r111639 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r111638‎ \| r111639 \| r111640 >
Date:	13:57, 16 February 2012
Author:	gwicke
Status:	deferred
Tags:
Comment:	Reject match for invalid urlencoded code points.
Modified paths:	/trunk/extensions/VisualEditor/modules/parser/ext.core.ParserFunctions.js (modified) (history) /trunk/extensions/VisualEditor/modules/parser/pegTokenizer.pegjs.txt (modified) (history)

Diff [purge]

Index: trunk/extensions/VisualEditor/modules/parser/ext.core.ParserFunctions.js
—	—	@@ -142,6 +142,7 @@
143	143	};
144	144
145	145	// Simulates PHP's date function
	146	+// XXX: don't patch Date.prototype?
146	147	Date.prototype.format = function(format) {
147	148	var returnStr = '';
148	149	var replace = Date.replaceChars;
Index: trunk/extensions/VisualEditor/modules/parser/pegTokenizer.pegjs.txt
—	—	@@ -788,7 +788,13 @@
789	789
790	790
791	791	urlencoded_char = "%" c0:[0-9a-fA-F] c1:[0-9a-fA-F] {
792		~~- return decodeURI("%" + c0 + c1)~~
	792	+ try {
	793	+ return decodeURI("%" + c0 + c1)
	794	+ } catch ( e ) {
	795	+ // Reject the match, and allow other fall-back productions to have a
	796	+ // go at it.
	797	+ return null;
	798	+ }
793	799	}
794	800
795	801	//[^][<>"\\x00-\\x20\\x7F\p{Zs}]

14:06, 16 February 2012 GWicke (talk | contribs) changed the status of r111639 [removed: new added: deferred]