[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
gerritbot added a comment. Change 221104 merged by jenkins-bot: https://phabricator.wikimedia.org/T99358 guard setting the result to a list of constant strings in ReferenceResult similar to the ComparisonResult https://gerrit.wikimedia.org/r/221104 TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp, gerritbot Cc: gerritbot, soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
gerritbot added a comment. Change 221107 merged by jenkins-bot: https://phabricator.wikimedia.org/T99358 guard setting the result to a list of constant strings in ReferenceResult similar to the ComparisonResult https://gerrit.wikimedia.org/r/221107 TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp, gerritbot Cc: gerritbot, soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
csteipp added a comment. In https://phabricator.wikimedia.org/T99358#1404599, @gerritbot wrote: https://gerrit.wikimedia.org/r/221107 That looks right. Thanks. TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp Cc: gerritbot, soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
gerritbot added a subscriber: gerritbot. gerritbot added a comment. Change 221104 had a related patch set uploaded (by Dominic.sauer): https://phabricator.wikimedia.org/T99358 guard setting the result to a list of constant strings in ReferenceResult similar to the ComparisonResult https://gerrit.wikimedia.org/r/221104 TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp, gerritbot Cc: gerritbot, soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
gerritbot added a comment. Change 221107 had a related patch set uploaded (by Dominic.sauer): https://phabricator.wikimedia.org/T99358 guard setting the result to a list of constant strings in ReferenceResult similar to the ComparisonResult https://gerrit.wikimedia.org/r/221107 TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp, gerritbot Cc: gerritbot, soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
csteipp added a comment. In ComparisonResult you guard setting the result to a list of constant strings, but in ReferenceResult that only happens on object creation. ReferenceResult should do the same as ComparisonResult. TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp Cc: soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
csteipp added a comment. In https://phabricator.wikimedia.org/T99358#1402101, @csteipp wrote: SpecialCrossCheck::buildResultTable $referenceStatus = $this-msg( wbqev-crosscheck-status- . $result-getReferenceResult()-getStatus() )-text(); Either user escaped() or don't use rawhtml in the table cell. That already got fixed. Sorry about that. TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp Cc: soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
csteipp added a comment. TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp Cc: soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T99358: Security review of Wikibase-Quality-External-Validation branch v1
csteipp added a comment. SpecialCrossCheck::buildResultTable $referenceStatus = $this-msg( wbqev-crosscheck-status- . $result-getReferenceResult()-getStatus() )-text(); Either user escaped() or don't use rawhtml in the table cell. TASK DETAIL https://phabricator.wikimedia.org/T99358 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: csteipp Cc: soeren.oldag, JanZerebecki, Jonaskeutel, Tamslo, csteipp, Andreasburmeister, Liuxinyu970226, Aklapper, Wikibase-Quality-External-Validation, Wikidata-bugs, aude, Krenair, Malyacko, P.Copp ___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
