Page MenuHomePhabricator

Fix unsanitized message in PageTriage
Closed, ResolvedPublic


pagetriage-welcome was not escaped or sanitized, because it was using raw HTML deliberately for links. However, this meant it didn't go through the sanitizer, so admins could have added other less friendly HTML.

Event Timeline

Change 238000 had a related patch set uploaded (by Mattflaschen):
Fix unsanitized message

Mattflaschen-WMF renamed this task from Fix unescaped message in PageTriage to Fix unsanitized message in PageTriage.Sep 13 2015, 4:48 PM
Mattflaschen-WMF claimed this task.
Mattflaschen-WMF updated the task description. (Show Details)
Mattflaschen-WMF set Security to None.

Change 238000 merged by jenkins-bot:
Fix unsanitized message

Checked Special:NewPagesFeed in betalabs.