dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 246bebe)
HttpError: Consistently escape document title
authorTimo Tijhof <krinklemail@gmail.com>
Sun, 24 May 2015 12:39:15 +0000 (14:39 +0200)
committerTimo Tijhof <krinklemail@gmail.com>
Mon, 1 Jun 2015 13:58:19 +0000 (14:58 +0100)
Wasn't actually a vulnerability because HttpStatus::getMessage
can only return one of a fixed set of values which are all plain
text without any special characters. However the return value
there is meant to plain text and not html, so just like
Html::element and other interfaces, things should be consitently
escaped.

Also renamed variables for clarity.

Change-Id: I8b61d7e9ea4101e3a9ef5f9a59a97db45aeef68c

includes/exception/HttpError.php patch | blob | history

diff --git a/includes/exception/HttpError.php b/includes/exception/HttpError.php
index b81c573..21d493a 100644 (file)
--- a/includes/exception/HttpError.php
+++ b/includes/exception/HttpError.php
@@ -113,21 +113,21 @@ class HttpError extends MWException {
         */
        public function getHTML() {
                if ( $this->header === null ) {
-                       $header = HttpStatus::getMessage( $this->httpCode );
+                       $titleHtml = htmlspecialchars( HttpStatus::getMessage( $this->httpCode ) );
                } elseif ( $this->header instanceof Message ) {
-                       $header = $this->header->escaped();
+                       $titleHtml = $this->header->escaped();
                } else {
-                       $header = htmlspecialchars( $this->header );
+                       $titleHtml = htmlspecialchars( $this->header );
                }
 
                if ( $this->content instanceof Message ) {
-                       $content = $this->content->escaped();
+                       $contentHtml = $this->content->escaped();
                } else {
-                       $content = htmlspecialchars( $this->content );
+                       $contentHtml = htmlspecialchars( $this->content );
                }
 
                return "<!DOCTYPE html>\n" .
-               "<html><head><title>$header</title></head>\n" .
-               "<body><h1>$header</h1><p>$content</p></body></html>\n";
+               "<html><head><title>$titleHtml</title></head>\n" .
+               "<body><h1>$header</h1><p>$contentHtml</p></body></html>\n";
        }
 }
Wiklou, le Wiki du Wiklou