Bsitu has uploaded a new change for review.
https://gerrit.wikimedia.org/r/127666
Change subject: Do not escape html text of moderated content
......................................................................
Do not escape html text of moderated content
Change-Id: Iee01cacc8fc1782b4eafe96397699ae73eb1aaa3
---
M includes/Formatter/RevisionFormatter.php
1 file changed, 6 insertions(+), 1 deletion(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/Flow
refs/changes/66/127666/1
diff --git a/includes/Formatter/RevisionFormatter.php
b/includes/Formatter/RevisionFormatter.php
index 60a9317..c0d9b10 100644
--- a/includes/Formatter/RevisionFormatter.php
+++ b/includes/Formatter/RevisionFormatter.php
@@ -450,7 +450,12 @@
case 'wikitext':
$content = $this->templating->getContent( $revision,
'wikitext' );
- return Message::rawParam( htmlspecialchars( $content )
);
+ // Escape the content if user is allowed to view the
content otherwise
+ // the content would be safe to display since it's
moderated
+ if ( $this->permissions->isAllowed( $revision, 'view' )
) {
+ $content = htmlspecialchars( $content );
+ }
+ return Message::rawParam( $content );
// This is potentially two networked round trips, much too
expensive for
// the rendering loop
--
To view, visit https://gerrit.wikimedia.org/r/127666
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Iee01cacc8fc1782b4eafe96397699ae73eb1aaa3
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/Flow
Gerrit-Branch: master
Gerrit-Owner: Bsitu <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
