Gerrit Patch Uploader has uploaded a new change for review.
https://gerrit.wikimedia.org/r/286385
Change subject: Do not double decode HTML entities for IDs
......................................................................
Do not double decode HTML entities for IDs
* in links (T103714)
* in indicators (T104196)
This change removes the automatic Sanitizer::decodeCharReferences from
Sanitizer::escapeId. Where decoding of HTML entities are wanted an explicite
call to Sanitizer::decodeCharReferences is added.
Also add 'noninitial' where the first character is always a letter.
Explicit decode HTML entities in non local autocomments. (T104311)
Bug: T103714
Bug: T104196
Bug: T104311
Change-Id: I88e8e2077e6f5eec2b232391f7818370894a62dc
---
M includes/Linker.php
M includes/Sanitizer.php
M includes/api/ApiMain.php
M includes/parser/Parser.php
M includes/skins/BaseTemplate.php
M includes/specials/SpecialListgrouprights.php
M includes/specials/SpecialVersion.php
M includes/specials/pagers/AllMessagesTablePager.php
8 files changed, 15 insertions(+), 9 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core
refs/changes/85/286385/1
diff --git a/includes/Linker.php b/includes/Linker.php
index 071f95e..7228f89 100644
--- a/includes/Linker.php
+++ b/includes/Linker.php
@@ -1357,7 +1357,7 @@
$sectionTitle =
Title::newFromText( '#' . $section );
} else {
$sectionTitle =
Title::makeTitleSafe( $title->getNamespace(),
-
$title->getDBkey(), $section );
+
$title->getDBkey(), Sanitizer::decodeCharReferences( $section ) );
}
if ( $sectionTitle ) {
$link =
Linker::makeCommentLink( $sectionTitle, $wgLang->getArrow(), $wikiId,
'noclasses' );
diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php
index d321e9f..a80b683 100644
--- a/includes/Sanitizer.php
+++ b/includes/Sanitizer.php
@@ -1132,8 +1132,6 @@
global $wgExperimentalHtmlIds;
$options = (array)$options;
- $id = Sanitizer::decodeCharReferences( $id );
-
if ( $wgExperimentalHtmlIds && !in_array( 'legacy', $options )
) {
$id = preg_replace( '/[ \t\n\r\f_\'"&#%]+/', '_', $id );
$id = trim( $id, '_' );
diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php
index 07642c4..a3c8ec0 100644
--- a/includes/api/ApiMain.php
+++ b/includes/api/ApiMain.php
@@ -1632,7 +1632,7 @@
$header = $this->msg( 'api-help-datatypes-header'
)->parse();
$help['datatypes'] .= Html::rawElement( 'h' . min( 6,
$level ),
[ 'id' => 'main/datatypes', 'class' =>
'apihelp-header' ],
- Html::element( 'span', [ 'id' =>
Sanitizer::escapeId( 'main/datatypes' ) ] ) .
+ Html::element( 'span', [ 'id' =>
Sanitizer::escapeId( 'main/datatypes', 'noninitial' ) ] ) .
$header
);
$help['datatypes'] .= $this->msg( 'api-help-datatypes'
)->parseAsBlock();
@@ -1651,7 +1651,7 @@
$header = $this->msg( 'api-credits-header' )->parse();
$help['credits'] .= Html::rawElement( 'h' . min( 6,
$level ),
[ 'id' => 'main/credits', 'class' =>
'apihelp-header' ],
- Html::element( 'span', [ 'id' =>
Sanitizer::escapeId( 'main/credits' ) ] ) .
+ Html::element( 'span', [ 'id' =>
Sanitizer::escapeId( 'main/credits', 'noninitial' ) ] ) .
