dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
86de0b5
)
fix xss attack
author
River Tarnell
<kateturner@users.mediawiki.org>
Thu, 14 Oct 2004 04:15:29 +0000
(
04:15
+0000)
committer
River Tarnell
<kateturner@users.mediawiki.org>
Thu, 14 Oct 2004 04:15:29 +0000
(
04:15
+0000)
includes/ImagePage.php
patch
|
blob
|
history
diff --git
a/includes/ImagePage.php
b/includes/ImagePage.php
index
f375c7f
..
6eda491
100644
(file)
--- a/
includes/ImagePage.php
+++ b/
includes/ImagePage.php
@@
-76,7
+76,7
@@
class ImagePage extends Article {
}
$s = "<div class=\"fullImageLink\">" . $anchoropen .
"<img border=\"0\" src=\"{$url}\" width=\"{$width}\" height=\"{$height}\" alt=\"" .
-
$wgRequest->getVal( 'image'
)."\" />" . $anchorclose . "</div>";
+
htmlspecialchars( $wgRequest->getVal( 'image' )
)."\" />" . $anchorclose . "</div>";
} else {
$s = "<div class=\"fullMedia\">".$sk->makeMediaLink($this->img->getName(),"")."</div>";
}