wikimedia/mediawiki-extensions-DiscussionTools
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/DiscussionTools synced 2024-09-24 02:48:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ensure form tokens are not longer than allowed

Browse source 
Bug: T295940
Change-Id: I4e3fd5d3ef21274b104c4d22e3bab11043d61334
This commit is contained in:
Bartosz Dziewoński 2021-11-17 23:53:38 +01:00
parent 45ef474109
commit 72f806829c
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
modules/dt.ui.ReplyWidget.js
View file

@ -533,7 +533,9 @@ ReplyWidget.prototype.afterSetup = function () {
ReplyWidget.prototype.getFormToken = function () {
var formToken = this.storage.get( this.storagePrefix + '/formToken' );
if ( !formToken ) {
formToken = Math.random().toString( 36 ).slice( 2 );
// See ApiBase::PARAM_MAX_CHARS in ApiDiscussionToolsEdit.php
var maxLength = 16;
formToken = Math.random().toString( 36 ).slice( 2, maxLength + 2 );
this.storage.set( this.storagePrefix + '/formToken', formToken );
}
return formToken;