Handle invalid code sequences in Html::encode()

framework/helpers/BaseHtml.php

@@ -92,7 +92,7 @@ class BaseHtml
      */
     public static function encode($content, $doubleEncode = true)
     {
-        return htmlspecialchars($content, ENT_QUOTES, Yii::$app->charset, $doubleEncode);
+        return htmlspecialchars($content, ENT_QUOTES | ENT_SUBSTITUTE, Yii::$app->charset, $doubleEncode);
     }
 
     /**

tests/unit/framework/helpers/HtmlTest.php

@@ -38,7 +38,7 @@ class HtmlTest extends TestCase
 
     public function testEncode()
     {
-        $this->assertEquals("a&lt;&gt;&amp;&quot;&#039;", Html::encode("a<>&\"'"));
+        $this->assertEquals("a&lt;&gt;&amp;&quot;&#039;<EFBFBD>", Html::encode("a<>&\"'\x80"));
     }
 
     public function testDecode()