dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SECURITY: XSS in unclosed internal links
[lhc/web/wiklou.git]
/
includes
/
parser
/
Parser.php
diff --git
a/includes/parser/Parser.php
b/includes/parser/Parser.php
index
206ad00
..
38eb621
100644
(file)
--- a/
includes/parser/Parser.php
+++ b/
includes/parser/Parser.php
@@
-2158,7
+2158,7
@@
class Parser {
$might_be_img = true;
$text = $m[2];
if ( strpos( $m[1], '%' ) !== false ) {
$might_be_img = true;
$text = $m[2];
if ( strpos( $m[1], '%' ) !== false ) {
- $m[1] =
rawurldecode( $m[1]
);
+ $m[1] =
str_replace( [ '<', '>' ], [ '<', '>' ], rawurldecode( $m[1] )
);
}
$trail = "";
} else { # Invalid form; output directly
}
$trail = "";
} else { # Invalid form; output directly
@@
-4364,11
+4364,7
@@
class Parser {
$this->startParse( $title, $options, self::OT_WIKI, $clearState );
$this->setUser( $user );
$this->startParse( $title, $options, self::OT_WIKI, $clearState );
$this->setUser( $user );
- $pairs = [
- "\r\n" => "\n",
- "\r" => "\n",
- ];
- $text = str_replace( array_keys( $pairs ), array_values( $pairs ), $text );
+ $text = str_replace( [ "\r\n", "\r" ], "\n", $text );
if ( $options->getPreSaveTransform() ) {
$text = $this->pstPass2( $text, $user );
}
if ( $options->getPreSaveTransform() ) {
$text = $this->pstPass2( $text, $user );
}