From: Chad Horohoe Date: Tue, 28 Sep 2010 11:12:56 +0000 (+0000) Subject: More bug 671: whitelist and for user input. Followup per r70164's comment. X-Git-Tag: 1.31.0-rc.0~34765 X-Git-Url: http://git.cyclocoop.org/%22.%28%24lien.?a=commitdiff_plain;h=979508b9bf0dbdde9141d6135c418b7d94933803;p=lhc%2Fweb%2Fwiklou.git More bug 671: whitelist and for user input. Followup per r70164's comment. --- diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 5ad5e6f833..f3f0848022 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -138,7 +138,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN because it encourages edits to be marked minor accidentally and it can be easily replicated by custom user scripts for those who really want it. * Non-file pages can no longer be moved to the file namespace, nor vice versa. -* (bug 671) The element has been whitelisted in user input. +* (bug 671) The , and elements have been whitelisted in user input * (bug 24563) Entries on Special:WhatLinksHere now have a link to their history * (bug 21503) There's now a "reason" field when creating account for other users * (bug 24418) action=markpatrolled now requires a token diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php index 7fdd1df5f0..ea36f25513 100644 --- a/includes/Sanitizer.php +++ b/includes/Sanitizer.php @@ -368,7 +368,8 @@ class Sanitizer { 'h2', 'h3', 'h4', 'h5', 'h6', 'cite', 'code', 'em', 's', 'strike', 'strong', 'tt', 'var', 'div', 'center', 'blockquote', 'ol', 'ul', 'dl', 'table', 'caption', 'pre', - 'ruby', 'rt' , 'rb' , 'rp', 'p', 'span', 'u', 'abbr', 'dfn' + 'ruby', 'rt' , 'rb' , 'rp', 'p', 'span', 'u', 'abbr', 'dfn', + 'kbd', 'samp' ); $htmlsingle = array( 'br', 'hr', 'li', 'dt', 'dd'