Diffusion extension-TwoColConflict 44a45653a183

Fix unescaped HTML injected into conflict resolution interface
44a45653a183Unpublished
Actions

Authored by thiemowmde on Nov 28 2018, 1:01 PM.

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

Fix unescaped HTML injected into conflict resolution interface

This was introduced via I6011fb1.

The contents of these two "reset" elements will be used when the
user clicks the reset (undo) button. The "diff" text is supposed to be
(well formed) HTML because it can contain yellow or blue diff coloring.
The user provided wikitext is already escaped in this situation.

But the $editorText contains unescaped wikitext.

When the wikitext contains valid HTML elements, these get lost in the
process, because jQuerys .text() method does not return the HTML source
for these.

When the wikitext contains unballanced HTML, it messes with the
TwocolConflict interface.

Bug: T195721
Bug: T210603
Change-Id: Ia8aa75fe5ea7af9fe6dd878a59fdf2af90926cf9

Details

Committed

thiemowmde

Nov 28 2018, 2:15 PM

Parents

rESCC06b3968d7b18: Localisation updates from https://translatewiki.net.

Branches

Unknown

Tags

Unknown

References

refs/changes/63/476263/2

ChangeId

Ia8aa75fe5ea7af9fe6dd878a59fdf2af90926cf9

Event Timeline

thiemowmde committed rESCC44a45653a183: Fix unescaped HTML injected into conflict resolution interface (authored by thiemowmde).Nov 28 2018, 2:15 PM

Changes (5)

				Path
	M			includes/SplitTwoColConflict/HtmlSplitConflictView.php
	M			tests/selenium/pageobjects/betapreferences.page.js
	M			tests/selenium/pageobjects/editconflict.page.js
	M			tests/selenium/specs/editmerge.js
	M			tests/selenium/specs/savepreviewdiff.js