From: Brion Vibber Date: Tue, 15 Jul 2008 21:13:34 +0000 (+0000) Subject: Revert r37663 for now: X-Git-Tag: 1.31.0-rc.0~46493 X-Git-Url: http://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/operations/recherche.php?a=commitdiff_plain;h=f9a904721937e6a8f6c5b5aa7a1126b8e25b1085;p=lhc%2Fweb%2Fwiklou.git Revert r37663 for now: "* (bug 13815) In the comment for page moves, use the colon-separator message instead of a hardcoded colon." "* So that this works properly, don't escape HTML entities in edit summaries. I don't see any good reason for them to be escaped there. Of course, this may result in old edit summaries displaying slightly differently if for some reason they included an entity, but in that case there's at least a 50% chance that they intended it to not be escaped in the first place." This breaks the ability to easily discuss entities in summaries such as "add  ". --- diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 7c7be8501d..22e89c28b2 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -189,9 +189,6 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN * (bug 9736) Redirects on Special:Fewestrevisions are now marked as such. * New date/time formats in Cs localization according to ČSN and PČP. * Added new hook LinkerLinkAttributes for modifying attributes of tags. -* HTML entities like   now work (are not escaped) in edit summaries. -* (bug 13815) In the comment for page moves, use the colon-separator message - instead of a hardcoded colon. * Add a new hook SkinSetupSiteCss to allow extensions to define new stylesheets to load site wide, or modify the list of stylesheets to load. This can be useful for wiki farms who need a specific placement of the stylesheets to cascade right. diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php index d90c6126ba..56a313fa0f 100644 --- a/includes/GlobalFunctions.php +++ b/includes/GlobalFunctions.php @@ -628,7 +628,9 @@ function wfMsgExt( $key, $options ) { if ( in_array('escape', $options) ) { $string = htmlspecialchars ( $string ); } elseif ( in_array( 'escapenoentities', $options ) ) { - $string = Sanitizer::escapeHtmlAllowEntities( $string ); + $string = htmlspecialchars( $string ); + $string = str_replace( '&', '&', $string ); + $string = Sanitizer::normalizeCharReferences( $string ); } if( in_array('replaceafter', $options) ) { diff --git a/includes/Linker.php b/includes/Linker.php index 864c145ff6..af5636d662 100644 --- a/includes/Linker.php +++ b/includes/Linker.php @@ -1046,8 +1046,7 @@ class Linker { # Sanitize text a bit: $comment = str_replace( "\n", " ", $comment ); - # Allow HTML entities (for bug 13815) - $comment = Sanitizer::escapeHtmlAllowEntities( $comment ); + $comment = htmlspecialchars( $comment ); # Render autocomments and make links: $comment = $this->formatAutoComments( $comment, $title, $local ); diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php index 4d5b89c756..28b1c27576 100644 --- a/includes/Sanitizer.php +++ b/includes/Sanitizer.php @@ -826,22 +826,6 @@ class Sanitizer { $class ), '_'); } - /** - * Given HTML input, escape with htmlspecialchars but un-escape entites. - * This allows (generally harmless) entities like   to survive. - * - * @param string $html String to escape - * @return string Escaped input - */ - static function escapeHtmlAllowEntities( $html ) { - # It seems wise to escape ' as well as ", as a matter of course. Can't - # hurt. - $html = htmlspecialchars( $html, ENT_QUOTES ); - $html = str_replace( '&', '&', $html ); - $html = Sanitizer::normalizeCharReferences( $html ); - return $html; - } - /** * Regex replace callback for armoring links against further processing. * @param array $matches diff --git a/includes/Title.php b/includes/Title.php index d0b593ca72..b64d2c9c87 100644 --- a/includes/Title.php +++ b/includes/Title.php @@ -2718,9 +2718,7 @@ class Title { $fname = 'MovePageForm::moveToNewTitle'; $comment = wfMsgForContent( '1movedto2', $this->getPrefixedText(), $nt->getPrefixedText() ); if ( $reason ) { - $comment .= wfMsgExt( 'colon-separator', - array( 'escapenoentities', 'content' ) ); - $comment .= $reason; + $comment .= ": $reason"; } $newid = $nt->getArticleID();