Dan-nl has uploaded a new change for review.
https://gerrit.wikimedia.org/r/98742
Change subject: sanitizer-escape-id
......................................................................
sanitizer-escape-id
chris steipp requested that:
* getButtonRowNoMetadata, getFirstRow use Sanitizer::escapeId for html id attr
* xml_validator.asp needs to be an external link
when the $msg on line line 463 of /includes/Handlers/Xml/XmlDetectHandler.php
is passed to GWTException, it is properly converted to an external exception.
i’m
assuming that this means that class="external free" gets applied to the link
and rel="nofollow".
i also adjusted the same link that is in /includes/Forms/MetadataDetectForm.php
Change-Id: I9e8a8daa92fe59d9bc206028fbbef9b4b06b7ff5
---
M includes/Forms/MetadataDetectForm.php
M includes/Handlers/Xml/XmlDetectHandler.php
2 files changed, 11 insertions(+), 8 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/GWToolset
refs/changes/42/98742/1
diff --git a/includes/Forms/MetadataDetectForm.php
b/includes/Forms/MetadataDetectForm.php
index 1e2d951..5b4d896 100644
--- a/includes/Forms/MetadataDetectForm.php
+++ b/includes/Forms/MetadataDetectForm.php
@@ -193,7 +193,9 @@
'a',
array(
'href' =>
'http://www.w3schools.com/xml/xml_validator.asp',
- 'target' => '_blank'
+ 'target' => '_blank',
+ 'class' => 'external
free',
+ 'rel' => 'nofollow'
),
'XML Validator'
)
diff --git a/includes/Handlers/Xml/XmlDetectHandler.php
b/includes/Handlers/Xml/XmlDetectHandler.php
index 8e5c9c3..1950090 100644
--- a/includes/Handlers/Xml/XmlDetectHandler.php
+++ b/includes/Handlers/Xml/XmlDetectHandler.php
@@ -17,6 +17,7 @@
GWToolset\Models\MediawikiTemplate,
Html,
MWException,
+ Sanitizer,
SpecialPage,
XMLReader;
@@ -209,11 +210,11 @@
return sprintf(
$template,
- Utils::sanitizeString( $parameter_as_id ),
+ Sanitizer::escapeId( $parameter_as_id ),
$this->getFormLabel( $parameter ),
$required,
Utils::sanitizeString( $parameter ),
- Utils::sanitizeString( $parameter_as_id ),
+ Sanitizer::escapeId( $parameter_as_id ),
$this->getMetadataAsOptions( $selected_option )
);
}
@@ -240,11 +241,11 @@
return sprintf(
$template,
- Utils::sanitizeString( $parameter_as_id ),
+ Sanitizer::escapeId( $parameter_as_id ),
$this->getFormLabel( $parameter ),
$required,
Utils::sanitizeString( $parameter ),
- Utils::sanitizeString( $parameter_as_id ),
+ Sanitizer::escapeId( $parameter_as_id ),
$this->getMetadataAsOptions( $selected_option )
);
}
@@ -452,9 +453,9 @@
if ( is_string( $xml_source ) && !empty( $xml_source ) ) {
$this->readXmlAsFile( $user_options, $xml_source,
$callback );
} else {
- $msg = wfMessage( 'gwtoolset-developer-issue' )->params(
- wfMessage( 'gwtoolset-no-xml-source'
)->escaped()
- )->parse();
+ $msg = wfMessage( 'gwtoolset-developer-issue' )
+ ->params( wfMessage( 'gwtoolset-no-xml-source'
)->escaped() )
+ ->parse();
throw new MWException( $msg );
}
--
To view, visit https://gerrit.wikimedia.org/r/98742
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I9e8a8daa92fe59d9bc206028fbbef9b4b06b7ff5
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/GWToolset
Gerrit-Branch: master
Gerrit-Owner: Dan-nl <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
