r107074 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r107073‎ \| r107074 \| r107075 >
Date:	16:14, 22 December 2011
Author:	hashar
Status:	reverted (Comments)
Tags:
Comment:	make sure the line ID is an integer before injecting it Might prevents a CSS attack of some sort. I am not an expert on this topic. That follow up Tim CR on r95690.
Modified paths:	/trunk/extensions/CodeReview/modules/ext.codereview.linecomment.js (modified) (history)

Diff [purge]

Index: trunk/extensions/CodeReview/modules/ext.codereview.linecomment.js
—	—	@@ -17,7 +17,10 @@
18	18	* @param lineCode jQuery object
19	19	*/
20	20	lcShowForm: function( lineCode ) {
21		~~- var htmlId = 'comment-for-' + lineCode.attr('id');~~
	21	+ // Make sure the line id is an integer:
	22	+ var lineNumber = parseInt( lineCode.attr('id') ) + 0;
	23	+ // Forge the line comment HTML id:
	24	+ var htmlId = 'comment-for-' + lineNumber;
22	25
23	26	lineCode.unbind( 'click' );
24	27	lineCode.click( function () {

Follow-up revisions

Revision	Commit summary	Author	Date
r108350	Reverting inline commenting from CodeReview...	johnduhart	06:55, 8 January 2012

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r95680	(bug 30617) inline comments forms cannot be closed...	hashar	17:31, 29 August 2011

Comments

#Comment by Hashar (talk | contribs) 16:23, 22 December 2011

It follow up r95680 (eighty, not ninety).

Status & tagging log

08:37, 18 January 2012 Siebrand (talk | contribs) changed the tags for r107074 [removed: codereview]
06:57, 8 January 2012 Johnduhart (talk | contribs) changed the status of r107074 [removed: new added: reverted]
03:11, 23 December 2011 RobLa-WMF (talk | contribs) changed the tags for r107074 [added: codereview]