From eae03129325abdfe288e1c5649c7a8f13e0abd9c Mon Sep 17 00:00:00 2001
From: Alexey Verkhovsky <averkhov@thoughtworks.com>
Date: Thu, 28 Apr 2005 05:10:58 +0000
Subject: [PATCH] Escaping page title in RSS feeds (ticket:143)

---
 app/views/wiki/rss_feed.rhtml           |  2 +-
 test/functional/wiki_controller_test.rb | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/app/views/wiki/rss_feed.rhtml b/app/views/wiki/rss_feed.rhtml
index 12ac7073..a33131a3 100644
--- a/app/views/wiki/rss_feed.rhtml
+++ b/app/views/wiki/rss_feed.rhtml
@@ -8,7 +8,7 @@
 		<ttl>40</ttl>
   <% for page in @pages_by_revision %>
 		<item>
-      <title><%= page.plain_name %></title>
+      <title><%= h page.plain_name %></title>
     <% unless @hide_description %>
       <description><%= h page.display_content %></description>
     <% end %>
diff --git a/test/functional/wiki_controller_test.rb b/test/functional/wiki_controller_test.rb
index 800c324a..1ca3f814 100755
--- a/test/functional/wiki_controller_test.rb
+++ b/test/functional/wiki_controller_test.rb
@@ -462,6 +462,19 @@ class WikiControllerTest < Test::Unit::TestCase
     pages = r.template_objects['pages_by_revision']
     assert_equal 5, pages.size
   end
+
+  def test_rss_title_with_ampersand
+    # was ticket:143
+    setup_wiki_with_three_pages
+    
+    @wiki.write_page('wiki1', 'Title&With&Ampersands', 
+      'About spaces', 1.hour.ago, Author.new('NitPicker', '127.0.0.3'))
+
+    r = process 'rss_with_headlines', 'web' => 'wiki1'
+
+    assert r.body.include?('<title>Home Page</title>')
+    assert r.body.include?('<title>Title&amp;With&amp;Ampersands</title>')
+  end
   
   def test_save
     r = process 'save', 'web' => 'wiki1', 'id' => 'NewPage', 'content' => 'Contents of a new page',