"Tim Starling" posted a comment on MediaWiki.r110900. URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/110900#c30576
Commit summary for MediaWiki.r110900: Revert r110321: introduces an XSS vulnerability because FormatJson::encode() does not prevent the termination of CDATA sections when JavaScript is embedded in HTML. Tim Starling's comment: Actually there is a difference between \x3c and \u003c: \x3c is not allowed in JSON, although it is allowed in JavaScript. Neither json_decode() nor Services_JSON::decode() recognises \x3c. _______________________________________________ MediaWiki-CodeReview mailing list mediawiki-coderev...@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
