dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SECURITY: Do not allow user scripts on Special:PasswordReset
[lhc/web/wiklou.git]
/
includes
/
specials
/
SpecialPasswordReset.php
diff --git
a/includes/specials/SpecialPasswordReset.php
b/includes/specials/SpecialPasswordReset.php
index
84292f3
..
51fcae7
100644
(file)
--- a/
includes/specials/SpecialPasswordReset.php
+++ b/
includes/specials/SpecialPasswordReset.php
@@
-74,6
+74,15
@@
class SpecialPasswordReset extends FormSpecialPage {
parent::checkExecutePermissions( $user );
}
parent::checkExecutePermissions( $user );
}
+ /**
+ * @param string $par
+ */
+ public function execute( $par ) {
+ $out = $this->getOutput();
+ $out->disallowUserJs();
+ parent::execute( $par );
+ }
+
protected function getFormFields() {
$resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
$a = [];
protected function getFormFields() {
$resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
$a = [];