https://bugzilla.wikimedia.org/show_bug.cgi?id=22037
--- Comment #2 from Jack D. Pond <jack.p...@psitex.com> 2010-01-07 17:09:47 UTC --- Other factors for consideration: 1. During the development, realized that parameters passed to query, were not being forwarded in the "...further results" link. This can cause problems. Should this be addressed on a more generic basis, e.g., automatically forward ALL params for all format= types? 2. There were several XSS/Injection vectors in this code, that I think I closed. Should a more thorough review be done? 3. In the custom SMWResultPrinter (SMWTableResultPrinter) one of the initiating parameters is $outputmode, which in Special:Ask is set to SMW_OUTPUT_HTML. To allow wiki syntax templates, I overrode this requested format by setting $this->isHTML to false when a template is used, which seems to work fine and re-parses for wiki code. Note: Without one or both of the template parameters, the returned result is HTML and no re-parsing is set or done. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
