On 2016-10-29 5:30 PM, Brian Wolff wrote:
> On Saturday, October 29, 2016, Daniel Friesen
> wrote:
>> And then there is $image. urlpathinfo doesn't escape quotes,
>> backslashes, or .
>>
> Its hard to find docs on what urlpathinfo actually does (talk about a red
> flag
On Saturday, October 29, 2016, chris tharp wrote:
> Hi All,
>
> As a lone tinker with Mediawiki, who pays some attention to things
> connected with it, I thought I would ask for a follow up to last year's
> Mediawiki Stakeholders survey (see:
>
On Saturday, October 29, 2016, Daniel Friesen
wrote:
> On 2016-10-29 8:40 AM, Brian Wolff wrote:
>> On Sat, Oct 29, 2016 at 2:50 PM, Dr. Michael Bonert
>> wrote:
>>> Hello,
>>>
>>> I was wondering about the security of Widgets (
>>>
On 2016-10-29 8:40 AM, Brian Wolff wrote:
> On Sat, Oct 29, 2016 at 2:50 PM, Dr. Michael Bonert
> wrote:
>> Hello,
>>
>> I was wondering about the security of Widgets (
>> https://www.mediawiki.org/wiki/Extension:Widgets ) that get parameters
>> passed to them. Any
Hi All,
As a lone tinker with Mediawiki, who pays some attention to things
connected with it, I thought I would ask for a follow up to last year's
Mediawiki Stakeholders survey (see:
https://www.mediawiki.org/wiki/MediaWiki_Stakeholders%27_Group). An
itemized wishlist of most requested features
Hello list members!
First of all: If you haven't used one of the extensions (CookieWarning[1] or
CookiePolicy[2]) and don't plan to use one of them in the future, you can
stop reading here :)
tl;dr: The extension CookiePolicy is no longer available and was marked as
archived, please use
On Sat, Oct 29, 2016 at 2:50 PM, Dr. Michael Bonert
wrote:
> Hello,
>
> I was wondering about the security of Widgets (
> https://www.mediawiki.org/wiki/Extension:Widgets ) that get parameters
> passed to them. Any thoughts?
>
> Are the parameters passed through to
On Sat, Oct 29, 2016 at 3:40 PM, Brian Wolff wrote:
> On Sat, Oct 29, 2016 at 2:50 PM, Dr. Michael Bonert
> wrote:
>> Hello,
>>
>> I was wondering about the security of Widgets (
>> https://www.mediawiki.org/wiki/Extension:Widgets ) that get
On Sat, Oct 29, 2016 at 2:50 PM, Dr. Michael Bonert
wrote:
> Hello,
>
> I was wondering about the security of Widgets (
> https://www.mediawiki.org/wiki/Extension:Widgets ) that get parameters
> passed to them. Any thoughts?
>
> Are the parameters passed through to
Hello,
I was wondering about the security of Widgets (
https://www.mediawiki.org/wiki/Extension:Widgets ) that get
parameters passed to them. Any thoughts?
Are the parameters passed through to the widget cleansed of html/scripts?
If it isn't -- is it possible to easily enforce
10 matches
Mail list logo