Awight has uploaded a new change for review.
https://gerrit.wikimedia.org/r/287156
Change subject: Comment about concerning query string
......................................................................
Comment about concerning query string
This is outbound, so probably not a vulnerability, but still looks incorrect
as well as impolite.
Change-Id: Ibed8c432bb879a2583c0bc95a4f6d7d09d55ae62
---
M gateway_common/gateway.adapter.php
1 file changed, 2 insertions(+), 0 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/DonationInterface
refs/changes/56/287156/1
diff --git a/gateway_common/gateway.adapter.php
b/gateway_common/gateway.adapter.php
index 3cd9ca7..1a425ed 100644
--- a/gateway_common/gateway.adapter.php
+++ b/gateway_common/gateway.adapter.php
@@ -759,6 +759,8 @@
$queryvals = array();
+ // TODO: Build an array, and do the query-string formatting
using a std
+ // library. We're not urlencoding??
// we are going to assume a flat array, because... namevalue.
foreach ( $structure as $fieldname ) {
$fieldvalue = $this->getTransactionSpecificValue(
$fieldname );
--
To view, visit https://gerrit.wikimedia.org/r/287156
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ibed8c432bb879a2583c0bc95a4f6d7d09d55ae62
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/DonationInterface
Gerrit-Branch: master
Gerrit-Owner: Awight <awi...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
