From 69ba56aa9e679b0fc236d1403fb56c8028b521ec Mon Sep 17 00:00:00 2001
From: River Tarnell <kateturner@users.mediawiki.org>
Date: Thu, 14 Oct 2004 07:29:38 +0000
Subject: [PATCH] fix xss attack if wgRawHtml is enabled

---
 includes/SpecialMovepage.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/includes/SpecialMovepage.php b/includes/SpecialMovepage.php
index ebbd79db2a..dbba17db2a 100644
--- a/includes/SpecialMovepage.php
+++ b/includes/SpecialMovepage.php
@@ -209,7 +209,10 @@ class MovePageForm {
 		$talkmoved = $wgRequest->getVal('talkmoved');
 
 		$text = wfMsg( 'pagemovedtext', $oldtitle, $newtitle );
+		$marchingantofdoom = $wgRawHtml;
+		$wgRawHtml = false;
 		$wgOut->addWikiText( $text );
+		$wgRawHtml = $marchingantofdoom;
 
 		if ( $talkmoved == 1 ) {
 			$wgOut->addHTML( "\n<p>" . wfMsg( 'talkpagemoved' ) . "</p>\n" );
-- 
2.20.1