Page MenuHomePhabricator
Create Task
Maniphest T112469

Fix unsanitized message in PageTriage
Closed, ResolvedPublic
Actions

Description

pagetriage-welcome was not escaped or sanitized, because it was using raw HTML deliberately for links. However, this meant it didn't go through the sanitizer, so admins could have added other less friendly HTML.

Details

ProjectBranchLines +/-Subject
mediawiki/extensions/PageTriagemaster+31 -30Fix unsanitized message
Customize query in gerrit

Related Objects
Search...

Event Timeline

Mattflaschen-WMF created this task.Sep 13 2015, 4:18 PM
Mattflaschen-WMF raised the priority of this task from to Medium.
Mattflaschen-WMF updated the task description. (Show Details)
Mattflaschen-WMF added projects: PageTriage, MediaWiki-Internationalization, I18n, Collaboration-Team-Archive-2015-2016.
Mattflaschen-WMF added subscribers: Matanya, Steinsplitter, Yaron_Koren and 8 others.
gerritbot added a comment.Sep 13 2015, 4:48 PM

Change 238000 had a related patch set uploaded (by Mattflaschen):
Fix unsanitized message

https://gerrit.wikimedia.org/r/238000

gerritbot added a project: Patch-For-Review.Sep 13 2015, 4:48 PM
Mattflaschen-WMF renamed this task from Fix unescaped message in PageTriage to Fix unsanitized message in PageTriage.Sep 13 2015, 4:48 PM
Mattflaschen-WMF claimed this task.
Mattflaschen-WMF mentioned this in T85864: Special pages, actions and views whose messages don't escape text.
Mattflaschen-WMF moved this task from Untriaged to Needs Review on the Collaboration-Team-Archive-2015-2016 board.
Mattflaschen-WMF updated the task description. (Show Details)
Mattflaschen-WMF set Security to None.
gerritbot added a comment.Sep 13 2015, 7:40 PM

Change 238000 merged by jenkins-bot:
Fix unsanitized message

https://gerrit.wikimedia.org/r/238000

Mattflaschen-WMF mentioned this in rMEXT62af7589eda6: Updated mediawiki/extensions Project: mediawiki/extensions/PageTriage….Sep 13 2015, 7:40 PM
Mattflaschen-WMF mentioned this in rEPTR62c9fe5c83ff: Fix unsanitized message.
ReleaseTaggerBot added a project: WMF-deploy-2015-09-15_(1.26wmf23).Sep 13 2015, 8:00 PM
SBisson moved this task from Needs Review to QA Review on the Collaboration-Team-Archive-2015-2016 board.Sep 14 2015, 2:45 PM
DannyH added a project: Maintenance-Worktype.Sep 14 2015, 10:48 PM
Nemo_bis closed this task as Resolved.Sep 17 2015, 6:42 AM
Nemo_bis removed a project: MediaWiki-Internationalization.
Etonkovidova added a subscriber: Etonkovidova.Sep 17 2015, 5:32 PM

Checked Special:NewPagesFeed in betalabs.

Etonkovidova moved this task from QA Review to Product Review on the Collaboration-Team-Archive-2015-2016 board.Sep 17 2015, 5:33 PM
Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL