TurboWarp · GarboMuffin · Jun 30, 2023
diff --git a/src/util/xml-escape.js b/src/util/xml-escape.js
@@ -10,14 +10,8 @@ const log = require('./log');
  */
 const xmlEscape = function (unsafe) {
     if (typeof unsafe !== 'string') {
-        if (Array.isArray(unsafe)) {
-            // This happens when we have hacked blocks from 2.0
-            // See #1030
-            unsafe = String(unsafe);
-        } else {
-            log.error('Unexpected input recieved in replaceUnsafeChars');
-            return unsafe;
-        }
+        log.error('Unexpected input recieved in xmlEscape');
+        unsafe = String(unsafe);
     }
     return unsafe.replace(/[<>&'"]/g, c => {
         switch (c) {

diff --git a/test/unit/tw-xml-escape-returns-string.js b/test/unit/tw-xml-escape-returns-string.js
@@ -0,0 +1,15 @@
+const {test} = require('tap');
+const xmlEscape = require('../../src/util/xml-escape');
+
+test('xmlEscape always returns a string', t => {
+    // Logging errors during this test is expected.
+    t.equal(xmlEscape('<< >> "\'&"\'&'), '&lt;&lt; &gt;&gt; &quot;&apos;&amp;&quot;&apos;&amp;');
+    t.equal(xmlEscape(null), 'null');
+    t.equal(xmlEscape(undefined), 'undefined');
+    t.equal(xmlEscape(5), '5');
+    t.equal(xmlEscape(true), 'true');
+    t.equal(xmlEscape(false), 'false');
+    t.equal(xmlEscape(['<', '>']), '&lt;,&gt;');
+    t.equal(xmlEscape({a: 'whatever'}), '[object Object]');
+    t.end();
+});