dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
dd85267
)
fixed potential XSS vulnerability
author
Tim Starling
<tstarling@users.mediawiki.org>
Sat, 14 May 2005 05:42:29 +0000
(
05:42
+0000)
committer
Tim Starling
<tstarling@users.mediawiki.org>
Sat, 14 May 2005 05:42:29 +0000
(
05:42
+0000)
includes/MessageCache.php
patch
|
blob
|
history
diff --git
a/includes/MessageCache.php
b/includes/MessageCache.php
index
8af4484
..
6d4b788
100755
(executable)
--- a/
includes/MessageCache.php
+++ b/
includes/MessageCache.php
@@
-234,7
+234,7
@@
class MessageCache
}
# If uninitialised, someone is trying to call this halfway through Setup.php
if( !$this->mInitialised ) {
- return
"<$key>"
;
+ return
'<' . htmlspecialchars($key) . '>'
;
}
# If cache initialization was deferred, start it now.
if( $this->mDeferred ) {
@@
-277,7
+277,7
@@
class MessageCache
# Final fallback
if( !$message ) {
-
$message = "<$key>"
;
+
return '<' . htmlspecialchars($key) . '>'
;
}
# Replace brace tags