jenkins-bot has submitted this change and it was merged. Change subject: Explicitly treat Message plaintext parameters as plaintext ......................................................................
Explicitly treat Message plaintext parameters as plaintext We have run into a few issues where user provided content passed into a Message instance gets treated as wikitext in one way or another. This patch is basically a followup to I4da934dfe364acb0f87da1c8aed4a4d040d27a05 which was emergency deployed last friday to deal with exactly this issue. For the most part we have been solving for this with a combination of Message::rawParams along with htmlspecialchars. This is less than desirable and has lead to double encoding issues that have to be carefully managed. In I320645cd23c98fea4bfc32ab22b7ef8d320957cb for core I add a new Message::plaintextParams and here we utilize it. This gives proper guarantees with regards to outputing the plaintext strings exactly as we intend them to be output. Bug: 66547 Change-Id: I5ae4d66b2d6099fb0e38a7073f766628d8560270 --- M includes/Formatter/RevisionFormatter.php M includes/Model/Anchor.php M modules/new/flow-handlebars.js 3 files changed, 10 insertions(+), 20 deletions(-) Approvals: Jackmcbarn: Looks good to me, but someone else must approve Matthias Mullie: Looks good to me, approved jenkins-bot: Verified diff --git a/includes/Formatter/RevisionFormatter.php b/includes/Formatter/RevisionFormatter.php index 454da42..b8e7c6e 100644 --- a/includes/Formatter/RevisionFormatter.php +++ b/includes/Formatter/RevisionFormatter.php @@ -788,16 +788,13 @@ $content = $this->templating->getContent( $revision, 'html' ); // strip html tags and decode to plaintext $content = Utils::htmlToPlaintext( $content, 140, $ctx->getLanguage() ); - // The message keys this will be used with include links so will use Message::parse - // we don't want anything in this plaintext to be mistakenly taken as wikitext so - // encode for html output and mark raw to prevent Message from evaluating as wikitext - return Message::rawParam( htmlspecialchars( $content ) ); + return Message::plaintextParam( $content ); case 'wikitext': $content = $this->templating->getContent( $revision, 'wikitext' ); // This must be escaped and marked raw to prevent special chars in // content, like $1, from changing the i18n result - return Message::rawParam( htmlspecialchars( $content ) ); + return Message::plaintextParam( $content ); // This is potentially two networked round trips, much too expensive for // the rendering loop @@ -814,7 +811,7 @@ } $content = $this->templating->getContent( $previousRevision, 'wikitext' ); - return Message::rawParam( htmlspecialchars( $content ) ); + return Message::plaintextParam( $content ); case 'workflow-url': return $this->urlGenerator @@ -831,7 +828,7 @@ case 'moderated-reason': // don-t parse wikitext in the moderation reason - return Message::rawParam( htmlspecialchars( $revision->getModeratedReason() ) ); + return Message::plaintextParam( $revision->getModeratedReason() ); case 'topic-of-post': if ( !$revision instanceof PostRevision ) { @@ -840,7 +837,7 @@ $root = $revision->getRootPost(); $content = $this->templating->getContent( $root, 'wikitext' ); - return Message::rawParam( htmlspecialchars( $content ) ); + return Message::plaintextParam( $content ); case 'post-of-summary': if ( !$revision instanceof PostSummary ) { @@ -848,11 +845,10 @@ } $post = $revision->getCollection()->getPost()->getLastRevision(); if ( $post->isTopicTitle() ) { - $content = htmlspecialchars( $this->templating->getContent( $post, 'wikitext' ) ); + return Message::plaintextParam( $this->templating->getContent( $post, 'wikitext' ) ); } else { - $content = $this->templating->getContent( $post, 'html' ); + return Message::rawParam( $this->templating->getContent( $post, 'html' ) ); } - return Message::rawParam( $content ); case 'bundle-count': return Message::numParam( count( $revision ) ); diff --git a/includes/Model/Anchor.php b/includes/Model/Anchor.php index d19b655..b32c4df 100644 --- a/includes/Model/Anchor.php +++ b/includes/Model/Anchor.php @@ -111,14 +111,8 @@ $this->message = $message; } else { // wrap non-messages into a message class - $this->message = new RawMessage( - '$1', - // rawParam + htmlspecialchars ensures this wont be treated as wikitext - // if the message gets parsed and that its still safe for html output. - // NOTE: This can result in double encoding, prefer to use explicit messages - // instead of this fallback. - array( Message::rawParam( htmlspecialchars( $message ) ) ) - ); + $this->message = new RawMessage( '$1' ); + $this->message->plaintextParams( $message ); } } } diff --git a/modules/new/flow-handlebars.js b/modules/new/flow-handlebars.js index 55c4606..8264089 100644 --- a/modules/new/flow-handlebars.js +++ b/modules/new/flow-handlebars.js @@ -176,7 +176,7 @@ */ function flowNormalizeL10nParameters( parameters ) { return $.map( parameters, function ( arg ) { - return arg ? arg.raw || arg : ''; + return arg ? ( arg.raw || arg.plaintext || arg ) : ''; } ); } -- To view, visit https://gerrit.wikimedia.org/r/161101 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I5ae4d66b2d6099fb0e38a7073f766628d8560270 Gerrit-PatchSet: 10 Gerrit-Project: mediawiki/extensions/Flow Gerrit-Branch: master Gerrit-Owner: EBernhardson <ebernhard...@wikimedia.org> Gerrit-Reviewer: EBernhardson <ebernhard...@wikimedia.org> Gerrit-Reviewer: Jackmcbarn <jackmcb...@gmail.com> Gerrit-Reviewer: Matthias Mullie <mmul...@wikimedia.org> Gerrit-Reviewer: SG <shah...@gmail.com> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits