HomePhabricator
Diffusion MediaWiki 9004770f60f8

SECURITY: Escape > in Html::expandAttributes
9004770f60f8
Actions

Description

SECURITY: Escape > in Html::expandAttributes

Escape > characters in attributes, so we don't confuse post-processing,
like LanguageConverter.

Bug: T73394
Change-Id: I768e2a12c7b6ba635e6c8571676b8c776b16bf72

Details

Provenance
csteippAuthored on
Parents
rMWcf580155d82e: SECURITY: Don't execute another user's CSS or JS on preview
Branches
Unknown
Tags
Unknown
ChangeId
I768e2a12c7b6ba635e6c8571676b8c776b16bf72

Changes (2)

PathSize
includes/
tests/
parser/

rMW9004770f60f8

View Options

includes/Html.php

Loading...
View Options

tests/parser/parserTests.txt

Loading...
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL