Index: modules/node/node.install
===================================================================
RCS file: /cvs/drupal/drupal/modules/node/node.install,v
retrieving revision 1.6
diff -u -F^f -r1.6 node.install
--- modules/node/node.install	15 Apr 2008 08:39:03 -0000	1.6
+++ modules/node/node.install	10 Jun 2008 02:06:32 -0000
@@ -41,6 +41,7 @@ function node_schema() {
         'length' => 255,
         'not null' => TRUE,
         'default' => '',
+        'flags' => SCHEMA_TAINT_USER_GENERATED_CONTENT,
       ),
       'uid' => array(
         'description' => t('The {users}.uid that owns this node; initially, this is the user that created it.'),
@@ -238,24 +239,29 @@ function node_schema() {
         'length' => 255,
         'not null' => TRUE,
         'default' => '',
+        'flags' => SCHEMA_TAINT_USER_GENERATED_CONTENT,
       ),
       'body' => array(
         'description' => t('The body of this version.'),
         'type' => 'text',
         'not null' => TRUE,
         'size' => 'big',
+        'flags' => SCHEMA_TAINT_USER_GENERATED_CONTENT,
+        'flags' => SCHEMA_TAINT_USER_GENERATED_CONTENT,
       ),
       'teaser' => array(
         'description' => t('The teaser of this version.'),
         'type' => 'text',
         'not null' => TRUE,
         'size' => 'big',
+        'flags' => SCHEMA_TAINT_USER_GENERATED_CONTENT,
       ),
       'log' => array(
         'description' => t('The log entry explaining the changes in this version.'),
         'type' => 'text',
         'not null' => TRUE,
         'size' => 'big',
+        'flags' => SCHEMA_TAINT_USER_GENERATED_CONTENT,
       ),
       'timestamp' => array(
         'description' => t('A Unix timestamp indicating when this version was created.'),
@@ -292,6 +298,7 @@ function node_schema() {
         'length' => 255,
         'not null' => TRUE,
         'default' => '',
+        'flags' => SCHEMA_TAINT_USER_GENERATED_CONTENT,
       ),
       'module' => array(
         'description' => t('The module that implements this type.'),
@@ -304,6 +311,7 @@ function node_schema() {
         'type' => 'text',
         'not null' => TRUE,
         'size' => 'medium',
+        'flags' => SCHEMA_TAINT_USER_GENERATED_CONTENT,
       ),
       'help' => array(
         'description' => t('Help information shown to the user when creating a {node} of this type.'),
Index: modules/node/node.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/node/node.pages.inc,v
retrieving revision 1.30
diff -u -F^f -r1.30 node.pages.inc
--- modules/node/node.pages.inc	14 Apr 2008 17:48:38 -0000	1.30
+++ modules/node/node.pages.inc	10 Jun 2008 02:06:32 -0000
@@ -11,7 +11,7 @@
  * Menu callback; presents the node editing form, or redirects to delete confirmation.
  */
 function node_page_edit($node) {
-  drupal_set_title($node->title);
+  drupal_set_title(check_plain($node->title));
   return drupal_get_form($node->type . '_node_form', $node);
 }