Fix improperly quoted href link addresses; closes XSS exploit exlained at CVE-2008-2379. Thanks to Secunia Research for reporting this issue.