'ISO-8859-1',
'ISO-8859-2',
'UTF-16',
- 'UTF-32'
+ 'UTF-32',
+ 'WINDOWS-1250',
+ 'WINDOWS-1251',
+ 'WINDOWS-1252',
+ 'WINDOWS-1253',
+ 'WINDOWS-1254',
+ 'WINDOWS-1255',
+ 'WINDOWS-1256',
+ 'WINDOWS-1257',
+ 'WINDOWS-1258',
];
const SUCCESS = 0;
$error = '';
if ( !Hooks::run( 'UploadVerification',
- [ $this->mDestName, $this->mTempPath, &$error ] )
+ [ $this->mDestName, $this->mTempPath, &$error ], '1.28' )
) {
return [ 'status' => self::HOOK_ABORTED, 'error' => $error ];
}
}
}
- Hooks::run( 'UploadVerifyFile', [ $this, $mime, &$status ] );
- if ( $status !== true ) {
- return $status;
+ $error = true;
+ Hooks::run( 'UploadVerifyFile', [ $this, $mime, &$error ] );
+ if ( $error !== true ) {
+ if ( !is_array( $error ) ) {
+ $error = [ $error ];
+ }
+ return $error;
}
wfDebug( __METHOD__ . ": all clear; passing.\n" );
*/
public function performUpload( $comment, $pageText, $watch, $user, $tags = [] ) {
$this->getLocalFile()->load( File::READ_LATEST );
+ $props = $this->mFileProps;
+
+ $error = null;
+ Hooks::run( 'UploadVerifyUpload', [ $this, $user, $props, $comment, $pageText, &$error ] );
+ if ( $error ) {
+ if ( !is_array( $error ) ) {
+ $error = [ $error ];
+ }
+ return call_user_func_array( 'Status::newFatal', $error );
+ }
$status = $this->getLocalFile()->upload(
$this->mTempPath,
$comment,
$pageText,
File::DELETE_SOURCE,
- $this->mFileProps,
+ $props,
false,
$user,
$tags
return [ 'uploaded-event-handler-on-svg', $attrib, $value ];
}
- # href with non-local target (don't allow http://, javascript:, etc)
+ # Do not allow relative links, or unsafe url schemas.
+ # For <a> tags, only data:, http: and https: and same-document
+ # fragment links are allowed. For all other tags, only data:
+ # and fragment are allowed.
if ( $stripped == 'href'
&& strpos( $value, 'data:' ) !== 0
&& strpos( $value, '#' ) !== 0