[Notifications] Escape HTML in destUrl and fileName (!628) · Merge requests · Plasma / Plasma Workspace

Ensures that a file or destination named <h1>foo.txt doesn't break the layout.

It still goes through the normal HTML text filter, so remote file access isn't possible, merely screwing up the layout.

gonna make a dedicated patch for 5.21 as !626 (merged) changed between 5.21 and master

[Notifications] Escape HTML in destUrl and fileName