From: Neil Kandalgaonkar <neilk@users.mediawiki.org>
Date: Thu, 26 Jan 2012 02:15:04 +0000 (+0000)
Subject: sanitize outgoing messages
X-Git-Tag: 1.31.0-rc.0~25082
X-Git-Url: http://git.cyclocoop.org/%24href?a=commitdiff_plain;h=59b37461ce6397320422149c181b23a37ba8e134;p=lhc%2Fweb%2Fwiklou.git

sanitize outgoing messages
---

diff --git a/includes/MessageBlobStore.php b/includes/MessageBlobStore.php
index be6b27c9ef..f3fc4d3366 100644
--- a/includes/MessageBlobStore.php
+++ b/includes/MessageBlobStore.php
@@ -350,7 +350,12 @@ class MessageBlobStore {
 		$messages = array();
 
 		foreach ( $module->getMessages() as $key ) {
-			$messages[$key] = wfMsgExt( $key, array( 'language' => $lang ) );
+			$messages[$key] =
+				Sanitizer::normalizeCharReferences(
+					Sanitizer::removeHTMLtags(
+						wfMsgExt( $key, array( 'language' => $lang ) )
+					)
+				);
 		}
 
 		return FormatJson::encode( (object)$messages );