Page MenuHomePhabricator
Files F36934361

0001-SECURITY-Escape-user-agent-before-showing-in-Special.patch
Lucas_Werkmeister_WMDE (Lucas Werkmeister (WMDE))
Actions

Authored By
Lucas_Werkmeister_WMDE
Mar 30 2023, 2:58 PM
Size
1 KB
Referenced Files
None
Subscribers
None

0001-SECURITY-Escape-user-agent-before-showing-in-Special.patch
View Options

From 04665e9646a241d36603efbfbc049d8fb6b5eac6 Mon Sep 17 00:00:00 2001
From: Dreamy Jazz <dreamyjazzwikipedia@gmail.com>
Date: Thu, 30 Mar 2023 15:46:41 +0100
Subject: [PATCH] SECURITY: Escape user agent before showing in
SpecialCheckUser get edits mode
HTML escape the user agent before showing it in Special:CheckUser's
'get edits' mode.
Bug: T333569
Change-Id: I2afeeff67d6e16bf63f7f29d4c34805bfc62eac5
---
templates/GetEditsLine.mustache | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/GetEditsLine.mustache b/templates/GetEditsLine.mustache
index ebc6dc815f..7da2514b16 100644
--- a/templates/GetEditsLine.mustache
+++ b/templates/GetEditsLine.mustache
@@ -15,6 +15,6 @@
<div class="mw-checkuser-indented"><small>
<strong>IP</strong>: <span class="mw-checkuser-ip">{{{ipLink}}}</span>{{#xff}}&#160;&#160;
<strong>XFF</strong>: <span class="mw-checkuser-xff{{#xffTrusted}} mw-checkuser-xff-trusted{{/xffTrusted}}">{{{ . }}}</span>{{/xff}}
- &#160;&#160;<span class="mw-checkuser-agent">{{{userAgent}}}</span>
+ &#160;&#160;<span class="mw-checkuser-agent">{{userAgent}}</span>
</small></div>
</li>
--
2.37.2

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
10787909
Default Alt Text
0001-SECURITY-Escape-user-agent-before-showing-in-Special.patch (1 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits