[MediaWiki-CVS] SVN: [93561]

Sat, 30 Jul 2011 17:00:15 -0700 

http://www.mediawiki.org/wiki/Special:Code/MediaWiki/93561

Revision: 93561
Author:   reedy
Date:     2011-07-31 00:00:08 +0000 (Sun, 31 Jul 2011)
Log Message:
-----------
htmlspecialchars() on urls outputted to pages

Modified Paths:
--------------
    branches/wmf/1.17wmf1/extensions/MobileFrontend/MobileFrontend.php
    trunk/extensions/MobileFrontend/MobileFrontend.php

Modified: branches/wmf/1.17wmf1/extensions/MobileFrontend/MobileFrontend.php
===================================================================
--- branches/wmf/1.17wmf1/extensions/MobileFrontend/MobileFrontend.php  
2011-07-30 23:31:06 UTC (rev 93560)
+++ branches/wmf/1.17wmf1/extensions/MobileFrontend/MobileFrontend.php  
2011-07-31 00:00:08 UTC (rev 93561)
@@ -110,7 +110,7 @@
                $mobileViewUrl = $wgRequest->getRequestURL();
                $delimiter = ( strpos( $mobileViewUrl, "?" ) !== false ) ? "&" 
: "?";
                $mobileViewUrl .= $delimiter . 'useFormat=mobile';
-               $mobileViewUrl = urlencode( $mobileViewUrl );
+               $mobileViewUrl = htmlspecialchars( $mobileViewUrl );
                
                $tpl->set('mobileview', "<a href='{$mobileViewUrl}'>Mobile 
View</a>");
                $footerlinks['places'][] = 'mobileview';

Modified: trunk/extensions/MobileFrontend/MobileFrontend.php
===================================================================
--- trunk/extensions/MobileFrontend/MobileFrontend.php  2011-07-30 23:31:06 UTC 
(rev 93560)
+++ trunk/extensions/MobileFrontend/MobileFrontend.php  2011-07-31 00:00:08 UTC 
(rev 93561)
@@ -110,6 +110,7 @@
                $mobileViewUrl = $wgRequest->getRequestURL();
                $delimiter = ( strpos( $mobileViewUrl, "?" ) !== false ) ? "&" 
: "?";
                $mobileViewUrl .= $delimiter . 'useFormat=mobile';
+               $mobileViewUrl = htmlspecialchars( $mobileViewUrl );
 
                $tpl->set('mobileview', "<a href='{$mobileViewUrl}'>{wfMsg( 
'mobile-frontend-view' )}</a>");
                $footerlinks['places'][] = 'mobileview';
@@ -239,7 +240,7 @@
                // ajax_support_javascript
                // html_preferred_dtd
 
-               // Determine  
+               // Determine
 
                if (self::$useFormat === 'mobile' ||
                        self::$useFormat === 'mobile-wap' ) {
@@ -517,7 +518,7 @@
                        // TODO: Content transformations required
                        // WML Validator:
                        // http://validator.w3.org
-                       // 
+                       //
                        // div -> p
                        // no style, no class, no h1-h6, sup, sub, ol, ul, li 
etc.
                        // table requires "columns" property


_______________________________________________
MediaWiki-CVS mailing list
MediaWiki-CVS@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs

Reply via email to