"Tim Starling" changed the status of MediaWiki.r110871 to "fixme" and commented it. URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/110871#c30686
Old Status: ok > New Status: fixme Commit summary for MediaWiki.r110871: simplify FileCacheBase::fetchText Implements a proposal by Tim on r98405 CR Tim Starling's comment: Calling gzopen() on a plain text file seems rather scary to me, since with the resource loader, the user-supplied input can start from the first character, and there's no obvious reason why a malicious user couldn't supply a string starting with the GZIP magic signature. _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
