Dominic.sauer has submitted this change and it was merged.
Change subject: Improved escaping on special pages.
......................................................................
Improved escaping on special pages.
When inserting messages into raw html escaped() is used instead of text().
Serializations of entity ids are now escaped, too.
Change-Id: I2a52435b3ca94a2b3999db4ee724a519eb13fa44
---
M i18n/en.json
M i18n/qqq.json
M specials/SpecialConstraintReport.php
M tests/phpunit/Specials/SpecialConstraintReportTest.php
4 files changed, 18 insertions(+), 19 deletions(-)
Approvals:
Dominic.sauer: Verified; Looks good to me, approved
diff --git a/i18n/en.json b/i18n/en.json
index 3a905e9..bbd6322 100755
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -9,7 +9,7 @@
"wbqc-constraintreport-form-submit-label": "Check",
"wbqc-constraintreport-form-entityid-label": "Entity ID:",
"wbqc-constraintreport-form-entityid-placeholder": "Qxx/Pxx",
- "wbqc-constraintreport-result-headline": "Result for $1",
+ "wbqc-constraintreport-result-headline": "Result for",
"wbqc-constraintreport-not-existent-entity": "Entity does not exist!",
"wbqc-constraintreport-empty-result": "There are no constraints defined on
this entity.",
"wbqc-constraintreport-status-violation": "Violation",
diff --git a/i18n/qqq.json b/i18n/qqq.json
index 3f6f5e5..99e65ec 100755
--- a/i18n/qqq.json
+++ b/i18n/qqq.json
@@ -3,11 +3,11 @@
"wbqc-constraintreport": "{{doc-special|ConstraintReport}}",
"wbqc-constraintreport-explanation-part-one": "Explanation (part one),
what this special page does and how it gets its data.",
"wbqc-constraintreport-explanation-part-two": "Explanation (part two),
what this special page does and how it gets its data.",
- "wbqc-crosscheck-form-section": "Header of the section of the entity id
form.",
- "wbqc-crosscheck-form-entityid-label": "Label for the entity id input
field.",
+ "wbqc-constraintreport-form-section": "Header of the section of the entity
id form.",
+ "wbqc-constraintreport-form-entityid-label": "Label for the entity id
input field.",
"wbqc-constraintreport-form-submit-label": "Label of the button, that
starts the check.\n{{Identical|Check}}",
"wbqc-constraintreport-form-entityid-placeholder": "Entity id
placeholder for the input field.",
- "wbqc-constraintreport-result-headline": "Result headline",
+ "wbqc-constraintreport-result-headline": "Result headline. Label of
checked entity is appended to this.",
"wbqc-constraintreport-empty-result": "Message that appears, when there
are no constraints defined for the given entity.",
"wbqc-constraintreport-status-violation": "Status for claims that are
violated against a constraint.",
"wbqc-constraintreport-status-compliance": "Status for claims that
comply with a constraint",
diff --git a/specials/SpecialConstraintReport.php
b/specials/SpecialConstraintReport.php
index b079cb4..3bf3697 100755
--- a/specials/SpecialConstraintReport.php
+++ b/specials/SpecialConstraintReport.php
@@ -8,7 +8,6 @@
use Wikibase\Lib\EntityIdHtmlLinkFormatter;
use Wikibase\Lib\EntityIdLabelFormatter;
use HTMLForm;
-use IContextSource;
use Wikibase\DataModel\Entity\EntityIdParser;
use Wikibase\Lib\LanguageNameLookup;
use Wikibase\Lib\SnakFormatter;
@@ -156,7 +155,7 @@
* @return string
*/
public function getDescription() {
- return $this->msg( 'wbqc-constraintreport' )->text();
+ return $this->msg( 'wbqc-constraintreport' )->escaped();
}
/**
@@ -197,14 +196,14 @@
$entity = $this->entityLookup->getEntity( $entityId );
} catch ( EntityIdParsingException $e ) {
$out->addHTML(
- $this->buildNotice( $this->msg(
'wbqc-constraintreport-invalid-entity-id' )->text(), true )
