Page MenuHomePhabricator
Files F10767948

T125163-REL1_27.patch
Reedy (Sam Reed)
Actions

Authored By
Reedy
Nov 13 2017, 5:56 PM
Size
1 KB
Referenced Files
None
Subscribers
None

T125163-REL1_27.patch
View Options

From beb15431e75332abac06324f5d118399ccf7c4a4 Mon Sep 17 00:00:00 2001
From: Max Semenik <maxsem.wiki@gmail.com>
Date: Thu, 29 Jun 2017 17:13:12 -0700
Subject: [PATCH] Make anchor for headlines escape > and <
As a hardening step against language converter and its crazy regexes.
Bug: T125163
Change-Id: Id304010a0342efbb7ef2d56c5b8b244f2e4fb2c5
---
includes/Linker.php | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/includes/Linker.php b/includes/Linker.php
index 5717fba991..70488c5a9b 100644
--- a/includes/Linker.php
+++ b/includes/Linker.php
@@ -1789,22 +1789,24 @@ class Linker {
* a space and ending with '>'
* This *must* be at least '>' for no attribs
* @param string $anchor The anchor to give the headline (the bit after the #)
- * @param string $html Html for the text of the header
+ * @param string $html HTML for the text of the header
* @param string $link HTML to add for the section edit link
- * @param bool|string $legacyAnchor A second, optional anchor to give for
+ * @param string|bool $fallbackAnchor A second, optional anchor to give for
* backward compatibility (false to omit)
*
* @return string HTML headline
*/
public static function makeHeadline( $level, $attribs, $anchor, $html,
- $link, $legacyAnchor = false
+ $link, $fallbackAnchor = false
) {
+ $anchorEscaped = htmlspecialchars( $anchor );
$ret = "<h$level$attribs"
- . "<span class=\"mw-headline\" id=\"$anchor\">$html</span>"
+ . "<span class=\"mw-headline\" id=\"$anchorEscaped\">$html</span>"
. $link
. "</h$level>";
- if ( $legacyAnchor !== false ) {
- $ret = "<div id=\"$legacyAnchor\"></div>$ret";
+ if ( $fallbackAnchor !== false && $fallbackAnchor !== $anchor ) {
+ $fallbackAnchor = htmlspecialchars( $fallbackAnchor );
+ $ret = "<div id=\"$fallbackAnchor\"></div>$ret";
}
return $ret;
}
--
2.14.1

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5087872
Default Alt Text
T125163-REL1_27.patch (1 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL