Awight has uploaded a new change for review. https://gerrit.wikimedia.org/r/287156
Change subject: Comment about concerning query string ...................................................................... Comment about concerning query string This is outbound, so probably not a vulnerability, but still looks incorrect as well as impolite. Change-Id: Ibed8c432bb879a2583c0bc95a4f6d7d09d55ae62 --- M gateway_common/gateway.adapter.php 1 file changed, 2 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/DonationInterface refs/changes/56/287156/1 diff --git a/gateway_common/gateway.adapter.php b/gateway_common/gateway.adapter.php index 3cd9ca7..1a425ed 100644 --- a/gateway_common/gateway.adapter.php +++ b/gateway_common/gateway.adapter.php @@ -759,6 +759,8 @@ $queryvals = array(); + // TODO: Build an array, and do the query-string formatting using a std + // library. We're not urlencoding?? // we are going to assume a flat array, because... namevalue. foreach ( $structure as $fieldname ) { $fieldvalue = $this->getTransactionSpecificValue( $fieldname ); -- To view, visit https://gerrit.wikimedia.org/r/287156 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ibed8c432bb879a2583c0bc95a4f6d7d09d55ae62 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/DonationInterface Gerrit-Branch: master Gerrit-Owner: Awight <awi...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits