r14921 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r14920‎ \| r14921 \| r14922 >
Date:	04:37, 23 June 2006
Author:	tstarling
Status:	old
Tags:
Comment:	Backported redirect validation fixes from HEAD
Modified paths:	/branches/REL1_6/phase3/includes/OutputPage.php (modified) (history) /branches/REL1_6/phase3/includes/SpecialContributions.php (modified) (history)

Diff [purge]

Index: branches/REL1_6/phase3/includes/SpecialContributions.php
—	—	@@ -186,6 +186,7 @@
187	187
188	188	$nsurl = $xnsurl = '';
189	189	if (($ns = $wgRequest->getVal('namespace', null)) !== null && $ns !== '') {
	190	+ $ns = intval( $ns );
190	191	$nsurl = '&namespace='.$ns;
191	192	$xnsurl = htmlspecialchars($nsurl);
192	193	$finder->set_namespace($ns);
Index: branches/REL1_6/phase3/includes/OutputPage.php
—	—	@@ -55,7 +55,12 @@
56	56	}
57	57
58	58	function addHeader( $name, $val ) { array_push( $this->mHeaders, $name.': '.$val ) ; }
59		~~- function redirect( $url, $responsecode = '302' ) { $this->mRedirect = $url; $this->mRedirectCode = $responsecode; }~~
	59	+
	60	+ function redirect( $url, $responsecode = '302' ) {
	61	+ # Strip newlines as a paranoia check for header injection in PHP<5.1.2
	62	+ $this->mRedirect = str_replace( "\n", '', $url );
	63	+ $this->mRedirectCode = $responsecode;
	64	+ }
60	65	function setStatusCode( $statusCode ) { $this->mStatusCode = $statusCode; }
61	66
62	67	# To add an http-equiv meta tag, precede the name with "http:"

01:58, 13 October 2010 😂 (talk | contribs) changed the status of r14921 [removed: new added: old]