondary" id="attachment-picker-close"]]
   )))
 #end
 {{/velocity}}</content>

xwiki-platform-core/xwiki-platform-attachment/xwiki-platform-attachment-ui/src/test/java/org/xwiki/attachment/AttachmentSelectorPageTest.java

@@ -40,6 +40,7 @@
 import org.xwiki.component.wiki.internal.bridge.DefaultContentParser;
 import org.xwiki.icon.IconManagerScriptService;
 import org.xwiki.icon.internal.DefaultIconManagerComponentList;
+import org.xwiki.model.internal.reference.converter.EntityReferenceConverter;
 import org.xwiki.model.reference.AttachmentReference;
 import org.xwiki.model.reference.DocumentReference;
 import org.xwiki.model.script.ModelScriptService;
@@ -110,7 +111,9 @@
     // End WikiMacroEventListener
     TemporaryAttachmentsScriptService.class,
     IconManagerScriptService.class,
-    DocumentReferenceConverter.class
+    DocumentReferenceConverter.class,
+    EntityReferenceConverter.class,
+    ModelScriptService.class,
 })
 class AttachmentSelectorPageTest extends PageTest
 {
@@ -336,6 +339,17 @@ void withTemporaryAttachment() throws Exception
             + "be found");
     }
 
+    @Test
+    void cancelButton() throws Exception
+    {
+        commonFixup("test.png");
+
+        this.request.put("docname", "xwiki:Space.]] {{noscript/}}");
+
+        Document document = renderHTMLPage(new DocumentReference("xwiki", "XWiki", "AttachmentSelector"));
+        assertEquals("Space.]] {{noscript/}}", document.getElementById("attachment-picker-close").attr("href"));
+    }
+
     private void attachmentSelectorMacroFixup() throws Exception
     {
         DocumentReference attachmentSelectorDocumentReference =