Page MenuHomePhabricator

Fix unsanitized message in PageTriage
Closed, ResolvedPublic

Description

pagetriage-welcome was not escaped or sanitized, because it was using raw HTML deliberately for links. However, this meant it didn't go through the sanitizer, so admins could have added other less friendly HTML.

Event Timeline

Change 238000 had a related patch set uploaded (by Mattflaschen):
Fix unsanitized message

https://gerrit.wikimedia.org/r/238000

Mattflaschen-WMF claimed this task.
Mattflaschen-WMF renamed this task from Fix unescaped message in PageTriage to Fix unsanitized message in PageTriage.
Mattflaschen-WMF updated the task description. (Show Details)
Mattflaschen-WMF set Security to None.

Change 238000 merged by jenkins-bot:
Fix unsanitized message

https://gerrit.wikimedia.org/r/238000

Nemo_bis closed this task as Resolved.Sep 17 2015, 6:42 AM

Checked Special:NewPagesFeed in betalabs.