https://bugzilla.wikimedia.org/show_bug.cgi?id=31719
Derk-Jan Hartman <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #4 from Derk-Jan Hartman <[email protected]> 2011-12-03 12:32:10 UTC --- Actually, to fix this, you set XMLReader::setParserProperty(XMLReader::SUBST_ENTITIES, true) Problem is however that this opens you up to entity expansion xmlbombs. I'm not sure if XmlReader sets safe limits to prevent this, an where or how those limits are set. Alternatively, i think we could just whitelist this case. Patch attached. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
