"Wikinaut" posted a comment on MediaWiki.r111313. URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/111313#c30851
Commit summary for MediaWiki.r111313: follow-up r111286 . changed attribute names pad-id to id, pad-url to src. Using Sanitizer to sanitize width, height, id, src attributes when composing the iframe. The other boolean attributes are sanitized manually Wikinaut's comment: In r111313 I fixed (I think) all of the issues mentioned in r111263 . Let me explain here again: 1. I changed the attribute names from pad-id => id and pad-url => src. This allows to treat (id, src, height, width) as standard attributes and to use $sanitizedAttributes = Sanitizer::validateAttributes( $args, array ( "width", "height", "id", "src" ) ); for this, and then to use $santizedAttributes['src'] for example. 2. The boolean parameters are manually checked. Please have a look to r111313 . Documentation https://www.mediawiki.org/wiki/Extension:EtherpadLite has been updated as well. _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
