git.heureux-cyclage.org - lhc/web/wiklou.git/commit

author	MatmaRex <matma.rex@gmail.com>
	Wed, 22 May 2013 08:48:14 +0000 (10:48 +0200)
committer	MatmaRex <matma.rex@gmail.com>
	Fri, 24 May 2013 13:05:37 +0000 (15:05 +0200)
commit	267b582e1620db8d13684001389c4f2e541f9d39
tree	0cda05af670be4ba5112a9497ea0a8bbcd93e762	tree \| snapshot
parent	3a7e36b2d6f7a77ee1fbc356f277ee4bf0aeb60c	commit \| diff

displaytitle: reject some CSS if $wgRestrictDisplayTitle set

$wgRestrictDisplayTitle is intended to make it possible to simply
copy-and-paste the title text even if it requires some styling like
subscript or superscript. Using a <span style="display: none;" />
broke that expectation, as the text hidden in such way becomes
completely invisible and unselectable. This patch rejects such styles.

Also disallowed 'user-select' and 'visibility', since they both
prevent the user from selecting and/or copying the text as well.

Minor changes in Sanitizer:
* checkCss() was made to pass through values which consist of nothing
  but a single comment, to allow this rejection to display some sort
  of a notification to the user.
* encodeTagAttributes() was added as a counterpart to
  decodeTagAttributes(), pulling some code out of fixTagAttributes().

Bug: 26547
Change-Id: Ie162535b6bcbebce4ee69f6dcc1957ccccc3c672

includes/DefaultSettings.php		diff \| blob \| history
includes/Sanitizer.php		diff \| blob \| history
includes/parser/CoreParserFunctions.php		diff \| blob \| history
tests/parser/parserTests.txt		diff \| blob \| history
tests/phpunit/includes/SanitizerTest.php		diff \| blob \| history