+ $this->buildNotice(
'wbqc-constraintreport-invalid-entity-id', true )
);
return;
}
if ( !$entity ) {
$out->addHTML(
- $this->buildNotice( $this->msg(
'wbqc-constraintreport-not-existent-entity' )->text(), true )
+ $this->buildNotice(
'wbqc-constraintreport-not-existent-entity', true )
);
return;
}
@@ -221,7 +220,7 @@
} else {
$out->addHTML(
$this->buildResultHeader( $entityId )
- . $this->buildNotice( $this->msg(
'wbqc-constraintreport-empty-result' )->text() )
+ . $this->buildNotice(
'wbqc-constraintreport-empty-result' )
);
}
}
@@ -278,7 +277,8 @@
array (
'class' => $cssClasses
),
- $message );
+ $this->msg( $message )->text()
+ );
}
private function getExplanationText() {
@@ -324,15 +324,15 @@
$table = new HtmlTable(
array (
new HtmlTableHeader(
- $this->msg(
'wbqc-constraintreport-result-table-header-status' )->text(),
+ $this->msg(
'wbqc-constraintreport-result-table-header-status' )->escaped(),
true
),
new HtmlTableHeader(
- $this->msg(
'wbqc-constraintreport-result-table-header-claim' )->text(),
+ $this->msg(
'wbqc-constraintreport-result-table-header-claim' )->escaped(),
true
),
new HtmlTableHeader(
- $this->msg(
'wbqc-constraintreport-result-table-header-constraint' )->text(),
+ $this->msg(
'wbqc-constraintreport-result-table-header-constraint' )->escaped(),
true
)
)
@@ -399,7 +399,7 @@
return
Html::openElement( 'h3' )
- . $this->msg( 'wbqc-constraintreport-result-headline',
$entityLink )->text()
+ . sprintf( '%s %s', $this->msg(
'wbqc-constraintreport-result-headline' )->escaped(), $entityLink )
. Html::closeElement( 'h3' );
}
@@ -536,7 +536,6 @@
*/
private function formatStatus( $status ) {
$messageName = "wbqc-constraintreport-status-" . strtolower( $status );
- $message = $this->msg( $messageName )->text();
$formattedStatus =
Html::element(
@@ -544,7 +543,7 @@
array (
'class' => 'wbqc-status wbqc-status-' . $status
),
- $message
+ $this->msg( $messageName )->text()
);
return $formattedStatus;
@@ -697,8 +696,8 @@
$results = $service->buildResultSummary( $results );
$jobs = array ();
$jobs[] = EvaluateConstraintReportJob::newInsertNow(
$entity->getId()->getSerialization(), $checkTimeStamp, $results );
- //$jobs[] = EvaluateConstraintReportJob::newInsertDeferred(
$entity->getId()->getSerialization(), $checkTimeStamp, 10*60 );
- //$jobs[] = EvaluateConstraintReportJob::newInsertDeferred(
$entity->getId()->getSerialization(), $checkTimeStamp, 60*60 );
+ $jobs[] = EvaluateConstraintReportJob::newInsertDeferred(
$entity->getId()->getSerialization(), $checkTimeStamp, 10*60 );
+ $jobs[] = EvaluateConstraintReportJob::newInsertDeferred(
$entity->getId()->getSerialization(), $checkTimeStamp, 60*60 );
JobQueueGroup::singleton()->push( $jobs );
}
}
diff --git a/tests/phpunit/Specials/SpecialConstraintReportTest.php
b/tests/phpunit/Specials/SpecialConstraintReportTest.php
index 0121e4a..0e8db03 100755
--- a/tests/phpunit/Specials/SpecialConstraintReportTest.php
+++ b/tests/phpunit/Specials/SpecialConstraintReportTest.php
@@ -219,7 +219,7 @@
unset( $matchers[ 'error' ] );
$matchers[ 'result for' ] = array (
'tag' => 'h3',
- 'content' => '(wbqc-constraintreport-result-headline:'
+ 'content' => '(wbqc-constraintreport-result-headline)'
);
$matchers[ 'result table' ] = array (
--
To view, visit https://gerrit.wikimedia.org/r/216046
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I2a52435b3ca94a2b3999db4ee724a519eb13fa44
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/WikidataQualityConstraints
Gerrit-Branch: master
Gerrit-Owner: Soeren.oldag <[email protected]>
Gerrit-Reviewer: Dominic.sauer <[email protected]>
Gerrit-Reviewer: Siebrand <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
