dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 72e98e4) | patch
* Fix XSS in Special:Search with extended engine features ("did you mean")
authorBrion Vibber <brion@users.mediawiki.org>
Mon, 5 Jan 2009 20:37:15 +0000 (20:37 +0000)
committerBrion Vibber <brion@users.mediawiki.org>
Mon, 5 Jan 2009 20:37:15 +0000 (20:37 +0000)
commit1de9c48715b6560eb868f7aa1007967e4cc07f7f
tree49759de62d1c7c598266b9721718eebd017070c0tree | snapshot
parent72e98e4e6ab24df27ecd9b1301e62ab4bfcec474commit | diff
* Fix XSS in Special:Search with extended engine features ("did you mean")

Switched a couple of manually created '<a href>'s to use Linker functions,
and put an htmlspecialchars() on the 'did you mean' snippet result which was
spewing raw input-derived text into output (bad!)
RELEASE-NOTES diff | blob | history
includes/specials/SpecialSearch.php diff | blob | history
Wiklou, le Wiki du Wiklou