XHTML in comments_popup_link title attribute

[ewestp]

If a post title contains XHTML markup, the markup is included in the title attribute of the Comments link. See ​http://wordpress.org/support/topic/205790. To fix the problem, I suggest that line 973 in wp-includes/comments-template.php (version 2.8.5) be changed from

$title = esc_attr( get_the_title() );

to

$title = the_title_attribute('echo=0');

[ewestp]

Changed the line described above

[scribu]

Related: #11040

[ewestp]

Here is a simple test to highlight the problem.

1) Using the default theme, make a new post with the title

The &lt;em&gt; tag adds <em>emphasis</em>

2) On the front page, mouse over the permalink made from the post title. The title attribute looks nice--no tags around the word 'emphasis'.

3) Mouse over the link to the post's comments. The title attribute looks messy because there are tags around the word 'emphasis' which obviously don't belong there.

Why aren't the links' title attributes consistent? Because the permalink uses the_title_attribute() to construct a clean title attribute (a function that seems to have been made expressly for that purpose), and comments_popup_link() does not.

If you use the search-everything plugin with highlighting enabled, search for any of the words in the post's title and witness the horror that is the title attribute of the comments link.

[xenlab]

Refreshed the patch against 2.9-beta2 (r12338)

[xenlab]

Patch has gone stale, so I refreshed it.

[markjaquith]

(In [12362]) Strip HTML from comments_popup_link title attribute. props ewestp, xenlab. fixes #10997