| Index: branches/wmf-deployment/extensions/InputBox/InputBox.classes.php |
| — | — | @@ -501,7 +501,28 @@ |
| 502 | 502 | // Validate the width; make sure it's a valid, positive integer |
| 503 | 503 | $this->mWidth = intval( $this->mWidth <= 0 ? 50 : $this->mWidth ); |
| 504 | 504 | |
| | 505 | + // Validate background color |
| | 506 | + if ( !$this->isValidColor( $this->mBGColor ) ) { |
| | 507 | + $this->mBGColor = 'transparent'; |
| | 508 | + } |
| 505 | 509 | wfProfileOut( __METHOD__ ); |
| 506 | 510 | } |
| 507 | 511 | |
| | 512 | + /** |
| | 513 | + * Do a security check on the bgcolor parameter |
| | 514 | + */ |
| | 515 | + public function isValidColor( $color ) { |
| | 516 | + $regex = <<<REGEX |
| | 517 | + /^ ( |
| | 518 | + [a-zA-Z]* | # color names |
| | 519 | + \# [0-9a-f]{3} | # short hexadecimal |
| | 520 | + \# [0-9a-f]{6} | # long hexadecimal |
| | 521 | + rgb \s* \( \s* ( |
| | 522 | + \d+ \s* , \s* \d+ \s* , \s* \d+ | # rgb integer |
| | 523 | + [0-9.]+% \s* , \s* [0-9.]+% \s* , \s* [0-9.]+% # rgb percent |
| | 524 | + ) \s* \) |
| | 525 | + ) $ /xi |
| | 526 | +REGEX; |
| | 527 | + return (bool) preg_match( $regex, $color ); |
| | 528 | + } |
| 508 | 529 | } |
| Property changes on: branches/wmf-deployment/extensions/InputBox |
| ___________________________________________________________________ |
| Name: svn:mergeinfo |
| 509 | 530 | - /branches/REL1_15/phase3/extensions/InputBox:51646 |
| /trunk/extensions/InputBox:56151-57449 |
| /trunk/phase3/extensions/InputBox:56213,56215-56216,56218,56325,56334-56336,56338,56340,56343,56345,56347,56350,57541,57916,58151,58219,58633,58816 |
| 510 | 531 | + /branches/REL1_15/phase3/extensions/InputBox:51646 |
| /trunk/extensions/InputBox:56151-57449,64375 |
| /trunk/phase3/extensions/InputBox:56213,56215-56216,56218,56325,56334-56336,56338,56340,56343,56345,56347,56350,57541,57916,58151,58219,58633,58816 |