Page MenuHomePhabricator
Create Task
Maniphest T103633

Ex:WikibaseQualityExternalValidation - SpecialExternalDbs escape or don't use raw cells
Closed, ResolvedPublic
Actions

Description

Lines 170-175, you have raw html for all of the HtmlTableCellBuilders, when it's clearly not needed.

Except for $sourceUrl (since Linker::makeExternalLink is safe for the way you're using it), for each line, the escaping needs to be clear.

Related Objects
Search...

Event Timeline

csteipp created this task.Jun 24 2015, 12:48 AM
csteipp claimed this task.
csteipp raised the priority of this task from to Needs Triage.
csteipp updated the task description. (Show Details)
csteipp added projects: Wikibase-Quality, Security-Team, Wikidata, deprecated-security-team-reviews, Wikibase-Quality-External-Validation.
csteipp added subscribers: JanZerebecki, Jonaskeutel, Tamslo and 5 others.
gerritbot subscribed.Jun 24 2015, 9:33 AM

Change 220431 had a related patch set uploaded (by Soeren.oldag):
Corrected escaping in SpecialExternalDbs (T103633).

https://gerrit.wikimedia.org/r/220431

gerritbot added a project: Patch-For-Review.Jun 24 2015, 9:33 AM

Change 220430 had a related patch set uploaded (by Soeren.oldag):
Corrected escaping in SpecialExternalDbs (T103633).

https://gerrit.wikimedia.org/r/220430

soeren.oldag subscribed.EditedJun 24 2015, 9:36 AM

Html is also needed for $license, since the corresponding item is linked using the EntityIdHtmlLinkFormatter.

gerritbot added a comment.Jun 24 2015, 9:55 AM

Change 220430 merged by Dominic.sauer:
Corrected escaping in SpecialExternalDbs (T103633).

https://gerrit.wikimedia.org/r/220430

soeren.oldag closed this task as Resolved.Jun 24 2015, 9:56 AM
soeren.oldag set Security to None.
gerritbot added a comment.Jun 24 2015, 10:07 AM

Change 220431 merged by Soeren.oldag:
Corrected escaping in SpecialExternalDbs (T103633).

https://gerrit.wikimedia.org/r/220431

Liuxinyu970226 unsubscribed.Jun 24 2015, 11:03 AM
sbassett moved this task from Incoming to Done on the deprecated-security-team-reviews board.Apr 24 2019, 6:36 PM
sbassett moved this task from Incoming to Our Part Is Done on the Security-Team board.Jun 11 2019, 7:19 PM
chasemp removed a project: deprecated-security-team-reviews.Jan 8 2020, 4:13 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL