wikimedia/mediawiki-extensions-ReplaceText
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/ReplaceText synced 2024-11-15 10:59:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Modify callers of makeLinkObj, many of these seam to be passing unescaped text which is actually treated as html and needs to be escaped.

Browse source
This commit is contained in:
Daniel Friesen 2011-05-08 03:16:03 +00:00
parent a2eaa7f60c
commit f67bb1c229
Notes: Daniel Friesen 2011-05-08 03:16:03 +00:00 
https://mediawiki.org/wiki/Special:Code/MediaWiki/87673
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
SpecialReplaceText.php
View file

@ -397,7 +397,7 @@ class ReplaceText extends SpecialPage {
foreach ( $titles_for_move as $title ) {
$wgOut->addHTML(
Xml::check( 'move-' . $title->getArticleID(), true ) .
$skin->makeLinkObj( $title, $title->getPrefixedText() ) . "<br />\n"
$skin->makeLinkObj( $title, htmlspecialchars( $title->getPrefixedText() ) ) . "<br />\n"
);
}
$wgOut->addHTML( '<br />' );