https://bugzilla.wikimedia.org/show_bug.cgi?id=61115
Nemo <federicol...@tiscali.it> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution|--- |WONTFIX --- Comment #5 from Nemo <federicol...@tiscali.it> --- (In reply to Fomafix from comment #4) > setlang is a security risk. Here is a demonstrator for this risk: > https://bugzilla.wikimedia.org/attachment.cgi?id=14788 Your attachment only proves that the security risk you claim is actually standard behaviour: you have two inclusions there, one of a setlang call and one of userlogout; if userlogout is acceptable, setlang is too. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l