$header
);
$help['credits'] .= $this->msg( 'api-credits'
)->useDatabase( false )->parseAsBlock();
diff --git a/includes/parser/Parser.php b/includes/parser/Parser.php
index a1d62e5..4ee519b 100644
--- a/includes/parser/Parser.php
+++ b/includes/parser/Parser.php
@@ -4596,6 +4596,9 @@
# Save headline for section edit hint before it's
escaped
$headlineHint = $safeHeadline;
+ # Decode HTML entities
+ $safeHeadline = Sanitizer::decodeCharReferences(
$safeHeadline );
+
if ( $wgExperimentalHtmlIds ) {
# For reverse compatibility, provide an id
that's
# HTML4-compatible, like we used to.
@@ -6149,6 +6152,7 @@
# Strip out wikitext links(they break the anchor)
$text = $this->stripSectionName( $text );
$text = Sanitizer::normalizeSectionNameWhitespace( $text );
+ $text = Sanitizer::decodeCharReferences( $text );
return '#' . Sanitizer::escapeId( $text, 'noninitial' );
}
@@ -6164,6 +6168,7 @@
# Strip out wikitext links(they break the anchor)
$text = $this->stripSectionName( $text );
$text = Sanitizer::normalizeSectionNameWhitespace( $text );
+ $text = Sanitizer::decodeCharReferences( $text );
return '#' . Sanitizer::escapeId( $text, [ 'noninitial',
'legacy' ] );
}
diff --git a/includes/skins/BaseTemplate.php b/includes/skins/BaseTemplate.php
index 3408db3..22774ee 100644
--- a/includes/skins/BaseTemplate.php
+++ b/includes/skins/BaseTemplate.php
@@ -626,7 +626,7 @@
$out .= Html::rawElement(
'div',
[
- 'id' => Sanitizer::escapeId(
"mw-indicator-$id" ),
+ 'id' => Sanitizer::escapeId(
"mw-indicator-$id", 'noninitial' ),
'class' => 'mw-indicator',
],
$content
diff --git a/includes/specials/SpecialListgrouprights.php
b/includes/specials/SpecialListgrouprights.php
index d64306b..f419fba 100644
--- a/includes/specials/SpecialListgrouprights.php
+++ b/includes/specials/SpecialListgrouprights.php
@@ -124,7 +124,7 @@
? $groupsRemoveFromSelf[$group]
: [];
- $id = $group == '*' ? false : Sanitizer::escapeId(
$group );
+ $id = $group == '*' ? false : Sanitizer::escapeId(
$group, 'noninitial' );
$out->addHTML( Html::rawElement( 'tr', [ 'id' => $id ],
"
<td>$grouppage$grouplink</td>
<td>" .
diff --git a/includes/specials/SpecialVersion.php
b/includes/specials/SpecialVersion.php
index ce5cbeb..99df824 100644
--- a/includes/specials/SpecialVersion.php
+++ b/includes/specials/SpecialVersion.php
@@ -830,7 +830,7 @@
// Finally! Create the table
$html = Html::openElement( 'tr', [
'class' => 'mw-version-ext',
- 'id' => Sanitizer::escapeId( 'mw-version-ext-'
. $extension['name'] )
+ 'id' => Sanitizer::escapeId( 'mw-version-ext-'
. $extension['name'], 'noninitial' )
]
);
diff --git a/includes/specials/pagers/AllMessagesTablePager.php
b/includes/specials/pagers/AllMessagesTablePager.php
index 2f2cbc2..4666b19 100644
--- a/includes/specials/pagers/AllMessagesTablePager.php
+++ b/includes/specials/pagers/AllMessagesTablePager.php
@@ -377,7 +377,10 @@
}
if ( !$isSecond ) {
- $arr['id'] = Sanitizer::escapeId( 'msg_' .
$this->getLanguage()->lcfirst( $row->am_title ) );
+ $arr['id'] = Sanitizer::escapeId(
+ 'msg_' . $this->getLanguage()->lcfirst(
$row->am_title ),
+ 'noninitial'
+ );
}
return $arr;
--
To view, visit https://gerrit.wikimedia.org/r/286385
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I88e8e2077e6f5eec2b232391f7818370894a62dc
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Gerrit Patch Uploader <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
