Set @return-taint of Sanitizer::stripAllTags to tainted

author sbassett <sbassett@wikimedia.org>

Tue, 13 Aug 2019 22:06:53 +0000 (17:06 -0500)

committer sbassett <sbassett@wikimedia.org>

Tue, 13 Aug 2019 22:07:27 +0000 (17:07 -0500)
author sbassett <sbassett@wikimedia.org>
Tue, 13 Aug 2019 22:06:53 +0000 (17:06 -0500)
committer sbassett <sbassett@wikimedia.org>
Tue, 13 Aug 2019 22:07:27 +0000 (17:07 -0500)
diff --git a/includes/parser/Sanitizer.php b/includes/parser/Sanitizer.php

index 8e0cf5c..d411046 100644 (file)
--- a/includes/parser/Sanitizer.php
+++ b/includes/parser/Sanitizer.php
@@ -2036,6 +2036,7 @@ class Sanitizer {
          *
          * @param string $html HTML fragment
          * @return string
+        * @return-taint tainted
          */
         static function stripAllTags( $html ) {
                 // Use RemexHtml to tokenize $html and extract the text
author	sbassett <sbassett@wikimedia.org>
	Tue, 13 Aug 2019 22:06:53 +0000 (17:06 -0500)
committer	sbassett <sbassett@wikimedia.org>
	Tue, 13 Aug 2019 22:07:27 +0000 (17:07 -0500)