mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/VisualEditor
synced 2024-11-29 08:34:54 +00:00
ve.ui.MWExtensionInspector: Prevent from setting impossible content
XML-like tags in wikitext are not actually XML and don't expect their contents to be escaped. This means that (usually) it is not possible for a tag '<foo>…</foo>' to contain the string '</foo>' (see bug 57429 comment 4 for details). Prevent the user from doing that by escaping the first angle bracket '<' to '<' in such inputs when the inspector closes. Bug: 57429 Change-Id: Ia566452ae0ffc9caa3ea48a52e5b8032c33fc9c8
This commit is contained in:
parent
a0989d15d4
commit
bba6ac20bd
|
@ -193,5 +193,13 @@ ve.ui.MWExtensionInspector.prototype.getTeardownProcess = function ( data ) {
|
|||
* @param {Object} mwData MediaWiki data object
|
||||
*/
|
||||
ve.ui.MWExtensionInspector.prototype.updateMwData = function ( mwData ) {
|
||||
mwData.body.extsrc = this.whitespace[0] + this.input.getValue() + this.whitespace[1];
|
||||
var tagName = mwData.name,
|
||||
value = this.input.getValue();
|
||||
|
||||
// XML-like tags in wikitext are not actually XML and don't expect their contents to be escaped.
|
||||
// This means that it is not possible for a tag '<foo>…</foo>' to contain the string '</foo>'.
|
||||
// Prevent that by escaping the first angle bracket '<' to '<'. (bug 57429)
|
||||
value = value.replace( new RegExp( '<(/' + tagName + '\\s*>)', 'gi' ), '<$1' );
|
||||
|
||||
mwData.body.extsrc = this.whitespace[0] + value + this.whitespace[1];
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue