$badtag = true;
}
}
- } else {
- if ( $t == 'table' ) {
- $tagstack = array_pop( $tablestack );
- }
+ } elseif ( $t == 'table' ) {
+ $tagstack = array_pop( $tablestack );
}
$newparams = '';
} else {
| image\s*\(
| image-set\s*\(
| attr\s*\([^)]+[\s,]+url
+ | var\s*\(
!ix', $value ) ) {
return '/* insecure input */';
}
/**
* Given a string containing a space delimited list of ids, escape each id
- * to match ids escaped by the escapeId() function.
- *
- * @todo remove $options completely in 1.32
+ * to match ids escaped by the escapeIdForAttribute() function.
*
* @since 1.27
*
* @param string $referenceString Space delimited list of ids
- * @param string|array $options Deprecated and does nothing.
* @return string
*/
- static function escapeIdReferenceList( $referenceString, $options = [] ) {
- if ( $options ) {
- wfDeprecated( __METHOD__ . ' with $options', '1.31' );
- }
+ public static function escapeIdReferenceList( $referenceString ) {
# Explode the space delimited list string into an array of tokens
$references = preg_split( '/\s+/', "{$referenceString}", -1, PREG_SPLIT_NO_EMPTY );
# such as <math> when it is rasterized, or if $wgAllowImageTag is
# true
'img' => array_merge( $common, [ 'alt', 'src', 'width', 'height', 'srcset' ] ),
-
+ # Attributes for A/V tags added in T163583 / T133673
+ 'audio' => array_merge( $common, [ 'controls', 'preload', 'width', 'height' ] ),
'video' => array_merge( $common, [ 'poster', 'controls', 'preload', 'width', 'height' ] ),
'source' => array_merge( $common, [ 'type', 'src' ] ),
'track' => array_merge( $common, [ 'type', 'src', 'srclang', 'kind', 'label' ] ),
// HTML 5 section 4.5
'figure' => $common,
+ 'figure-inline' => $common, # T118520
'figcaption' => $common,
# HTML 5 section 4.6
dépôts / lhc / web / wiklou.git / blobdiff