Page MenuHomePhabricator
Files F3939586

T110143-scribunto-REL1_23b.patch
csteipp (Chris Steipp)
Actions

Authored By
csteipp
Apr 27 2016, 6:49 PM
Size
5 KB
Referenced Files
None
Subscribers
None

T110143-scribunto-REL1_23b.patch
View Options

From ec4d38b3f90211a9224d2ce58170ae2822b8e773 Mon Sep 17 00:00:00 2001
From: Brad Jorsch <bjorsch@wikimedia.org>
Date: Mon, 14 Mar 2016 11:48:20 -0400
Subject: [PATCH] SECURITY: Don't escape strip markers when escaping attributes
in mw.html
Core strip markers were changed in T110143 to include characters that
are normally encoded in attributes, however we want to pass them through
here so they can be unstripped correctly in the output wikitext.
This fix makes "Strip markers in CSS" parser test pass again.
Change-Id: I1353931a53c668d8a453dfa2300a99f59fdb01c5
---
engines/LuaCommon/HtmlLibrary.php | 8 ++++++-
engines/LuaCommon/lualib/mw.html.lua | 34 +++++++++++++++++++++-------
tests/engines/LuaCommon/HtmlLibraryTest.php | 14 ++++++++++++
tests/engines/LuaCommon/HtmlLibraryTests.lua | 12 ++++++++++
4 files changed, 59 insertions(+), 9 deletions(-)
diff --git a/engines/LuaCommon/HtmlLibrary.php b/engines/LuaCommon/HtmlLibrary.php
index 50fe15e..e5b4aa9 100644
--- a/engines/LuaCommon/HtmlLibrary.php
+++ b/engines/LuaCommon/HtmlLibrary.php
@@ -2,6 +2,12 @@
class Scribunto_LuaHtmlLibrary extends Scribunto_LuaLibraryBase {
function register() {
- $this->getEngine()->registerInterface( 'mw.html.lua', array() );
+ $this->getEngine()->registerInterface( 'mw.html.lua', array(), array(
+ // Prior to 1.26, the Parser sets its prefix as,
+ // $this->mUniqPrefix = "\x7f'\"`UNIQ" . self::getRandomString()
+ // random part should be hex chars, so we only need the first part here
+ 'uniqPrefix' => "\x7f'\"`UNIQ",
+ 'uniqSuffix' => Parser::MARKER_SUFFIX,
+ ) );
}
}
diff --git a/engines/LuaCommon/lualib/mw.html.lua b/engines/LuaCommon/lualib/mw.html.lua
index 68e2f17..211e186 100644
--- a/engines/LuaCommon/lualib/mw.html.lua
+++ b/engines/LuaCommon/lualib/mw.html.lua
@@ -14,6 +14,7 @@
]]
local HtmlBuilder = {}
+local options
local metatable = {}
local methodtable = {}
@@ -82,7 +83,11 @@ end
--
-- @param s
local function htmlEncode( s )
- return string.gsub( s, '[<>&"]', htmlencodeMap )
+ local tmp = string.gsub( s, '[<>&"]', htmlencodeMap );
+ -- Don't encode strip markers here (T110143)
+ tmp = string.gsub( tmp, options.encodedUniqPrefixPat, options.uniqPrefixRepl )
+ tmp = string.gsub( tmp, options.encodedUniqSuffixPat, options.uniqSuffixRepl )
+ return tmp
end
local function cssEncode( s )
@@ -365,12 +370,25 @@ function HtmlBuilder.create( tagName, args )
return builder
end
-mw_interface = nil
-
--- Register this library in the "mw" global
-mw = mw or {}
-mw.html = HtmlBuilder
-
-package.loaded['mw.html'] = HtmlBuilder
+function HtmlBuilder.setupInterface( opts )
+ -- Boilerplate
+ HtmlBuilder.setupInterface = nil
+ mw_interface = nil
+ options = opts
+
+ -- Prepare patterns for unencoding strip markers
+ options.encodedUniqPrefixPat = string.gsub( options.uniqPrefix, '[<>&"]', htmlencodeMap );
+ options.encodedUniqPrefixPat = string.gsub( options.encodedUniqPrefixPat, '%p', '%%%0' );
+ options.uniqPrefixRepl = string.gsub( options.uniqPrefix, '%%', '%%%0' );
+ options.encodedUniqSuffixPat = string.gsub( options.uniqSuffix, '[<>&"]', htmlencodeMap );
+ options.encodedUniqSuffixPat = string.gsub( options.encodedUniqSuffixPat, '%p', '%%%0' );
+ options.uniqSuffixRepl = string.gsub( options.uniqSuffix, '%%', '%%%0' );
+
+ -- Register this library in the "mw" global
+ mw = mw or {}
+ mw.html = HtmlBuilder
+
+ package.loaded['mw.html'] = HtmlBuilder
+end
return HtmlBuilder
diff --git a/tests/engines/LuaCommon/HtmlLibraryTest.php b/tests/engines/LuaCommon/HtmlLibraryTest.php
index bb027e4..775387e 100644
--- a/tests/engines/LuaCommon/HtmlLibraryTest.php
+++ b/tests/engines/LuaCommon/HtmlLibraryTest.php
@@ -3,6 +3,20 @@
class Scribunto_LuaHtmlLibraryTests extends Scribunto_LuaEngineTestBase {
protected static $moduleName = 'HtmlLibraryTests';
+ protected function setUp() {
+ parent::setUp();
+
+ // For strip marker test
+ $markers = array(
+ 'nowiki' => "\x7f'\"`UNIQ" . '-test-nowiki-' . Parser::MARKER_SUFFIX,
+ );
+ $interpreter = $this->getEngine()->getInterpreter();
+ $interpreter->callFunction(
+ $interpreter->loadString( 'mw.html.stripMarkers = ...', 'fortest' ),
+ $markers
+ );
+ }
+
function getTestModules() {
return parent::getTestModules() + array(
'HtmlLibraryTests' => __DIR__ . '/HtmlLibraryTests.lua',
diff --git a/tests/engines/LuaCommon/HtmlLibraryTests.lua b/tests/engines/LuaCommon/HtmlLibraryTests.lua
index b6deb74..3da1481 100644
--- a/tests/engines/LuaCommon/HtmlLibraryTests.lua
+++ b/tests/engines/LuaCommon/HtmlLibraryTests.lua
@@ -93,6 +93,15 @@ local function testComplex()
return builder
end
+local function testStripMarker()
+ local expect = '<div foo="' .. mw.html.stripMarkers.nowiki .. '"></div>'
+ local actual = tostring( getEmptyTestDiv():attr( 'foo', mw.html.stripMarkers.nowiki ) )
+ if actual ~= expect then
+ error( actual .. ' ~= ' .. expect )
+ end
+ return 'ok'
+end
+
-- Tests
local tests = {
-- Simple (inline) tests
@@ -289,6 +298,9 @@ local tests = {
'<hr /><div abc="def" style="width:-1px;"></div></div>'
}
},
+ { name = 'mw.html strip marker test', func = testStripMarker, type='ToString',
+ expect = { 'ok' }
+ },
}
return testframework.getTestProvider( tests )
--
2.6.6

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3682721
Default Alt Text
T110143-scribunto-REL1_23b.patch (5 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL