[MediaWiki-commits] [Gerrit] SECURITY: Escape in Html::expandAttributes - change (mediawiki/core)
jenkins-bot has submitted this change and it was merged. Change subject: SECURITY: Escape in Html::expandAttributes .. SECURITY: Escape in Html::expandAttributes Escape characters in attributes, so we don't confuse post-processing, like LanguageConverter. Bug: T73394 Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 --- M includes/Html.php M tests/parser/parserTests.txt 2 files changed, 7 insertions(+), 4 deletions(-) Approvals: CSteipp: Looks good to me, approved jenkins-bot: Verified diff --git a/includes/Html.php b/includes/Html.php index 4b69885..effc488 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -600,17 +600,20 @@ } else { // Apparently we need to entity-encode \n, \r, \t, although the // spec doesn't mention that. Since we're doing strtr() anyway, - // and we don't need escaped here, we may as well not call - // htmlspecialchars(). + // we may as well not call htmlspecialchars(). // @todo FIXME: Verify that we actually need to // escape \n\r\t here, and explain why, exactly. # // We could call Sanitizer::encodeAttribute() for this, but we // don't because we're stubborn and like our marginal savings on // byte size from not having to encode unnecessary quotes. + // The only difference between this transform and the one by + // Sanitizer::encodeAttribute() is '' is only encoded here if + // $wgWellFormedXml is set, and ' is not encoded. $map = array( '' = 'amp;', '' = 'quot;', + '' = 'gt;', \n = '#10;', \r = '#13;', \t = '#9;' diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index 2b7f4cd..f660678 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -13901,7 +13901,7 @@ /ul /div -h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text textedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text gt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 psection 1 /p h2span class=mw-headline id=text_.3C_texttext lt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: text lt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 @@ -19608,7 +19608,7 @@ /div h2span class=mw-headline id=Hellosup class=in-h2Hello/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: Helloedit/aspan class=mw-editsection-bracket]/span/span/h2 -h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;gt;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 !! end -- To view, visit https://gerrit.wikimedia.org/r/201222 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: CSteipp cste...@wikimedia.org Gerrit-Reviewer: CSteipp cste...@wikimedia.org Gerrit-Reviewer: Cscott canan...@wikimedia.org Gerrit-Reviewer: Daniel Friesen dan...@nadir-seen-fire.com Gerrit-Reviewer: Jackmcbarn jackmcb...@gmail.com Gerrit-Reviewer: jenkins-bot ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] SECURITY: Escape in Html::expandAttributes - change (mediawiki/core)
CSteipp has uploaded a new change for review. https://gerrit.wikimedia.org/r/201222 Change subject: SECURITY: Escape in Html::expandAttributes .. SECURITY: Escape in Html::expandAttributes Escape characters in attributes, so we don't confuse post-processing, like LanguageConverter. Bug: T73394 Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 --- M includes/Html.php M tests/parser/parserTests.txt 2 files changed, 7 insertions(+), 4 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/22/201222/1 diff --git a/includes/Html.php b/includes/Html.php index 4b69885..effc488 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -600,17 +600,20 @@ } else { // Apparently we need to entity-encode \n, \r, \t, although the // spec doesn't mention that. Since we're doing strtr() anyway, - // and we don't need escaped here, we may as well not call - // htmlspecialchars(). + // we may as well not call htmlspecialchars(). // @todo FIXME: Verify that we actually need to // escape \n\r\t here, and explain why, exactly. # // We could call Sanitizer::encodeAttribute() for this, but we // don't because we're stubborn and like our marginal savings on // byte size from not having to encode unnecessary quotes. + // The only difference between this transform and the one by + // Sanitizer::encodeAttribute() is '' is only encoded here if + // $wgWellFormedXml is set, and ' is not encoded. $map = array( '' = 'amp;', '' = 'quot;', + '' = 'gt;', \n = '#10;', \r = '#13;', \t = '#9;' diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index 2b7f4cd..f660678 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -13901,7 +13901,7 @@ /ul /div -h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text textedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text gt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 psection 1 /p h2span class=mw-headline id=text_.3C_texttext lt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: text lt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 @@ -19608,7 +19608,7 @@ /div h2span class=mw-headline id=Hellosup class=in-h2Hello/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: Helloedit/aspan class=mw-editsection-bracket]/span/span/h2 -h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;gt;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 !! end -- To view, visit https://gerrit.wikimedia.org/r/201222 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: CSteipp cste...@wikimedia.org ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] SECURITY: Escape in Html::expandAttributes - change (mediawiki/core)
CSteipp has uploaded a new change for review. https://gerrit.wikimedia.org/r/201027 Change subject: SECURITY: Escape in Html::expandAttributes .. SECURITY: Escape in Html::expandAttributes Escape characters in attributes, so we don't confuse post-processing, like LanguageConverter. Bug: T73394 Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 --- M includes/Html.php M tests/parser/parserTests.txt 2 files changed, 7 insertions(+), 4 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/27/201027/1 diff --git a/includes/Html.php b/includes/Html.php index b1d4f00..ca0c76e 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -531,17 +531,20 @@ } else { // Apparently we need to entity-encode \n, \r, \t, although the // spec doesn't mention that. Since we're doing strtr() anyway, - // and we don't need escaped here, we may as well not call - // htmlspecialchars(). + // we may as well not call htmlspecialchars(). // @todo FIXME: Verify that we actually need to // escape \n\r\t here, and explain why, exactly. # // We could call Sanitizer::encodeAttribute() for this, but we // don't because we're stubborn and like our marginal savings on // byte size from not having to encode unnecessary quotes. + // The only difference between this transform and the one by + // Sanitizer::encodeAttribute() is '' is only encoded here if + // $wgWellFormedXml is set, and ' is not encoded. $map = array( '' = 'amp;', '' = 'quot;', + '' = 'gt;', \n = '#10;', \r = '#13;', \t = '#9;' diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index e8e71b8..c3e972e 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -11642,7 +11642,7 @@ /ul /div -h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text textedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text gt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 psection 1 /p h2span class=mw-headline id=text_.3C_texttext lt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: text lt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 @@ -16905,7 +16905,7 @@ /div h2span class=mw-headline id=Hellosup class=in-h2Hello/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: Helloedit/aspan class=mw-editsection-bracket]/span/span/h2 -h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;gt;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 !! end -- To view, visit https://gerrit.wikimedia.org/r/201027 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: REL1_23 Gerrit-Owner: CSteipp cste...@wikimedia.org ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] SECURITY: Escape in Html::expandAttributes - change (mediawiki/core)
CSteipp has uploaded a new change for review. https://gerrit.wikimedia.org/r/201037 Change subject: SECURITY: Escape in Html::expandAttributes .. SECURITY: Escape in Html::expandAttributes Escape characters in attributes, so we don't confuse post-processing, like LanguageConverter. Bug: T73394 Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 --- M includes/Html.php M tests/parser/parserTests.txt 2 files changed, 7 insertions(+), 4 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/37/201037/1 diff --git a/includes/Html.php b/includes/Html.php index 2187b5b..7fa901f 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -525,17 +525,20 @@ } else { # Apparently we need to entity-encode \n, \r, \t, although the # spec doesn't mention that. Since we're doing strtr() anyway, - # and we don't need escaped here, we may as well not call - # htmlspecialchars(). + # we may as well not call htmlspecialchars(). # @todo FIXME: Verify that we actually need to # escape \n\r\t here, and explain why, exactly. # # We could call Sanitizer::encodeAttribute() for this, but we # don't because we're stubborn and like our marginal savings on # byte size from not having to encode unnecessary quotes. + # The only difference between this transform and the one by + # Sanitizer::encodeAttribute() is '' is only encoded here if + # $wgWellFormedXml is set, and ' is not encoded. $map = array( '' = 'amp;', '' = 'quot;', + '' = 'gt;', \n = '#10;', \r = '#13;', \t = '#9;' diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index c833ef0..22fe118 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -4506,7 +4506,7 @@ li class=toclevel-1 tocsection-5a href=#text_.22_textspan class=tocnumber5/span span class=toctexttext text/span/a/li /ul /td/tr/table -h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text textedit/a]/span span class=mw-headline id=text_.3E_text text gt; text /span/h2 +h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text gt; textedit/a]/span span class=mw-headline id=text_.3E_text text gt; text /span/h2 psection 1 /p h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: text lt; textedit/a]/span span class=mw-headline id=text_.3C_text text lt; text /span/h2 @@ -9165,7 +9165,7 @@ /ul /td/tr/table h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: Helloedit/a]/span span class=mw-headline id=Hello sup class=in-h2Hello/sup /span/h2 -h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;Evilbyeedit/a]/span span class=mw-headline id=b.22.3EEvilbye sup bgt;Evilbye/sup /span/h2 +h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;gt;Evilbyeedit/a]/span span class=mw-headline id=b.22.3EEvilbye sup bgt;Evilbye/sup /span/h2 !! end -- To view, visit https://gerrit.wikimedia.org/r/201037 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: REL1_19 Gerrit-Owner: CSteipp cste...@wikimedia.org ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] SECURITY: Escape in Html::expandAttributes - change (mediawiki/core)
CSteipp has uploaded a new change for review. https://gerrit.wikimedia.org/r/201016 Change subject: SECURITY: Escape in Html::expandAttributes .. SECURITY: Escape in Html::expandAttributes Escape characters in attributes, so we don't confuse post-processing, like LanguageConverter. Bug: T73394 Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 --- M includes/Html.php M tests/parser/parserTests.txt 2 files changed, 7 insertions(+), 4 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/16/201016/1 diff --git a/includes/Html.php b/includes/Html.php index 1e16e39..2e14814 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -546,17 +546,20 @@ } else { // Apparently we need to entity-encode \n, \r, \t, although the // spec doesn't mention that. Since we're doing strtr() anyway, - // and we don't need escaped here, we may as well not call - // htmlspecialchars(). + // we may as well not call htmlspecialchars(). // @todo FIXME: Verify that we actually need to // escape \n\r\t here, and explain why, exactly. # // We could call Sanitizer::encodeAttribute() for this, but we // don't because we're stubborn and like our marginal savings on // byte size from not having to encode unnecessary quotes. + // The only difference between this transform and the one by + // Sanitizer::encodeAttribute() is '' is only encoded here if + // $wgWellFormedXml is set, and ' is not encoded. $map = array( '' = 'amp;', '' = 'quot;', + '' = 'gt;', \n = '#10;', \r = '#13;', \t = '#9;' diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index c90c4f6..f915922 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -12944,7 +12944,7 @@ /ul /div -h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text textedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text gt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 psection 1 /p h2span class=mw-headline id=text_.3C_texttext lt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: text lt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 @@ -18472,7 +18472,7 @@ /div h2span class=mw-headline id=Hellosup class=in-h2Hello/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: Helloedit/aspan class=mw-editsection-bracket]/span/span/h2 -h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;gt;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 !! end -- To view, visit https://gerrit.wikimedia.org/r/201016 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: REL1_24 Gerrit-Owner: CSteipp cste...@wikimedia.org ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] SECURITY: Escape in Html::expandAttributes - change (mediawiki/core)
jenkins-bot has submitted this change and it was merged. Change subject: SECURITY: Escape in Html::expandAttributes .. SECURITY: Escape in Html::expandAttributes Escape characters in attributes, so we don't confuse post-processing, like LanguageConverter. Bug: T73394 Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 --- M includes/Html.php M tests/parser/parserTests.txt 2 files changed, 7 insertions(+), 4 deletions(-) Approvals: CSteipp: Looks good to me, approved jenkins-bot: Verified diff --git a/includes/Html.php b/includes/Html.php index 2187b5b..7fa901f 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -525,17 +525,20 @@ } else { # Apparently we need to entity-encode \n, \r, \t, although the # spec doesn't mention that. Since we're doing strtr() anyway, - # and we don't need escaped here, we may as well not call - # htmlspecialchars(). + # we may as well not call htmlspecialchars(). # @todo FIXME: Verify that we actually need to # escape \n\r\t here, and explain why, exactly. # # We could call Sanitizer::encodeAttribute() for this, but we # don't because we're stubborn and like our marginal savings on # byte size from not having to encode unnecessary quotes. + # The only difference between this transform and the one by + # Sanitizer::encodeAttribute() is '' is only encoded here if + # $wgWellFormedXml is set, and ' is not encoded. $map = array( '' = 'amp;', '' = 'quot;', + '' = 'gt;', \n = '#10;', \r = '#13;', \t = '#9;' diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index c833ef0..22fe118 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -4506,7 +4506,7 @@ li class=toclevel-1 tocsection-5a href=#text_.22_textspan class=tocnumber5/span span class=toctexttext text/span/a/li /ul /td/tr/table -h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text textedit/a]/span span class=mw-headline id=text_.3E_text text gt; text /span/h2 +h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text gt; textedit/a]/span span class=mw-headline id=text_.3E_text text gt; text /span/h2 psection 1 /p h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: text lt; textedit/a]/span span class=mw-headline id=text_.3C_text text lt; text /span/h2 @@ -9165,7 +9165,7 @@ /ul /td/tr/table h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: Helloedit/a]/span span class=mw-headline id=Hello sup class=in-h2Hello/sup /span/h2 -h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;Evilbyeedit/a]/span span class=mw-headline id=b.22.3EEvilbye sup bgt;Evilbye/sup /span/h2 +h2span class=editsection[a href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;gt;Evilbyeedit/a]/span span class=mw-headline id=b.22.3EEvilbye sup bgt;Evilbye/sup /span/h2 !! end -- To view, visit https://gerrit.wikimedia.org/r/201037 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: REL1_19 Gerrit-Owner: CSteipp cste...@wikimedia.org Gerrit-Reviewer: CSteipp cste...@wikimedia.org Gerrit-Reviewer: Cscott canan...@wikimedia.org Gerrit-Reviewer: Daniel Friesen dan...@nadir-seen-fire.com Gerrit-Reviewer: Jackmcbarn jackmcb...@gmail.com Gerrit-Reviewer: jenkins-bot ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] SECURITY: Escape in Html::expandAttributes - change (mediawiki/core)
jenkins-bot has submitted this change and it was merged. Change subject: SECURITY: Escape in Html::expandAttributes .. SECURITY: Escape in Html::expandAttributes Escape characters in attributes, so we don't confuse post-processing, like LanguageConverter. Bug: T73394 Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 --- M includes/Html.php M tests/parser/parserTests.txt 2 files changed, 7 insertions(+), 4 deletions(-) Approvals: CSteipp: Looks good to me, approved jenkins-bot: Verified diff --git a/includes/Html.php b/includes/Html.php index 1e16e39..2e14814 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -546,17 +546,20 @@ } else { // Apparently we need to entity-encode \n, \r, \t, although the // spec doesn't mention that. Since we're doing strtr() anyway, - // and we don't need escaped here, we may as well not call - // htmlspecialchars(). + // we may as well not call htmlspecialchars(). // @todo FIXME: Verify that we actually need to // escape \n\r\t here, and explain why, exactly. # // We could call Sanitizer::encodeAttribute() for this, but we // don't because we're stubborn and like our marginal savings on // byte size from not having to encode unnecessary quotes. + // The only difference between this transform and the one by + // Sanitizer::encodeAttribute() is '' is only encoded here if + // $wgWellFormedXml is set, and ' is not encoded. $map = array( '' = 'amp;', '' = 'quot;', + '' = 'gt;', \n = '#10;', \r = '#13;', \t = '#9;' diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index c90c4f6..f915922 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -12944,7 +12944,7 @@ /ul /div -h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text textedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text gt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 psection 1 /p h2span class=mw-headline id=text_.3C_texttext lt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: text lt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 @@ -18472,7 +18472,7 @@ /div h2span class=mw-headline id=Hellosup class=in-h2Hello/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: Helloedit/aspan class=mw-editsection-bracket]/span/span/h2 -h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;gt;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 !! end -- To view, visit https://gerrit.wikimedia.org/r/201016 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: REL1_24 Gerrit-Owner: CSteipp cste...@wikimedia.org Gerrit-Reviewer: CSteipp cste...@wikimedia.org Gerrit-Reviewer: jenkins-bot ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] SECURITY: Escape in Html::expandAttributes - change (mediawiki/core)
jenkins-bot has submitted this change and it was merged. Change subject: SECURITY: Escape in Html::expandAttributes .. SECURITY: Escape in Html::expandAttributes Escape characters in attributes, so we don't confuse post-processing, like LanguageConverter. Bug: T73394 Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 --- M includes/Html.php M tests/parser/parserTests.txt 2 files changed, 7 insertions(+), 4 deletions(-) Approvals: CSteipp: Looks good to me, approved jenkins-bot: Verified diff --git a/includes/Html.php b/includes/Html.php index b1d4f00..ca0c76e 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -531,17 +531,20 @@ } else { // Apparently we need to entity-encode \n, \r, \t, although the // spec doesn't mention that. Since we're doing strtr() anyway, - // and we don't need escaped here, we may as well not call - // htmlspecialchars(). + // we may as well not call htmlspecialchars(). // @todo FIXME: Verify that we actually need to // escape \n\r\t here, and explain why, exactly. # // We could call Sanitizer::encodeAttribute() for this, but we // don't because we're stubborn and like our marginal savings on // byte size from not having to encode unnecessary quotes. + // The only difference between this transform and the one by + // Sanitizer::encodeAttribute() is '' is only encoded here if + // $wgWellFormedXml is set, and ' is not encoded. $map = array( '' = 'amp;', '' = 'quot;', + '' = 'gt;', \n = '#10;', \r = '#13;', \t = '#9;' diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt index e8e71b8..c3e972e 100644 --- a/tests/parser/parserTests.txt +++ b/tests/parser/parserTests.txt @@ -11642,7 +11642,7 @@ /ul /div -h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text textedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=text_.3E_texttext gt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: text gt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 psection 1 /p h2span class=mw-headline id=text_.3C_texttext lt; text/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: text lt; textedit/aspan class=mw-editsection-bracket]/span/span/h2 @@ -16905,7 +16905,7 @@ /div h2span class=mw-headline id=Hellosup class=in-h2Hello/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=1 title=Edit section: Helloedit/aspan class=mw-editsection-bracket]/span/span/h2 -h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 +h2span class=mw-headline id=b.22.3EEvilbyesup bgt;Evilbye/sup/spanspan class=mw-editsectionspan class=mw-editsection-bracket[/spana href=/index.php?title=Parser_testamp;action=editamp;section=2 title=Edit section: bquot;gt;Evilbyeedit/aspan class=mw-editsection-bracket]/span/span/h2 !! end -- To view, visit https://gerrit.wikimedia.org/r/201027 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: REL1_23 Gerrit-Owner: CSteipp cste...@wikimedia.org Gerrit-Reviewer: CSteipp cste...@wikimedia.org Gerrit-Reviewer: Cscott canan...@wikimedia.org Gerrit-Reviewer: Daniel Friesen dan...@nadir-seen-fire.com Gerrit-Reviewer: Jackmcbarn jackmcb...@gmail.com Gerrit-Reviewer: jenkins-bot ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits