Page MenuHomePhabricator

Double escaping in RelatedSites onSidebarBeforeOutput
Closed, ResolvedPublic

Description

Relevant code:

				Html::rawElement( 'li', [ 'class' => htmlspecialchars( $url['class'] ) ],
					Html::rawElement( 'a', [ 'href' => htmlspecialchars( $url['href'] ) ],
						$url['text']
					)
				);

Attributes are automatically escaped, so they don't need to be explicitly escaped.

<checkstyle version="6.5">
  <file name="./RelatedSites.class.php">
    <error line="143" severity="warning" message="Calling method \Html::rawElement() in \RelatedSites::onSidebarBeforeOutput that outputs using tainted argument $[arg #2]." source="SecurityCheck-DoubleEscaped"/>
    <error line="144" severity="warning" message="Calling method \Html::rawElement() in \RelatedSites::onSidebarBeforeOutput that outputs using tainted argument $[arg #2]." source="SecurityCheck-DoubleEscaped"/>
    <error line="145" severity="warning" message="Calling method \Html::rawElement() in \RelatedSites::onSidebarBeforeOutput that outputs using tainted argument $[arg #2]." source="SecurityCheck-DoubleEscaped"/>
  </file>
</checkstyle>

Event Timeline

Legoktm triaged this task as Low priority.Aug 2 2018, 9:36 PM
Legoktm created this task.
Restricted Application added a project: Community-Tech. · View Herald TranscriptAug 2 2018, 9:36 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Change 451862 had a related patch set uploaded (by Krinkle; owner: Umherirrender):
[mediawiki/extensions/RelatedSites@master] Remove htmlspecialchars from html attributes

https://gerrit.wikimedia.org/r/451862

Legoktm closed this task as Resolved.Aug 11 2018, 12:51 AM
Legoktm assigned this task to Umherirrender.

Change 451862 merged by jenkins-bot:
[mediawiki/extensions/RelatedSites@master] Remove htmlspecialchars from html attributes

https://gerrit.wikimedia.org/r/451862