From ddfec2b1142cc919dcc9a61cd63cec8de487d617 Mon Sep 17 00:00:00 2001
From: sbassett <sbassett@wikimedia.org>
Date: Tue, 16 Nov 2021 12:17:18 -0600
Subject: [PATCH] [SECURITY] ve.ui.MWMediaDialog: Escape plaintext image 
 metadata fields

* Rebased security patch due to I19465a5

Bug: T293589
---
 modules/ve-mw/ui/dialogs/ve.ui.MWMediaDialog.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/ve-mw/ui/dialogs/ve.ui.MWMediaDialog.js b/modules/ve-mw/ui/dialogs/ve.ui.MWMediaDialog.js
index dad004f69..19759c72a 100644
--- a/modules/ve-mw/ui/dialogs/ve.ui.MWMediaDialog.js
+++ b/modules/ve-mw/ui/dialogs/ve.ui.MWMediaDialog.js
@@ -788,9 +788,9 @@ ve.ui.MWMediaDialog.prototype.cleanAPIresponse = function ( rawResponse, config
 	}
 
 	// Check if the string should be truncated
-	return isTruncated && !config.ignoreCharLimit ?
+	return mw.html.escape( isTruncated && !config.ignoreCharLimit ?
 		originalText.slice( 0, charLimit ) + ellipsis :
-		originalText;
+		originalText );
 };
 
 /**
-- 
2.30.2