dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SECURITY: Don't allow loading unprotected JS files
[lhc/web/wiklou.git]
/
includes
/
WebRequest.php
diff --git
a/includes/WebRequest.php
b/includes/WebRequest.php
index
6f0307d
..
c6ddf81
100644
(file)
--- a/
includes/WebRequest.php
+++ b/
includes/WebRequest.php
@@
-141,7
+141,7
@@
class WebRequest {
$router->add( "$wgScript/$1" );
if ( isset( $_SERVER['SCRIPT_NAME'] )
$router->add( "$wgScript/$1" );
if ( isset( $_SERVER['SCRIPT_NAME'] )
- && preg_match( '/\.php
5?
/', $_SERVER['SCRIPT_NAME'] )
+ && preg_match( '/\.php/', $_SERVER['SCRIPT_NAME'] )
) {
# Check for SCRIPT_NAME, we handle index.php explicitly
# But we do have some other .php files such as img_auth.php
) {
# Check for SCRIPT_NAME, we handle index.php explicitly
# But we do have some other .php files such as img_auth.php
@@
-432,7
+432,7
@@
class WebRequest {
* selected by a drop-down menu). For freeform input, see getText().
*
* @param string $name
* selected by a drop-down menu). For freeform input, see getText().
*
* @param string $name
- * @param string $default Optional default (or null)
+ * @param string
|null
$default Optional default (or null)
* @return string|null
*/
public function getVal( $name, $default = null ) {
* @return string|null
*/
public function getVal( $name, $default = null ) {