subject:"\[MediaWiki\-commits\] \[Gerrit\] Fixed escaping issue. \- change \(mediawiki...WikibaseQualityConstraints\)"

[MediaWiki-commits] [Gerrit] Fixed escaping issue. - change (mediawiki...WikibaseQualityConstraints)

2015-07-01 Thread jenkins-bot (Code Review)

jenkins-bot has submitted this change and it was merged.

Change subject: Fixed escaping issue.
..


Fixed escaping issue.

Change-Id: I3f0e15835c8393d3633f27752841969d392ac68a
---
M i18n/en.json
M i18n/qqq.json
M includes/ConstraintCheck/Checker/FormatChecker.php
M includes/ConstraintCheck/Checker/UniqueValueChecker.php
M includes/ConstraintCheck/Result/CheckResult.php
M specials/SpecialConstraintReport.php
6 files changed, 14 insertions(+), 9 deletions(-)

Approvals:
  Andreasburmeister: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/i18n/en.json b/i18n/en.json
index 0bc8341..0df01d8 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -31,6 +31,7 @@
 
 
"wbqc-violation-message-not-yet-implemented": "For technical reasons, 
the check for the constraint \"$1\" has not yet been implemented.",
+   "wbqc-violation-message-security-reason": "For security reasons, it is 
not possible to check the \"$1\" constraint at the moment. We are working on a 
solution.",
"wbqc-violation-message-value-needed": "Properties with constraint 
\"$1\" need to have a value.",
"wbqc-violation-message-value-needed-of-type": "Properties with 
constraint \"$1\" need to have values of type \"$2\".",
"wbqc-violation-message-parameter-needed": "Properties with constraint 
\"$1\" need a parameter \"$2\".",
diff --git a/i18n/qqq.json b/i18n/qqq.json
index a9bb93f..614dffe 100644
--- a/i18n/qqq.json
+++ b/i18n/qqq.json
@@ -31,6 +31,7 @@
"wbqc-violations-group": "Type of violations this extension 
finds.\n{{Identical|Constraint}}",
"wbqc-violation-message": "Generic message to tell that there was a 
violation.",
"wbqc-violation-message-not-yet-implemented": "Message for when a check 
is yet to be implemented. Not actually a violation, more of a todo.",
+   "wbqc-violation-message-security-reason": "Message for when a check is 
not possible due to security reasons. Not actually a violation, more of a 
todo.",
"wbqc-violation-message-value-needed": "Message for when a property 
needs a value (rather than no or some value), but hasn't.",
"wbqc-violation-message-value-needed-of-type": "Message for when a 
property needs a value of a specific type (like string or wikibase-entityid), 
but it doesn't.",
"wbqc-violation-message-parameter-needed": "Message for when a 
constraint needs a specific parameter, but it's missing.",
diff --git a/includes/ConstraintCheck/Checker/FormatChecker.php 
b/includes/ConstraintCheck/Checker/FormatChecker.php
index 7adf840..0b2ceda 100755
--- a/includes/ConstraintCheck/Checker/FormatChecker.php
+++ b/includes/ConstraintCheck/Checker/FormatChecker.php
@@ -78,7 +78,8 @@
return new CheckResult( $statement, 
$constraint->getConstraintTypeQid(), $parameters, 
CheckResult::STATUS_VIOLATION, $message );
}
 
-   return new CheckResult( $statement, 
$constraint->getConstraintTypeQid(), $parameters, CheckResult::STATUS_TODO, 
"For security reasons, it is not possible to check the Format constraint at the 
moment. We are working on a solution." );
+   $message = wfMessage( 'wbqc-violation-message-security-reason' 
)->params( $constraint->getConstraintTypeName(), 'string' )->escaped();
+   return new CheckResult( $statement, 
$constraint->getConstraintTypeQid(), $parameters, CheckResult::STATUS_TODO, 
$message );
}
 
