r55433 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r55432‎ \| r55433 \| r55434 >
Date:	20:39, 21 August 2009
Author:	simetrical
Status:	ok (Comments)
Tags:
Comment:	Switch from Xml:: to Html:: in a few places These should all theoretically be covered by the parser tests. All tests pass, the only change needed was to account for less overescaping in Html::expandAttributes(). There's no reason to escape <>' in "-quoted attributes, unless I'm mistaken and have just added some XSS.
Modified paths:	/trunk/phase3/includes/Linker.php (modified) (history) /trunk/phase3/includes/parser/DateFormatter.php (modified) (history) /trunk/phase3/maintenance/parserTests.txt (modified) (history)

Diff [purge]

Index: trunk/phase3/maintenance/parserTests.txt
—	—	@@ -1467,7 +1467,7 @@
1468	1468	!! input
1469	1469	[[%3c%23]][[%3e%23]]
1470	1470	!! result
1471		~~-<p>[[%3c%23]]<a href="https://www.mediawiki.org/index.php?title=%3E&action=edit&redlink=1" class="new" title="> (page does not exist)">>#</a>~~
	1471	+<p>[[%3c%23]]<a href="https://www.mediawiki.org/index.php?title=%3E&action=edit&redlink=1" class="new" title="> (page does not exist)">>#</a>
1472	1472	</p>
1473	1473	!! end
1474	1474
—	—	@@ -3502,7 +3502,7 @@
3503	3503	!! input
3504	3504	[[:Category:MediaWiki User's Guide]]
3505	3505	!! result
3506		~~-<p><a href="https://www.mediawiki.org/wiki/Category:MediaWiki_User%27s_Guide" title="Category:MediaWiki User's Guide">Category:MediaWiki User's Guide</a>~~
	3506	+<p><a href="https://www.mediawiki.org/wiki/Category:MediaWiki_User%27s_Guide" title="Category:MediaWiki User's Guide">Category:MediaWiki User's Guide</a>
3507	3507	</p>
3508	3508	!! end
3509	3509
—	—	@@ -3513,7 +3513,7 @@
3514	3514	!! input
3515	3515	[[Category:MediaWiki User's Guide]]
3516	3516	!! result
3517		~~-<a href="https://www.mediawiki.org/wiki/Category:MediaWiki_User%27s_Guide" title="Category:MediaWiki User's Guide">MediaWiki User's Guide</a>~~
	3517	+<a href="https://www.mediawiki.org/wiki/Category:MediaWiki_User%27s_Guide" title="Category:MediaWiki User's Guide">MediaWiki User's Guide</a>
3518	3518	!! end
3519	3519
3520	3520	!! test
—	—	@@ -6820,7 +6820,7 @@
6821	6821	!! input
6822	6822	[[:Category:МедиаWики Усер'с Гуиде]]
6823	6823	!! result
6824		~~-<a href="https://www.mediawiki.org/wiki/Category:MediaWiki_User%27s_Guide" title="Category:MediaWiki User's Guide">MediaWiki User's Guide</a>~~
	6824	+<a href="https://www.mediawiki.org/wiki/Category:MediaWiki_User%27s_Guide" title="Category:MediaWiki User's Guide">MediaWiki User's Guide</a>
6825	6825	!! end
6826	6826
6827	6827
Index: trunk/phase3/includes/parser/DateFormatter.php
—	—	@@ -268,7 +268,7 @@
269	269	$isoDate = implode( '-', $isoBits );;
270	270
271	271	// Output is not strictly HTML (it's wikitext), but <span> is whitelisted.
272		~~- $text = Xml::tags( 'span',~~
	272	+ $text = Html::rawElement( 'span',
273	273	array( 'class' => 'mw-formatted-date', 'title' => $isoDate ), $text );
274	274
275	275	return $text;
Index: trunk/phase3/includes/Linker.php
—	—	@@ -206,7 +206,7 @@
207	207
208	208	$ret = null;
209	209	if( wfRunHooks( 'LinkEnd', array( $this, $target, $options, &$text, &$attribs, &$ret ) ) ) {
210		~~- $ret = Xml::openElement( 'a', $attribs ) . $text . Xml::closeElement( 'a' );~~
	210	+ $ret = Html::rawElement( 'a', $attribs, $text );
211	211	}
212	212
213	213	wfProfileOut( __METHOD__ );
—	—	@@ -382,7 +382,7 @@
383	383	wfDebug("Hook LinkerMakeExternalImage changed the output of external image with url {$url} and alt text {$alt} to {$img}\n", true);
384	384	return $img;
385	385	}
386		~~- return Xml::element( 'img',~~
	386	+ return Html::element( 'img',
387	387	array(
388	388	'src' => $url,
389	389	'alt' => $alt ) );
—	—	@@ -753,7 +753,7 @@
754	754	return $link;
755	755	}
756	756	if ( $attribs ) {
757		~~- $attribsText .= Xml::expandAttributes( $attribs );~~
	757	+ $attribsText .= Html::expandAttributes( $attribs );
758	758	}
759	759	return '<a href="'.$url.'"'.$attribsText.'>'.$text.'</a>';
760	760	}

Comments

#Comment by Brion VIBBER (talk | contribs) 00:08, 10 September 2009

This actually might be a problem depending on the order of expansion of markup; we go to some effort to ensure that wiki-markup in your attributes isn't going to get expanded in the middle of something with these pre-escapes. Can you add a test case to confirm there's no problem with such a case?

#Comment by Simetrical (talk | contribs) 16:23, 10 September 2009

Could you clarify what kind of markup might be a problem? I'm not understanding your explanation.

#Comment by Brion VIBBER (talk | contribs) 19:28, 30 September 2009

Multiple passes of various expansion in the parser. We want to make sure anything we output at an intermediate stage is armored against further parsing, so meta-chars like ', [], <>, {}, etc should be escaped for safety. See examples in Sanitizer::safeEncodeAttribute...

But looking in more detail it looks like we already weren't using that from Xml:: class (just from things we normalize from within wikitext) so if it was safe before it's as safe now. Removing fixme marker.

Status & tagging log

19:28, 30 September 2009 Brion VIBBER (talk | contribs) changed the status of r55433 [removed: fixme added: ok]
00:08, 10 September 2009 Brion VIBBER (talk | contribs) changed the status of r55433 [removed: new added: fixme]