output of function checked resp. __checked_selected_helper has single quotation marks which can produce JS error

[ntm]

the function checked until WP 2.7 returns checked="checked" (with double quotation marks) and now with single quotation marks.

If this new behavior is intentionally then I want to suggest to give the opportunity for passing another parameter to this function which specifies the type of the quotation marks.

or
write simply $result = ' '.$type.'="'.$type.'"'; instead of $result = " $type='$type'"; now.

in file /wp-admin/includes/template.php (line 419) of WP 2.8

[westi]

Please could the reporter share example code that they were using which no longer works correctly.

[Denis-de-Bernardy]

it's almost certainly something along the lines of writing js without escaping the html.

[ryan]

We'll call it a security audit feature. :-) esc_js() should really be used, if that is the scenario here. Reopen if esc_js() is not appropriate for your context.

[ntm]

Thank you for your regard. ryan you are right. esc_js() or js_escape() solves my problem, too.

I have written a plugin which adds a third comment_status.

With this plugins (and some additions to the theme) Authors can allow commenting for all, for registered visitors only or for no one.
For the plugin manipulates e.g. the appearance of the /wp_admin/post-new.php and /wp-admin/post.php pages via Javascript property innerHTML.