From: River Tarnell <kateturner@users.mediawiki.org>
Date: Thu, 14 Oct 2004 05:08:33 +0000 (+0000)
Subject: fix xss attack
X-Git-Tag: 1.5.0alpha1~1553
X-Git-Url: http://git.cyclocoop.org/%24action?a=commitdiff_plain;h=c733ea591082facc708293bf68f25c83ade6219e;p=lhc%2Fweb%2Fwiklou.git

fix xss attack
---

diff --git a/includes/OutputPage.php b/includes/OutputPage.php
index 0e8d533844..f6a4a1a869 100644
--- a/includes/OutputPage.php
+++ b/includes/OutputPage.php
@@ -673,6 +673,7 @@ class OutputPage {
 		if ( $returnto == NULL ) {
 			$returnto = $wgRequest->getText( 'returnto' );
 		}
+		$returnto = htmlspecialchars( $returnto );
 
 		$sk = $wgUser->getSkin();
 		if ( '' == $returnto ) {