jenkins-bot has submitted this change and it was merged.
Change subject: Properly escape topic title in compare-post-revisions
......................................................................
Properly escape topic title in compare-post-revisions
Passing a topic title content directly into l10n results in the
topic title receiving magic word/template substitution. Output
and use the l10n safe topic-of-post and post-of-summary properties
instead.
Change-Id: I12d07846d9f1c037b059c929e3a6a660dd5aacb2
---
M handlebars/compiled/flow_block_topic_diff_view.handlebars.php
M handlebars/compiled/flow_block_topicsummary_diff_view.handlebars.php
M handlebars/flow_block_topic_diff_view.handlebars
M handlebars/flow_block_topicsummary_diff_view.handlebars
M includes/Formatter/RevisionFormatter.php
M includes/Formatter/RevisionViewFormatter.php
6 files changed, 21 insertions(+), 16 deletions(-)
Approvals:
SG: Looks good to me, approved
jenkins-bot: Verified
diff --git a/handlebars/compiled/flow_block_topic_diff_view.handlebars.php
b/handlebars/compiled/flow_block_topic_diff_view.handlebars.php
index b24495b..9b8e6c9 100644
--- a/handlebars/compiled/flow_block_topic_diff_view.handlebars.php
+++ b/handlebars/compiled/flow_block_topic_diff_view.handlebars.php
@@ -20,7 +20,7 @@
);
return '<div class="flow-board">
<div class="flow-compare-revisions-header plainlinks">
- '.LCRun3::ch($cx, 'l10nParse',
Array(Array('flow-compare-revisions-header-post',((is_array($in['revision']['new']['rev_view_links']['board'])
&& isset($in['revision']['new']['rev_view_links']['board']['title'])) ?
$in['revision']['new']['rev_view_links']['board']['title'] :
null),((is_array($in['revision']['new']['root']) &&
isset($in['revision']['new']['root']['content'])) ?
$in['revision']['new']['root']['content'] :
null),((is_array($in['revision']['new']['author']) &&
isset($in['revision']['new']['author']['name'])) ?
$in['revision']['new']['author']['name'] :
null),((is_array($in['revision']['new']['rev_view_links']['board']) &&
isset($in['revision']['new']['rev_view_links']['board']['url'])) ?
$in['revision']['new']['rev_view_links']['board']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['root']) &&
isset($in['revision']['new']['rev_view_links']['root']['url'])) ?
$in['revision']['new']['rev_view_links']['root']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['hist']) &&
isset($in['revision']['new']['rev_view_links']['hist']['url'])) ?
$in['revision']['new']['rev_view_links']['hist']['url'] : null)),Array()),
'encq').'
+ '.LCRun3::ch($cx, 'l10nParse',
Array(Array('flow-compare-revisions-header-post',((is_array($in['revision']['new']['rev_view_links']['board'])
&& isset($in['revision']['new']['rev_view_links']['board']['title'])) ?
$in['revision']['new']['rev_view_links']['board']['title'] :
null),((is_array($in['revision']['new']['properties']) &&
isset($in['revision']['new']['properties']['topic-of-post'])) ?
$in['revision']['new']['properties']['topic-of-post'] :
null),((is_array($in['revision']['new']['author']) &&
isset($in['revision']['new']['author']['name'])) ?
$in['revision']['new']['author']['name'] :
null),((is_array($in['revision']['new']['rev_view_links']['board']) &&
isset($in['revision']['new']['rev_view_links']['board']['url'])) ?
$in['revision']['new']['rev_view_links']['board']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['root']) &&
isset($in['revision']['new']['rev_view_links']['root']['url'])) ?
$in['revision']['new']['rev_view_links']['root']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['hist']) &&
isset($in['revision']['new']['rev_view_links']['hist']['url'])) ?
$in['revision']['new']['rev_view_links']['hist']['url'] : null)),Array()),
'encq').'
</div>
<div class="flow-compare-revisions">
'.LCRun3::ch($cx, 'diffRevision',
Array(Array(((is_array($in['revision']) &&
isset($in['revision']['diff_content'])) ? $in['revision']['diff_content'] :
null),((is_array($in['revision']['old']) &&
isset($in['revision']['old']['human_timestamp'])) ?
$in['revision']['old']['human_timestamp'] :
null),((is_array($in['revision']['new']) &&
isset($in['revision']['new']['human_timestamp'])) ?
$in['revision']['new']['human_timestamp'] :
null),((is_array($in['revision']['old']['author']) &&
isset($in['revision']['old']['author']['name'])) ?
