On 29/04/11 04:50, Brion Vibber wrote: > But that's not why it's being stripped: various little CSS extensions like > 'expression', xbl bindings, and IE's 'filter's are potentially unsafe, > though it's unclear to me at the moment exactly how dangerous the filters > are as I haven't looked at it in ages (is the set of filters open-ended or > fixed? do any of them allow loading offsite content or executing JS code?)
See the comments on http://www.mediawiki.org/wiki/Special:Code/MediaWiki/66990 The set of filters is open-ended, and can be extended by IE plugins. Microsoft has shown precisely zero interest in fixing the serious security vulnerability I found in ICMFilter, which suggests that they will have no qualms about adding more security vulnerabilities accessible via filter rules. The format of the filter string is complex and not precisely documented, so whitelisting opacity would be non-trivial even if we wanted to do it. -- Tim Starling _______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l