[MediaWiki-commits] [Gerrit] mediawiki...SecurityCheckPlugin[master]: Html escaping functions shouldn't clear non-html taint

[jenkins-bot (Code Review)]

jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/397587 )

Change subject: Html escaping functions shouldn't clear non-html taint
..


Html escaping functions shouldn't clear non-html taint

Change-Id: I88df9274a1b3554d3113374d42131fdf5117c180
---
M MediaWikiSecurityCheckPlugin.php
1 file changed, 6 insertions(+), 6 deletions(-)

Approvals:
  Brian Wolff: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/MediaWikiSecurityCheckPlugin.php b/MediaWikiSecurityCheckPlugin.php
index 37a682c..f9c8198 100644
--- a/MediaWikiSecurityCheckPlugin.php
+++ b/MediaWikiSecurityCheckPlugin.php
@@ -373,25 +373,25 @@
'overall' => self::YES_TAINT
],
'\Html::rawElement' => [
-   self::HTML_TAINT,
+   self::YES_TAINT,
self::NO_TAINT,
-   self::HTML_TAINT,
+   self::YES_TAINT,
'overall' => self::NO_TAINT
],
'\Html::element' => [
-   self::HTML_TAINT,
+   self::YES_TAINT,
self::NO_TAINT,
self::NO_TAINT,
'overall' => self::NO_TAINT
],
'\Xml::tags' => [
-   self::HTML_TAINT,
+   self::YES_TAINT,
self::NO_TAINT,
-   self::HTML_TAINT,
+   self::YES_TAINT,
'overall' => self::NO_TAINT
],
'\Xml::element' => [
-   self::HTML_TAINT,
+   self::YES_TAINT,
self::NO_TAINT,
self::NO_TAINT,
'overall' => self::NO_TAINT

-- 
To view, visit https://gerrit.wikimedia.org/r/397587
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I88df9274a1b3554d3113374d42131fdf5117c180
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/tools/phan/SecurityCheckPlugin
Gerrit-Branch: master
Gerrit-Owner: Brian Wolff 
Gerrit-Reviewer: Brian Wolff 
Gerrit-Reviewer: jenkins-bot <>

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] mediawiki...SecurityCheckPlugin[master]: Html escaping functions shouldn't clear non-html taint

[Brian Wolff (Code Review)]

Brian Wolff has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/397587 )

Change subject: Html escaping functions shouldn't clear non-html taint
..

Html escaping functions shouldn't clear non-html taint

Change-Id: I88df9274a1b3554d3113374d42131fdf5117c180
---
M MediaWikiSecurityCheckPlugin.php
1 file changed, 6 insertions(+), 6 deletions(-)


  git pull 
ssh://gerrit.wikimedia.org:29418/mediawiki/tools/phan/SecurityCheckPlugin 
refs/changes/87/397587/1

diff --git a/MediaWikiSecurityCheckPlugin.php b/MediaWikiSecurityCheckPlugin.php
index 37a682c..f9c8198 100644
--- a/MediaWikiSecurityCheckPlugin.php
+++ b/MediaWikiSecurityCheckPlugin.php
@@ -373,25 +373,25 @@
'overall' => self::YES_TAINT
],
'\Html::rawElement' => [
-   self::HTML_TAINT,
+   self::YES_TAINT,
self::NO_TAINT,
-   self::HTML_TAINT,
+   self::YES_TAINT,
'overall' => self::NO_TAINT
],
'\Html::element' => [
-   self::HTML_TAINT,
+   self::YES_TAINT,
self::NO_TAINT,
self::NO_TAINT,
'overall' => self::NO_TAINT
],
'\Xml::tags' => [
-   self::HTML_TAINT,
+   self::YES_TAINT,
self::NO_TAINT,
-   self::HTML_TAINT,
+   self::YES_TAINT,
'overall' => self::NO_TAINT
],
'\Xml::element' => [
-   self::HTML_TAINT,
+   self::YES_TAINT,
self::NO_TAINT,
self::NO_TAINT,
'overall' => self::NO_TAINT

-- 
To view, visit https://gerrit.wikimedia.org/r/397587
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I88df9274a1b3554d3113374d42131fdf5117c180
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/tools/phan/SecurityCheckPlugin
Gerrit-Branch: master
Gerrit-Owner: Brian Wolff 

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits