0001-SECURITY-Sanitize-data-attributes.patch
Lucas_Werkmeister_WMDE (Lucas Werkmeister (WMDE))
Actions

Authored By

	Lucas_Werkmeister_WMDE
	Aug 4 2025, 3:14 PM

Size

1 KB

Referenced Files

None

Subscribers

None

0001-SECURITY-Sanitize-data-attributes.patch
View Options

	From 7ab02540008465472453d9bb1fd8df779ab94661 Mon Sep 17 00:00:00 2001
	From: "C. Scott Ananian" <cscott@cscott.net>
	Date: Mon, 4 Aug 2025 17:12:24 +0200
	Subject: [PATCH] SECURITY: Sanitize data- attributes

	Bug: T401099
	Change-Id: SECURITY-I40725eb061c3ab293a9e7ddfaf4549710f444bdf
	---
	wikimedia/parsoid/src/Core/Sanitizer.php \| 5 ++++-
	1 file changed, 4 insertions(+), 1 deletion(-)

	diff --git a/wikimedia/parsoid/src/Core/Sanitizer.php b/wikimedia/parsoid/src/Core/Sanitizer.php
	index 086ac1ea98..1b823d36c7 100644
	--- a/wikimedia/parsoid/src/Core/Sanitizer.php
	+++ b/wikimedia/parsoid/src/Core/Sanitizer.php
	@@ -965,7 +965,10 @@ public static function sanitizeTagAttrs(
	# * Disallow data attributes used by MediaWiki code
	# * Ensure that the attribute is not namespaced by banning
	# colons.
	- if ( ( !preg_match( '/^data-[^:]*$/iD', $k ) && !isset( $list[$k] ) )
	+ # * Ensure attribute name will be accepted by the HTML
	+ # parser; see
	+ # https://github.com/whatwg/dom/issues/849#issuecomment-1007541209
	+ if ( ( !preg_match( '\|^data-[^:= \t\r\n/>\0]*$\|iD', $k ) && !isset( $list[$k] ) )
	\|\| self::isReservedDataAttribute( $k )
	) {
	$newAttrs[$k] = [ null, $origV, $origK ];
	--
	2.50.1