X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;f=_source%2Fcore%2Fhtmlparser%2Fbasicwriter.js;h=3a0231c8d7423b34f247cee43c1b0ac06328e055;hb=66f4ae0bf0280ed56bf7c0f4ab175424dd1d47a0;hp=c2468ecc8f6a1bfc3f0c5f52bf213fe935836220;hpb=941b0a9ba4e673e292510d80a5a86806994b8ea6;p=ckeditor.git

diff --git a/_source/core/htmlparser/basicwriter.js b/_source/core/htmlparser/basicwriter.js
index c2468ec..3a0231c 100644
--- a/_source/core/htmlparser/basicwriter.js
+++ b/_source/core/htmlparser/basicwriter.js
@@ -60,6 +60,10 @@ CKEDITOR.htmlParser.basicWriter = CKEDITOR.tools.createClass(
 		 */
 		attribute : function( attName, attValue )
 		{
+			// Browsers don't always escape special character in attribute values. (#4683, #4719).
+			if ( typeof attValue == 'string' )
+				attValue = CKEDITOR.tools.htmlEncodeAttr( attValue );
+
 			this._.output.push( ' ', attName, '="', attValue, '"' );
 		},