wikimedia/mediawiki-extensions-Cite
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/Cite synced 2024-11-27 16:30:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add missing jQuery selector escaping

Browse source 
As far as I can tell the effect of this is almost zero, because in both
cases the unescaped ID ends in double quotes. Within these double quotes
not many characters must be escaped, essentially only double quotes and
backslashes. Neither can appear in an ID (more precisely: neither should).

Proper escaping is "the right thing to do" anyway.

Change-Id: I21934f7cb54e2d68013a994150a92c76ef1b61d7
This commit is contained in:
Thiemo Kreuz 2019-02-20 16:15:45 +01:00
parent 92c5ba2ca6
commit e71dcc355d
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
modules/ext.cite.highlighting.js
View file

@ -73,13 +73,13 @@
// Bail out if there is not at least a second backlink ("cite_references_link_many").
if ( id.slice( -2 ) === '-0' &&
!$content.find( '.references a[href="#' + id.slice( 0, -1 ) + '1"]' ).length
!$content.find( '.references a[href="#' + $.escapeSelector( id.slice( 0, -1 ) ) + '1"]' ).length
) {
return;
}
// The :not() skips the duplicate link created below. Relevant when double clicking.
$backlink = $content.find( '.references a[href="#' + id + '"]:not(.mw-cite-up-arrow-backlink)' )
$backlink = $content.find( '.references a[href="#' + $.escapeSelector( id ) + '"]:not(.mw-cite-up-arrow-backlink)' )
.first()
.addClass( className );