Nikerabbit has uploaded a new change for review.
https://gerrit.wikimedia.org/r/177978
Change subject: Escape unescaped content shown in Special:BlockList
......................................................................
Escape unescaped content shown in Special:BlockList
Change-Id: I38bd12613b4066c312635f9920a9e2d2002dbf6d
---
M includes/specials/SpecialBlockList.php
1 file changed, 21 insertions(+), 11 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core
refs/changes/78/177978/1
diff --git a/includes/specials/SpecialBlockList.php
b/includes/specials/SpecialBlockList.php
index 02b2626..2fd3f6c 100644
--- a/includes/specials/SpecialBlockList.php
+++ b/includes/specials/SpecialBlockList.php
@@ -77,11 +77,11 @@
),
'Options' => array(
'type' => 'multiselect',
- 'options' => array(
- $this->msg( 'blocklist-userblocks'
)->text() => 'userblocks',
- $this->msg( 'blocklist-tempblocks'
)->text() => 'tempblocks',
- $this->msg( 'blocklist-addressblocks'
)->text() => 'addressblocks',
- $this->msg( 'blocklist-rangeblocks'
)->text() => 'rangeblocks',
+ 'options-messages' => array(
+ 'blocklist-userblocks' => 'userblocks',
+ 'blocklist-tempblocks' => 'tempblocks',
+ 'blocklist-addressblocks' =>
'addressblocks',
+ 'blocklist-rangeblocks' =>
'rangeblocks',
),
'flatlist' => true,
),
@@ -262,19 +262,26 @@
'blocklist-nousertalk',
'unblocklink',
'change-blocklink',
- 'infiniteblock',
);
- $msg = array_combine( $msg, array_map( array( $this,
'msg' ), $msg ) );
+ $msg = array_combine(
+ $msg,
+ array_map(
+ function ( $m ) { return $this->msg( $m
)->escaped(); },
+ $msg
+ )
+ );
}
/** @var $row object */
$row = $this->mCurrentRow;
+ $language = $this->getLanguage();
+
$formatted = '';
switch ( $name ) {
case 'ipb_timestamp':
- $formatted =
$this->getLanguage()->userTimeAndDate( $value, $this->getUser() );
+ $formatted = htmlspecialchars(
$language->userTimeAndDate( $value, $this->getUser() ) );
break;
case 'ipb_target':
@@ -300,7 +307,10 @@
break;
case 'ipb_expiry':
- $formatted =
$this->getLanguage()->formatExpiry( $value, /* User preference timezone */true
);
+ $formatted = htmlspecialchars(
$language->formatExpiry(
+ $value,
+ /* User preference timezone */true
+ ) );
if ( $this->getUser()->isAllowed( 'block' ) ) {
if ( $row->ipb_auto ) {
$links[] = Linker::linkKnown(
@@ -323,7 +333,7 @@
'span',
array( 'class' =>
'mw-blocklist-actions' ),
$this->msg( 'parentheses'
)->rawParams(
-
$this->getLanguage()->pipeList( $links ) )->escaped()
+ $language->pipeList(
$links ) )->escaped()
);
}
break;
@@ -361,7 +371,7 @@
$properties[] =
$msg['blocklist-nousertalk'];
}
- $formatted = $this->getLanguage()->commaList(
$properties );
+ $formatted = $language->commaList( $properties
);
break;
default:
--
To view, visit https://gerrit.wikimedia.org/r/177978
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I38bd12613b4066c312635f9920a9e2d2002dbf6d
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Nikerabbit <niklas.laxst...@gmail.com>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
