mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/RSS
synced 2024-11-23 15:26:49 +00:00
6e2ce16be0
The SecurityCheck-XSS violation occurred because, in renderFeed(), the $renderedFeed variable contains both wikitext (tainted) and HTML (safe) at different points in the function, and Phan is unable to disentangle that. Splitting it into two variables allows Phan to validate the rest of the code just fine. Change-Id: I4da446b869349f06fc0fc40816d44cee390c49a6 |
||
---|---|---|
.phan | ||
i18n | ||
includes | ||
.eslintrc.json | ||
.gitignore | ||
.gitreview | ||
.phpcs.xml | ||
CODE_OF_CONDUCT.md | ||
composer.json | ||
COPYING | ||
extension.json | ||
Gruntfile.js | ||
package-lock.json | ||
package.json | ||
README | ||
RELEASE-NOTES |
== About == Displays an RSS feed on a wiki page. See https://www.mediawiki.org/wiki/Extension:RSS == Credits to other projects == * MagpieRSS This extension includes code from the MagpieRSS library. MagpieRSS provides an XML-based (expat) RSS parser in PHP, and is released under the GPL.