r112526 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r112525‎ \| r112526 \| r112527 >
Date:	21:52, 27 February 2012
Author:	brion
Status:	ok
Tags:
Comment:	Revert r110045: well-meaning but broken attempt to apply preemptive XSS protection on messages This caused bug 34708: broke usage examples in WikiEditor which include <a href> or <img> tags as-is, which is perfectly legit HTML.
Modified paths:	/trunk/phase3/includes/MessageBlobStore.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/MessageBlobStore.php
—	—	@@ -350,12 +350,7 @@
351	351	$messages = array();
352	352
353	353	foreach ( $module->getMessages() as $key ) {
354		~~- $messages[$key] =~~
355		~~- Sanitizer::normalizeCharReferences(~~
356		~~- Sanitizer::removeHTMLtags(~~
357		~~- wfMsgExt( $key, array( 'language' => $lang ) )~~
358		~~- )~~
359		~~- );~~
	354	+ $messages[$key] = wfMsgExt( $key, array( 'language' => $lang ) );
360	355	}
361	356
362	357	return FormatJson::encode( (object)$messages );

Follow-up revisions

Revision	Commit summary	Author	Date
r112536	MFT r112526	reedy	22:49, 27 February 2012
r112647	MFT r112384, r112400, r112408, r112451, r112456, r112474, r112526, r112533, r...	reedy	21:21, 28 February 2012

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r110045	sanitize outgoing messages	neilk	02:15, 26 January 2012

Status & tagging log

21:21, 28 February 2012 Reedy (talk | contribs) changed the tags for r112526 [removed: 1.19]
22:54, 27 February 2012 Reedy (talk | contribs) changed the tags for r112526 [removed: 1.19wmf1]
22:38, 27 February 2012 Reedy (talk | contribs) changed the status of r112526 [removed: new added: ok]
21:53, 27 February 2012 Brion VIBBER (talk | contribs) changed the tags for r112526 [added: 1.19,1.19wmf1]