Last modified: 2010-05-15 15:54:46 UTC
$wgOut->setPageTitle($new_title) appears to have an entity escaping bug. I can demonstrate the bug by calling it this way: $wgOut->setPageTitle("US&S"). Doing that makes my <title> tag correct, but does _not_ change "US&S" to "US&S" in the HTML of the rendered page. Calling it this way: $wgOut->setPageTitle(htmlspecialchars("US&S")) gets the HTML correct, but then the <title> tag will hold "US&amp;S" ... obviously wrong. I can do this, and get the correct results: $new_title="US&S"; $wgOut->setPageTitle(htmlspecialchars($new_title)); $wgOut->setHTMLTitle($new_title); I see in mediawiki/includes/OutputPage.php that setPageTitle() calls setHTMLTitle(), but it must do so wrongly in some way.
Ugh, usage seems fairly inconsistent and annoying. Needs some cleanup...
Prio: high
This is a very strange bug. There is no HTML conversion in OutputPage::setPageTitle() (which referenced Language::convert() and wfMsg() as well as OutputPage::setHTMLTitle()), but when generating the page in OutputPage::headerElement(), the title is put through htmlspecialchars(). So why would putting the title through htmlspecialchars() a two times or one make a difference (especially since the latter causes no conversion whatsoever).
This seems to have been fixed in r49330, which runs setPageTitle() input through Sanitizer::normalizeCharReferences().