Cook879 has submitted this change and it was merged. Change subject: Security fix ......................................................................
Security fix Passed the value of the size parameter straight to the output without validating, leaving an xss hole. This should fix that issue. Change-Id: Iead26a54a34babe1b580d64d98fff2357e5731e5 --- M Vine.php 1 file changed, 3 insertions(+), 3 deletions(-) Approvals: Cook879: Verified; Looks good to me, approved diff --git a/Vine.php b/Vine.php index 98b9590..02fd7ed 100644 --- a/Vine.php +++ b/Vine.php @@ -4,7 +4,7 @@ * * @file * @ingroup Extensions - * @version 1.1 + * @version 1.1.1 * @author Richard Cook <cook...@shoutwiki.com> * @copyright Copyright © 2014 Richard Cook * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License 3.0 or later @@ -18,7 +18,7 @@ // Extension credits that will show up on Special:Version $wgExtensionCredits['parserhook'][] = array( 'name' => 'Vine', - 'version' => '1.0', + 'version' => '1.1.1', 'author' => '[http://www.shoutwiki.com/wiki/User:Cook879 Richard Cook]', 'url' => 'http://www.mediawiki.com/wiki/Extension:Vine', 'description' => 'Adds a <code><vine></code> tag to add Vine posts to your site' @@ -45,7 +45,7 @@ $type = 'postcard'; } - if ( !empty( $args['size'] ) ) { + if ( !empty( $args['size'] ) && filter_var( $args['size'], FILTER_VALIDATE_INT, array( 'options' => array( 'min-range' => 0 ) ) ) ) { $size = $args['size']; } -- To view, visit https://gerrit.wikimedia.org/r/141291 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: Iead26a54a34babe1b580d64d98fff2357e5731e5 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/Vine Gerrit-Branch: master Gerrit-Owner: Cook879 <cook...@shoutwiki.com> Gerrit-Reviewer: Cook879 <cook...@shoutwiki.com> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits