The problem what I found was that we use
htmlspecialchars on the title before we save it to the db, and we double encode it in the twig file. We put into the DOM at line 83 (but this is hidden on the page), and than we use this already encoded version at line 88.
LGTM and works locally, merging
|raw would that be causing any security issue? Like when title maybe contains
}}? Would we need to use something like
|rawSafeDecoded? Or if we ever tracked title not encoded in the past could this cause an issue?