[MediaWiki-CVS] SVN: [70164] trunk/phase3

Thu, 29 Jul 2010 11:48:03 -0700 

http://www.mediawiki.org/wiki/Special:Code/MediaWiki/70164

Revision: 70164
Author:   simetrical
Date:     2010-07-29 18:47:58 +0000 (Thu, 29 Jul 2010)

Log Message:
-----------
Whitelist <dfn> element

Bug 671.  Harmless, why not.  The remaining elements in this vein that
we might want to whitelist include

* <q>: Not yet, inconsistent quote mark handling in browsers
* <address>: Semantics in HTML5 appear to mean it must represent contact
  info for the author of the <body> (or <article> if present), which is
  almost certain to be useless in user-submitted wiki content; see
  http://www.w3.org/Bugs/Public/show_bug.cgi?id=10255
* <kbd>, <samp>: Will add if this is WONTFIXed:
  http://www.w3.org/Bugs/Public/show_bug.cgi?id=9919

Modified Paths:
--------------
    trunk/phase3/RELEASE-NOTES
    trunk/phase3/includes/Sanitizer.php

Modified: trunk/phase3/RELEASE-NOTES
===================================================================
--- trunk/phase3/RELEASE-NOTES  2010-07-29 18:44:59 UTC (rev 70163)
+++ trunk/phase3/RELEASE-NOTES  2010-07-29 18:47:58 UTC (rev 70164)
@@ -119,6 +119,7 @@
   because it encourages edits to be marked minor accidentally and it can be
   easily replicated by custom user scripts for those who really want it.
 * Non-file pages can no longer be moved to the file namespace, nor vice versa.
+* (bug 671) The <dfn> element has been whitelisted in user input.
 
 === Bug fixes in 1.17 ===
 * (bug 17560) Half-broken deletion moved image files to deletion archive

Modified: trunk/phase3/includes/Sanitizer.php
===================================================================
--- trunk/phase3/includes/Sanitizer.php 2010-07-29 18:44:59 UTC (rev 70163)
+++ trunk/phase3/includes/Sanitizer.php 2010-07-29 18:47:58 UTC (rev 70164)
@@ -367,7 +367,7 @@
                                'h2', 'h3', 'h4', 'h5', 'h6', 'cite', 'code', 
'em', 's',
                                'strike', 'strong', 'tt', 'var', 'div', 
'center',
                                'blockquote', 'ol', 'ul', 'dl', 'table', 
'caption', 'pre',
-                               'ruby', 'rt' , 'rb' , 'rp', 'p', 'span', 'u', 
'abbr'
+                               'ruby', 'rt' , 'rb' , 'rp', 'p', 'span', 'u', 
'abbr', 'dfn'
                        );
                        $htmlsingle = array(
                                'br', 'hr', 'li', 'dt', 'dd'
@@ -1442,7 +1442,7 @@
                        'em'         => $common,
                        'strong'     => $common,
                        'cite'       => $common,
-                       # dfn
+                       'dfn'        => $common,
                        'code'       => $common,
                        # samp
                        # kbd



_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs

Reply via email to