Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F12283
bug58088.patch
Public
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
•
bzimport
Nov 22 2014, 2:25 AM
2014-11-22 02:25:04 (UTC+0)
Size
884 B
Referenced Files
None
Subscribers
None
bug58088.patch
View Options
From 5b476b6795929c5a5668922327155c31c148d6ec Mon Sep 17 00:00:00 2001
From: csteipp <csteipp@wikimedia.org>
Date: Fri, 6 Dec 2013 13:34:30 -0800
Subject: [PATCH] SECURITY: Don't normalize U+FF3C to \
Bug: 58088
Change-Id: I10bf8dbce41bd617ddf16eb5fc20af1b1cb5f201
---
includes/Sanitizer.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php
index 3384af0..92040f9 100644
--- a/includes/Sanitizer.php
+++ b/includes/Sanitizer.php
@@ -867,7 +867,7 @@ class Sanitizer {
// Normalize Halfwidth and Fullwidth Unicode block that IE6 might treat as ascii
$value = preg_replace_callback(
- '/[!-z]/u', // U+FF01 to U+FF5A
+ '/[!-[]-z]/u', // U+FF01 to U+FF5A, excluding U+FF3C (bug 58088)
function ( $matches ) {
$cp = utf8ToCodepoint( $matches[0] );
if ( $cp === false ) {
--
1.8.4
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
11739
Default Alt Text
bug58088.patch (884 B)
Attached To
Mode
T60088: [Regression] Sanitizer::checkCss blacklist can be bypassed using fullwidth backslash
Attached
Detach File
Event Timeline
Log In to Comment