http://www.mediawiki.org/wiki/Special:Code/MediaWiki/84724
Revision: 84724
Author: kaldari
Date: 2011-03-25 01:52:22 +0000 (Fri, 25 Mar 2011)
Log Message:
-----------
category name sanitization
Modified Paths:
--------------
trunk/extensions/UploadWizard/resources/jquery/jquery.mwCoolCats.js
Modified: trunk/extensions/UploadWizard/resources/jquery/jquery.mwCoolCats.js
===================================================================
--- trunk/extensions/UploadWizard/resources/jquery/jquery.mwCoolCats.js
2011-03-25 01:33:12 UTC (rev 84723)
+++ trunk/extensions/UploadWizard/resources/jquery/jquery.mwCoolCats.js
2011-03-25 01:52:22 UTC (rev 84724)
@@ -80,6 +80,8 @@
}
function _insertCat( cat, isHidden ) {
+ // strip out bad characters
+ cat = cat.replace(
/[\x00-\x1f\x3c\x3e\x5b\x5d\x7b\x7c\x7d\x7f]+/g, '' );
if ( mw.isEmpty( cat ) || _containsCat( cat ) ) {
return;
}
@@ -120,13 +122,15 @@
function _fetchSuggestions( query ) {
var _this = this;
+ // ignore bad characters, they will be stripped out
+ var catName = $j( this ).val().replace(
/[\x00-\x1f\x3c\x3e\x5b\x5d\x7b\x7c\x7d\x7f]+/g, '' );
var request = $j.ajax( {
url: wgScriptPath + '/api.php',
data: {
'action': 'query',
'list': 'allpages',
'apnamespace': wgNamespaceIds['category'],
- 'apprefix': $j( this ).val(),
+ 'apprefix': catName,
'format': 'json'
},
dataType: 'json',
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