$in['revision']['old']['author']['name'] :
null),((is_array($in['revision']['new']['author']) &&
isset($in['revision']['new']['author']['name'])) ?
$in['revision']['new']['author']['name'] :
null),((is_array($in['revision']['old']['rev_view_links']['single-view']) &&
isset($in['revision']['old']['rev_view_links']['single-view']['url'])) ?
$in['revision']['old']['rev_view_links']['single-view']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['single-view']) &&
isset($in['revision']['new']['rev_view_links']['single-view']['url'])) ?
$in['revision']['new']['rev_view_links']['single-view']['url'] :
null)),Array()), 'encq').'
diff --git
a/handlebars/compiled/flow_block_topicsummary_diff_view.handlebars.php
b/handlebars/compiled/flow_block_topicsummary_diff_view.handlebars.php
index 1a5bb71..321d4c0 100644
--- a/handlebars/compiled/flow_block_topicsummary_diff_view.handlebars.php
+++ b/handlebars/compiled/flow_block_topicsummary_diff_view.handlebars.php
@@ -20,11 +20,12 @@
);
return '<div class="flow-board">
<div class="flow-compare-revisions-header plainlinks">
- '.LCRun3::ch($cx, 'l10nParse',
Array(Array('flow-compare-revisions-header-postsummary',((is_array($in['revision']['new']['rev_view_links']['board'])
&& isset($in['revision']['new']['rev_view_links']['board']['title'])) ?
$in['revision']['new']['rev_view_links']['board']['title'] :
null),((is_array($in['revision']['new']['root']) &&
isset($in['revision']['new']['root']['content'])) ?
$in['revision']['new']['root']['content'] :
null),((is_array($in['revision']['new']['rev_view_links']['board']) &&
isset($in['revision']['new']['rev_view_links']['board']['url'])) ?
$in['revision']['new']['rev_view_links']['board']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['root']) &&
isset($in['revision']['new']['rev_view_links']['root']['url'])) ?
$in['revision']['new']['rev_view_links']['root']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['hist']) &&
isset($in['revision']['new']['rev_view_links']['hist']['url'])) ?
$in['revision']['new']['rev_view_links']['hist']['url'] : null)),Array()),
'encq').'
+ '.LCRun3::ch($cx, 'l10nParse',
Array(Array('flow-compare-revisions-header-postsummary',((is_array($in['revision']['new']['rev_view_links']['board'])
&& isset($in['revision']['new']['rev_view_links']['board']['title'])) ?
$in['revision']['new']['rev_view_links']['board']['title'] :
null),((is_array($in['revision']['new']['properties']) &&
isset($in['revision']['new']['properties']['post-of-summary'])) ?
$in['revision']['new']['properties']['post-of-summary'] :
null),((is_array($in['revision']['new']['rev_view_links']['board']) &&
isset($in['revision']['new']['rev_view_links']['board']['url'])) ?
$in['revision']['new']['rev_view_links']['board']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['root']) &&
isset($in['revision']['new']['rev_view_links']['root']['url'])) ?
$in['revision']['new']['rev_view_links']['root']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['hist']) &&
isset($in['revision']['new']['rev_view_links']['hist']['url'])) ?
$in['revision']['new']['rev_view_links']['hist']['url'] : null)),Array()),
'encq').'
</div>
<div class="flow-compare-revisions">
'.LCRun3::ch($cx, 'diffRevision',
Array(Array(((is_array($in['revision']) &&
isset($in['revision']['diff_content'])) ? $in['revision']['diff_content'] :
null),((is_array($in['revision']['old']) &&
isset($in['revision']['old']['human_timestamp'])) ?
$in['revision']['old']['human_timestamp'] :
null),((is_array($in['revision']['new']) &&
isset($in['revision']['new']['human_timestamp'])) ?
$in['revision']['new']['human_timestamp'] :
null),((is_array($in['revision']['old']['author']) &&
isset($in['revision']['old']['author']['name'])) ?
$in['revision']['old']['author']['name'] :
null),((is_array($in['revision']['new']['author']) &&
isset($in['revision']['new']['author']['name'])) ?
$in['revision']['new']['author']['name'] :
null),((is_array($in['revision']['old']['rev_view_links']['single-view']) &&
isset($in['revision']['old']['rev_view_links']['single-view']['url'])) ?
$in['revision']['old']['rev_view_links']['single-view']['url'] :
null),((is_array($in['revision']['new']['rev_view_links']['single-view']) &&
isset($in['revision']['new']['rev_view_links']['single-view']['url'])) ?
