r65969 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r65968‎ \| r65969 \| r65970 >
Date:	22:37, 5 May 2010
Author:	platonides
Status:	ok
Tags:
Comment:	The pipe \| character in urls is now escaped. This solves a parser test where a pipe in a url query inside an image caption confused the parser. Windows file://c\|/... urls may be affected. See http://en.wikipedia.org/wiki/File_URI_scheme#Windows_2
Modified paths:	/trunk/phase3/RELEASE-NOTES (modified) (history) /trunk/phase3/includes/Sanitizer.php (modified) (history) /trunk/phase3/maintenance/parserTests.txt (modified) (history)

Diff [purge]

Index: trunk/phase3/maintenance/parserTests.txt
—	—	@@ -1514,7 +1514,7 @@
1515	1515	!! input
1516	1516	Piped link to URL: [[http://www.example.com\|an example URL]]
1517	1517	!! result
1518		~~-<p>Piped link to URL: [<a href="http://www.example.com\|an" class="external text" rel="nofollow">example URL</a>]~~
	1518	+<p>Piped link to URL: [<a href="http://www.example.com%7Can" class="external text" rel="nofollow">example URL</a>]
1519	1519	</p>
1520	1520	!! end
1521	1521
—	—	@@ -6649,12 +6649,10 @@
6650	6650	# Images with the "\|" character in external URLs in comment tags; Eats half the comment, leaves unmatched "</a>" tag.
6651	6651	!! test
6652	6652	Images with the "\|" character in the comment
6653		~~-!! options~~
6654		~~-disabled~~
6655	6653	!! input
6656	6654	[[image:Foobar.jpg\|thumb\|An [http://test/?param1=\|left\|&param2=\|x external] URL]]
6657	6655	!! result
6658		-<div class="thumb tright"><div class="thumbinner" style="width:182px;"><a href="https://www.mediawiki.org/wiki/File:Foobar.jpg" class="image"><img alt="An external URL" src="http://example.com/images/3/3a/Foobar.jpg" width="180" height="20" class="thumbimage" /></a> <div class="thumbcaption"><div class="magnify"><a href="https://www.mediawiki.org/wiki/File:Foobar.jpg" class="internal" title="Enlarge"><img src="/skins/common/images/magnify-clip.png" width="15" height="11" alt="" /></a></div>An <a href="http://test/?param1=\|left\|&param2=\|x" class="external text" rel="nofollow">external</a> URL</div></div></div>
	6656	+<div class="thumb tright"><div class="thumbinner" style="width:182px;"><a href="https://www.mediawiki.org/wiki/File:Foobar.jpg" class="image"><img alt="" src="http://example.com/images/3/3a/Foobar.jpg" width="180" height="20" class="thumbimage" /></a> <div class="thumbcaption"><div class="magnify"><a href="https://www.mediawiki.org/wiki/File:Foobar.jpg" class="internal" title="Enlarge"><img src="/skins/common/images/magnify-clip.png" width="15" height="11" alt="" /></a></div>An <a href="http://test/?param1=%7Cleft%7C&param2=%7Cx" class="external text" rel="nofollow">external</a> URL</div></div></div>
6659	6657
6660	6658	!!end
6661	6659
Index: trunk/phase3/includes/Sanitizer.php
—	—	@@ -1493,7 +1493,7 @@
1494	1494	$url = Sanitizer::decodeCharReferences( $url );
1495	1495
1496	1496	# Escape any control characters introduced by the above step
1497		~~- $url = preg_replace( '/[\][<>"\\x00-\\x20\\x7F]/e', "urlencode('\\0')", $url );~~
	1497	+ $url = preg_replace( '/[\][<>"\\x00-\\x20\\x7F\\|]/e', "urlencode('\\0')", $url );
1498	1498
1499	1499	# Validate hostname portion
1500	1500	$matches = array();
Index: trunk/phase3/RELEASE-NOTES
—	—	@@ -153,6 +153,7 @@
154	154	* (Bug 23241) Remove License selector, because it is not used when uploading a
155	155	new version.
156	156	* (bug 23240) Add ID to namespace selector form on Special:Watchlist
	157	+* The pipe \| character in urls is now escaped.
157	158
158	159	=== API changes in 1.17 ===
159	160	* (bug 22738) Allow filtering by action type on query=logevent

Status & tagging log

11:32, 27 November 2010 Hashar (talk | contribs) changed the status of r65969 [removed: new added: ok]