https://www.mediawiki.org/wiki/Special:Code/MediaWiki/108320
Revision: 108320 Author: ashley Date: 2012-01-07 15:09:34 +0000 (Sat, 07 Jan 2012) Log Message: ----------- Comments: follow-up to r108295: XSS fix Modified Paths: -------------- trunk/extensions/Comments/SpecialCommentIgnoreList.php Modified: trunk/extensions/Comments/SpecialCommentIgnoreList.php =================================================================== --- trunk/extensions/Comments/SpecialCommentIgnoreList.php 2012-01-07 15:09:26 UTC (rev 108319) +++ trunk/extensions/Comments/SpecialCommentIgnoreList.php 2012-01-07 15:09:34 UTC (rev 108320) @@ -42,6 +42,7 @@ $out .= $this->displayCommentBlockList(); } else { if( $wgRequest->wasPosted() ) { + $user_name = htmlspecialchars_decode( $user_name ); $user_id = User::idFromName( $user_name ); // Anons can be comment-blocked, but idFromName returns nothing // for an anon, so... @@ -112,9 +113,9 @@ wfMsg( 'comment-ignore-remove-message', $user_name ) . '</div> <div> - <form action="" method="post" name="comment_block"> - <input type="hidden" name="user" value="' . $user_name . '" /> - <input type="button" class="site-button" value="' . wfMsg( 'comment-ignore-unblock' ) . '" onclick="document.comment_block.submit()" /> + <form action="" method="post" name="comment_block">' . + Html::hidden( 'user', htmlspecialchars( $user_name, ENT_QUOTES ) ) . + '<input type="button" class="site-button" value="' . wfMsg( 'comment-ignore-unblock' ) . '" onclick="document.comment_block.submit()" /> <input type="button" class="site-button" value="' . wfMsg( 'comment-ignore-cancel' ) . '" onclick="history.go(-1)" /> </form> </div>'; _______________________________________________ MediaWiki-CVS mailing list MediaWiki-CVS@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs