From: Antoine Musso <hashar@users.mediawiki.org>
Date: Thu, 25 Aug 2005 03:42:18 +0000 (+0000)
Subject: XSS issue : now sanitize search query input
X-Git-Tag: 1.6.0~1813
X-Git-Url: http://git.cyclocoop.org/ecrire?a=commitdiff_plain;h=31f9baa742d5e52de18e8f074d44d5a89769599c;p=lhc%2Fweb%2Fwiklou.git

XSS issue : now sanitize search query input
---

diff --git a/includes/SpecialSearch.php b/includes/SpecialSearch.php
index 265ded6dba..62b207fb40 100644
--- a/includes/SpecialSearch.php
+++ b/includes/SpecialSearch.php
@@ -35,7 +35,7 @@ require_once( 'Revision.php' );
 function wfSpecialSearch( $par = '' ) {
 	global $wgRequest, $wgUser;
 	
-	$search = $wgRequest->getText( 'search', $par );
+	$search = Sanitizer::removeHTMLtags($wgRequest->getText( 'search', $par ));
 	$searchPage = new SpecialSearch( $wgRequest, $wgUser );
 	if( $wgRequest->getVal( 'fulltext' ) ||
 		!is_null( $wgRequest->getVal( 'offset' ) ) ||