From 061f68e63b57299fccf18b074d22805a641e918d Mon Sep 17 00:00:00 2001 From: Max Semenik Date: Mon, 13 Nov 2017 14:57:23 -0800 Subject: [PATCH] Sanitizer::safeEncodeAttribute(): also encode ] ...so that it wouldn't break wikilinks, too. Bug: T29694 Bug: T51672 Bug: T72875 Change-Id: I189bdefbc9034cf8d221a89d7158195de1c0fa6c --- includes/parser/Sanitizer.php | 1 + tests/parser/parserTests.txt | 28 ++++++++++++++++++++++++++-- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/includes/parser/Sanitizer.php b/includes/parser/Sanitizer.php index 4c996771e8..46cf2a54c2 100644 --- a/includes/parser/Sanitizer.php +++ b/includes/parser/Sanitizer.php @@ -1150,6 +1150,7 @@ class Sanitizer { '{' => '{', '}' => '}', // prevent unpaired language conversion syntax '[' => '[', + ']' => ']', "''" => '''', 'ISBN' => 'ISBN', 'RFC' => 'RFC', diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index a505cde6d4..6e9f9447d3 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -17774,7 +17774,7 @@ T4304: HTML attribute safety (link) !! wikitext
!! html -
+
!! end @@ -17837,7 +17837,7 @@ T4304: HTML attribute safety (named web link) !! wikitext
!! html -
+
!! end @@ -29705,3 +29705,27 @@ wgFragmentMode=[ 'html5', 'legacy' ]

#Foo bar

!! end + +!! test +T51672: Test for brackets in attributes of elements in external link texts +!! wikitext +[http://example.com/ link span] +[http://example.com/ link span] + +!! html/php +

link span +link span +

+!! end + +!! test +T72875: Test for brackets in attributes of elements in internal link texts +!! wikitext +[[Foo|link span]] +[[Foo|link span]] + +!! html/php +

link span +link span +

+!! end -- 2.20.1