r90373 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r90372‎ \| r90373 \| r90374 >
Date:	22:07, 18 June 2011
Author:	platonides
Status:	ok
Tags:
Comment:	Fix html injection. _html() was not escaping output for html due to a misnamed parameter.
Modified paths:	/trunk/tools/ToolserverI18N/Functions.php (modified) (history)

Diff [purge]

Index: trunk/tools/ToolserverI18N/Functions.php
—	—	@@ -51,7 +51,7 @@
52	52	if ( is_string( $options ) ) {
53	53	$options = array( 'domain' => $options );
54	54	}
55		~~- $options = array_merge( $options, array( 'parse' => 'html' ) );~~
	55	+ $options = array_merge( $options, array( 'escape' => 'html' ) );
56	56	return _( $key, $options );
57	57	}
58	58	}
—	—	@@ -61,4 +61,4 @@
62	62	function _e( $key, $options = array() ) {
63	63	echo _( $key, $options );
64	64	}
65		-}
\ No newline at end of file
	65	+}

12:41, 19 June 2011 Krinkle (talk | contribs) changed the status of r90373 [removed: new added: ok]