$in['revision']['new']['rev_view_links']['single-view']['url'] :
null)),Array()), 'encq').'
</div>
-</div>';
+</div>
+';
}
?>
\ No newline at end of file
diff --git a/handlebars/flow_block_topic_diff_view.handlebars
b/handlebars/flow_block_topic_diff_view.handlebars
index fda0d32..e9b0720 100644
--- a/handlebars/flow_block_topic_diff_view.handlebars
+++ b/handlebars/flow_block_topic_diff_view.handlebars
@@ -2,7 +2,7 @@
<div class="flow-compare-revisions-header plainlinks">
{{l10nParse "flow-compare-revisions-header-post"
revision.new.rev_view_links.board.title
- revision.new.root.content
+ revision.new.properties.topic-of-post.
revision.new.author.name
revision.new.rev_view_links.board.url
revision.new.rev_view_links.root.url
diff --git a/handlebars/flow_block_topicsummary_diff_view.handlebars
b/handlebars/flow_block_topicsummary_diff_view.handlebars
index 4e9fcbc..4617042 100644
--- a/handlebars/flow_block_topicsummary_diff_view.handlebars
+++ b/handlebars/flow_block_topicsummary_diff_view.handlebars
@@ -2,7 +2,7 @@
<div class="flow-compare-revisions-header plainlinks">
{{l10nParse "flow-compare-revisions-header-postsummary"
revision.new.rev_view_links.board.title
- revision.new.root.content
+ revision.new.properties.post-of-summary
revision.new.rev_view_links.board.url
revision.new.rev_view_links.root.url
revision.new.rev_view_links.hist.url }}
@@ -16,4 +16,4 @@
revision.old.rev_view_links.single-view.url
revision.new.rev_view_links.single-view.url }}
</div>
-</div>
\ No newline at end of file
+</div>
diff --git a/includes/Formatter/RevisionFormatter.php
b/includes/Formatter/RevisionFormatter.php
index 2cce632..bfefcd5 100644
--- a/includes/Formatter/RevisionFormatter.php
+++ b/includes/Formatter/RevisionFormatter.php
@@ -758,7 +758,7 @@
* with Message::parse
* @throws FlowException
*/
- protected function processParam( $param, /* AbstractRevision|array */
$revision, UUID $workflowId, IContextSource $ctx ) {
+ public function processParam( $param, /* AbstractRevision|array */
$revision, UUID $workflowId, IContextSource $ctx ) {
switch ( $param ) {
case 'creator-text':
if ( $revision instanceof PostRevision ) {
diff --git a/includes/Formatter/RevisionViewFormatter.php
b/includes/Formatter/RevisionViewFormatter.php
index 1218d68..ecd6d47 100644
--- a/includes/Formatter/RevisionViewFormatter.php
+++ b/includes/Formatter/RevisionViewFormatter.php
@@ -30,17 +30,21 @@
$res['rev_view_links'] = $this->buildLinks( $row );
$res['human_timestamp'] = $this->getHumanTimestamp(
$res['timestamp'] );
if ( $row->revision instanceof PostRevision ) {
- if ( $row->revision->isTopicTitle() ) {
- $res['isTopicTitle'] = true;
- } else {
- $res['isTopicTitle'] = false;
- }
- $root = $row->revision->getRootPost();
- $res['root']['content'] =
$this->templating->getContent( $root, 'wikitext' );
+ $res['isTopicTitle'] = $row->revision->isTopicTitle();
+ $res['properties']['topic-of-post'] =
$this->serializer->processParam(
+ 'topic-of-post',
+ $row->revision,
+ $row->workflow->getId(),
+ $ctx
+ );
}
if ( $row->revision instanceof PostSummary ) {
- $root =
$row->revision->getCollection()->getPost()->getLastRevision();
- $res['root']['content'] =
$this->templating->getContent( $root, 'wikitext' );
+ $res['properties']['post-of-summary'] =
$this->serializer->processParam(
+ 'post-of-summary',
+ $row->revision,
+ $row->workflow->getId(),
+ $ctx
+ );
}
return $res;
}
--
To view, visit https://gerrit.wikimedia.org/r/161163
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I12d07846d9f1c037b059c929e3a6a660dd5aacb2
Gerrit-PatchSet: 4
Gerrit-Project: mediawiki/extensions/Flow
Gerrit-Branch: master
Gerrit-Owner: EBernhardson <[email protected]>
Gerrit-Reviewer: EBernhardson <[email protected]>
Gerrit-Reviewer: SG <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
