treewide: avoid double-escaping CBI section labels

Since the section labels are already HTML-escaped implicitely by the
striptags() function, we must not escape them again in attr() or
ifattr().

Fixes: #2524
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

applications/luci-app-adblock/luasrc/view/adblock/blocklist.htm

@@ -27,7 +27,7 @@ local anonclass  = (not self.anonymous or self.sectiontitle) and "named" or "ano
 				for i, k in ipairs(self:cfgsections()) do
 					section = k
 					local sectionname  = striptags((type(self.sectiontitle) == "function") and self:sectiontitle(section) or k)
-					local sectiontitle = ifattr(sectionname and (not self.anonymous or self.sectiontitle), "data-title", sectionname)
+					local sectiontitle = ifattr(sectionname and (not self.anonymous or self.sectiontitle), "data-title", sectionname, true)
 					isempty = false
 					scope = { valueheader = "cbi/cell_valueheader", valuefooter = "cbi/cell_valuefooter" }
 			-%>

applications/luci-app-banip/luasrc/view/banip/sourcelist.htm

@@ -27,7 +27,7 @@ local anonclass  = (not self.anonymous or self.sectiontitle) and "named" or "ano
 				for i, k in ipairs(self:cfgsections()) do
 					section = k
 					local sectionname  = striptags((type(self.sectiontitle) == "function") and self:sectiontitle(section) or k)
-					local sectiontitle = ifattr(sectionname and (not self.anonymous or self.sectiontitle), "data-title", sectionname)
+					local sectiontitle = ifattr(sectionname and (not self.anonymous or self.sectiontitle), "data-title", sectionname, true)
 					isempty = false
 					scope = { valueheader = "cbi/cell_valueheader", valuefooter = "cbi/cell_valuefooter" }
 			-%>

modules/luci-base/luasrc/view/cbi/cell_valueheader.htm

@@ -6,7 +6,7 @@
 <div class="td cbi-value-field<% if self.error and self.error[section] then %> cbi-value-error<% end %>"<%=
 	attr("data-name", self.option) ..
 	ifattr(ftype and #ftype > 0, "data-type", ftype) ..
-	ifattr(title and #title > 0, "data-title", title) ..
-	ifattr(descr and #descr > 0, "data-description", descr)
+	ifattr(title and #title > 0, "data-title", title, true) ..
+	ifattr(descr and #descr > 0, "data-description", descr, true)
 %>>
 <div id="cbi-<%=self.config.."-"..section.."-"..self.option%>" data-index="<%=self.index%>" data-depends="<%=pcdata(self:deplist2json(section))%>">

modules/luci-base/luasrc/view/cbi/tblsection.htm

@@ -127,7 +127,7 @@ end
 				section = k
 
 				local sectionname = striptags((type(self.sectiontitle) == "function") and self:sectiontitle(section) or k)
-				local sectiontitle = ifattr(sectionname and (not self.anonymous or self.sectiontitle), "data-title", sectionname)
+				local sectiontitle = ifattr(sectionname and (not self.anonymous or self.sectiontitle), "data-title", sectionname, true)
 				local colorclass = (self.extedit or self.rowcolors) and rowstyle() or ""
 				local scope = {
 					valueheader = "cbi/cell_valueheader",