 }
\ No newline at end of file
diff --git a/includes/ConstraintCheck/Checker/UniqueValueChecker.php 
b/includes/ConstraintCheck/Checker/UniqueValueChecker.php
index 3b2552d..e16e230 100755
--- a/includes/ConstraintCheck/Checker/UniqueValueChecker.php
+++ b/includes/ConstraintCheck/Checker/UniqueValueChecker.php
@@ -39,7 +39,7 @@
public function checkConstraint( Statement $statement, Constraint 
$constraint, Entity $entity = null ) {
$parameters = array ();
 
-   $message = wfMessage( 
"wbqc-violation-message-not-yet-implemented" )->escaped();
+   $message = wfMessage( 
"wbqc-violation-message-not-yet-implemented" )->params( 
$constraint->getConstraintTypeName(), 'string' )->escaped();
return new CheckResult( $statement, 
$constraint->getConstraintTypeQid(), $parameters, CheckResult::STATUS_TODO, 
$message );
}
 
diff --git a/includes/ConstraintCheck/Result/CheckResult.php 
b/includes/ConstraintCheck/Result/CheckResult.php
index b764094..9abbb62 100755
--- a/includes/ConstraintCheck/Result/CheckResult.php
+++ b/includes/ConstraintCheck/Result/CheckResult.php
@@ -55,7 +55,7 @@
 * @param string $constraintName
 * @param array $parameters (string => string[])
 * @param string $status
-* @param string $message
+* @param string $message (sanitized HTML)
 */
public function __construct( Statement $statement, $constraintName, 
$parameters = array

[MediaWiki-commits] [Gerrit] Fixed escaping issue. - change (mediawiki...WikibaseQualityConstraints)

2015-06-26 Thread Soeren.oldag (Code Review)

Soeren.oldag has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/221083

Change subject: Fixed escaping issue.
..

Fixed escaping issue.

Change-Id: I3f0e15835c8393d3633f27752841969d392ac68a
---
M specials/SpecialConstraintReport.php
1 file changed, 5 insertions(+), 3 deletions(-)


  git pull 
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/WikibaseQualityConstraints
 refs/changes/83/221083/1

diff --git a/specials/SpecialConstraintReport.php 
b/specials/SpecialConstraintReport.php
index 1ca137a..778e65c 100755
--- a/specials/SpecialConstraintReport.php
+++ b/specials/SpecialConstraintReport.php
@@ -2,6 +2,8 @@
 
 namespace WikibaseQuality\ConstraintReport\Specials;
 
+use UnexpectedValueException;
+use InvalidArgumentException;
 use JobQueueGroup;
 use SpecialPage;
 use ValueFormatters\FormatterOptions;
@@ -372,7 +374,7 @@
if ( $result->getMainSnakType() === 'value' ) {
$value = $this->formatValue( $result->getDataValue() );
} else {
-   $value = $result->getMainSnakType();
+   $value = htmlspecialchars( $result->getMainSnakType() );
}
 
$claimColumn = $this->getClaimLink(
@@ -619,13 +621,13 @@
 *
 * @param EntityId $entityId
 * @param PropertyId $propertyId
-* @param string $text
+* @param string $text HTML
 *
 * @return string HTML
 */
private function getClaimLink( EntityId $entityId, PropertyId 
$propertyId, $text ) {
return
-   Html::element(
+   Html::rawElement(
'a',
array (
'href' => $this->getClaimUrl( 
$entityId, $propertyId ),

-- 
To view, visit https://gerrit.wikimedia.org/r/221083
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I3f0e15835c8393d3633f27752841969d392ac68a
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/WikibaseQualityConstraints
Gerrit-Branch: v1
Gerrit-Owner: Soeren.oldag 

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Fixed escaping issue. - change (mediawiki...WikibaseQualityConstraints)

[MediaWiki-commits] [Gerrit] Fixed escaping issue. - change (mediawiki...WikibaseQualityConstraints)

2 matches

Site Navigation

Mail list logo

Footer information