Ori.livneh has uploaded a new change for review. https://gerrit.wikimedia.org/r/215278
Change subject: Use a fixed comment placeholder string in CSSMin ...................................................................... Use a fixed comment placeholder string in CSSMin Both the problem and solution are nearly identical to the ones presented in I31d4556bb. Use a constant string as a comment placeholder, and differentiate it from possible user input using \x7f, which is not valid CSS anyway[1]. [1]: http://www.w3.org/TR/CSS21/grammar.html Change-Id: I3d3c2578d5e9c1fe52c02e87901cb08d03847ea7 --- M includes/libs/CSSMin.php 1 file changed, 5 insertions(+), 1 deletion(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/78/215278/1 diff --git a/includes/libs/CSSMin.php b/includes/libs/CSSMin.php index ffe26a9..2db0624 100644 --- a/includes/libs/CSSMin.php +++ b/includes/libs/CSSMin.php @@ -232,11 +232,15 @@ $remote = substr( $remote, 0, -1 ); } + // Disallow U+007F DELETE, which is illegal anyway, and which + // we use for comment placeholders. + $source = strtr( $source, "\x7f", "?" ); + // Replace all comments by a placeholder so they will not interfere with the remapping. // Warning: This will also catch on anything looking like the start of a comment between // quotation marks (e.g. "foo /* bar"). $comments = array(); - $placeholder = uniqid( '', true ); + $placeholder = "\x7fPLACEHOLDER\x7f"; $pattern = '/(?!' . CSSMin::EMBED_REGEX . ')(' . CSSMin::COMMENT_REGEX . ')/s'; -- To view, visit https://gerrit.wikimedia.org/r/215278 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I3d3c2578d5e9c1fe52c02e87901cb08d03847ea7 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Ori.livneh <o...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
