dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8fdd009) | patch
(bug 39700) Add htmlspecialchars encoding to label
authorcsteipp <csteipp@wikimedia.org>
Fri, 31 Aug 2012 03:40:19 +0000 (20:40 -0700)
committercsteipp <csteipp@wikimedia.org>
Fri, 31 Aug 2012 21:51:25 +0000 (14:51 -0700)
commit21971b28bcee9427989d4bfaf97510ea87b3ea86
treee9ea7c8446b65b55a09fbf612958fe49bc447b75tree | snapshot
parent8fdd009ac4d55389851a82190b1c7ed44f0afb68commit | diff
(bug 39700) Add htmlspecialchars encoding to label

Adds htmlspecialchars encoding to the link label, passed
into Linker::makeBrokenImageLinkObj.

This fixes a stored XSS (HTML injection) vulnerability.

* Released as part of 1.20wmf10, 1.19.2, 1.18.5

Change-Id: I0e5f9eeb1f3561b1354aecced74f68ae2fa20dfa
includes/Linker.php diff | blob | history
tests/parser/parserTests.txt diff | blob | history
Wiklou, le Wiki du Wiklou