jenkins-bot has submitted this change and it was merged.
Change subject: Prevent double escape of content to be edited
......................................................................
Prevent double escape of content to be edited
Due to recent changes a variety of content was being double
escaped, this is a temporary fix until the new frontend comes
in.
Bug: 65143
Change-Id: Ifcf8a838776fc2148a0671c57fb03beea356f84d
---
M modules/base/action.js
M modules/discussion/post.js
M modules/discussion/topic.js
3 files changed, 13 insertions(+), 4 deletions(-)
Approvals:
Spage: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/base/action.js b/modules/base/action.js
index 2dce890..99596f6 100644
--- a/modules/base/action.js
+++ b/modules/base/action.js
@@ -17,7 +17,9 @@
data = data || {};
return {
- content: data.content || '',
+ // content is always pre-escaped, but we need to undo
that
+ // for editing to work correctly.
+ content: $( '<textarea>' ).html( data.content || ''
).val(),
format: data.format || 'wikitext'
};
};
diff --git a/modules/discussion/post.js b/modules/discussion/post.js
index 380b045..3840982 100644
--- a/modules/discussion/post.js
+++ b/modules/discussion/post.js
@@ -192,7 +192,9 @@
*/
mw.flow.action.post.edit.prototype.render = function ( output ) {
var $content = $( output.rendered );
- $( '.flow-post', $content )
+ $( '<div>' )
+ .html( output.rendered )
+ .find( '.flow-post' )
.replaceAll( this.$container )
// replacing container node with new content will
result in binds on old
// nodes being useless and we'll need to bind again to
the new DOM
diff --git a/modules/discussion/topic.js b/modules/discussion/topic.js
index 83c352f..b2fe980 100644
--- a/modules/discussion/topic.js
+++ b/modules/discussion/topic.js
@@ -653,7 +653,9 @@
*/
mw.flow.action.topic.edit.prototype.render = function ( output ) {
this.destroyEditForm();
- $( '.flow-realtitle', this.$container ).text( output.rendered );
+ // content, like output.rendered, is pre-sanitized for direct
html output
+ // regardless of format.
+ $( '.flow-realtitle', this.$container ).html( output.rendered );
};
/**
@@ -746,7 +748,10 @@
$( '<input />', {
'class': 'mw-ui-input
flow-edit-content',
'type': 'text',
- 'value': data.content
+ // the returned content is
pre-sanitized for html display.
+ // jQuery also attempts to escape this
data so we decode
+ // it before passing in.
+ 'value': $( '<textarea>' ).html(
data.content ).val()
} ).byteLimit( mw.config.get(
'wgFlowMaxTopicLength' ) )
)
.append(
--
To view, visit https://gerrit.wikimedia.org/r/133031
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ifcf8a838776fc2148a0671c57fb03beea356f84d
Gerrit-PatchSet: 4
Gerrit-Project: mediawiki/extensions/Flow
Gerrit-Branch: master
Gerrit-Owner: EBernhardson <[email protected]>
Gerrit-Reviewer: Bsitu <[email protected]>
Gerrit-Reviewer: Jdlrobson <[email protected]>
Gerrit-Reviewer: Matthias Mullie <[email protected]>
Gerrit-Reviewer: Spage <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
