* (bug 3269) Inaccessible titles ending in '/.' or '/..' now forbidden.

author Brion Vibber <brion@users.mediawiki.org>

Tue, 12 Feb 2008 22:45:10 +0000 (22:45 +0000)

committer Brion Vibber <brion@users.mediawiki.org>

Tue, 12 Feb 2008 22:45:10 +0000 (22:45 +0000)
author Brion Vibber <brion@users.mediawiki.org>
Tue, 12 Feb 2008 22:45:10 +0000 (22:45 +0000)
committer Brion Vibber <brion@users.mediawiki.org>
Tue, 12 Feb 2008 22:45:10 +0000 (22:45 +0000)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES

index 18d6e33..bfbd4af 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -385,6 +385,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
  * (bug 12301) Allow maintenance/findhooks.php to search hooks in multiple directories.
  * (bug 7681, 11559) Cookie values no longer override GET and POST variables.
  * (bug 5262) Fully-qualified $wgStylePath no longer corrupted on XML feeds
+* (bug 3269) Inaccessible titles ending in '/.' or '/..' now forbidden.
  
  
  == Parser changes in 1.12 ==
diff --git a/includes/Title.php b/includes/Title.php

index ad7cc54..4c08f85 100644 (file)
--- a/includes/Title.php
+++ b/includes/Title.php
@@ -2032,7 +2032,9 @@ class Title {
                        strpos( $dbkey, './' ) === 0  ||
                        strpos( $dbkey, '../' ) === 0 ||
                        strpos( $dbkey, '/./' ) !== false ||
-                      strpos( $dbkey, '/../' ) !== false ) )
+                      strpos( $dbkey, '/../' ) !== false  ||
+                      substr( $dbkey, -2 ) == '/.' ||
+                      substr( $dbkey, -3 ) == '/..' ) )
                 {
                         return false;
                 }
author	Brion Vibber <brion@users.mediawiki.org>
	Tue, 12 Feb 2008 22:45:10 +0000 (22:45 +0000)
committer	Brion Vibber <brion@users.mediawiki.org>
	Tue, 12 Feb 2008 22:45:10 +0000 (22:45 +0000)
RELEASE-NOTES		patch \| blob \| history
includes/Title.php		patch \| blob \| history