* Update extensions/Math from branch 'REL1_43'
to 83e7004b43d72a4c94c3a9a692b5c9e2ece0f5de
- Localisation updates from https://translatewiki.net.
Change-Id: I18c56227c0f33f1dcbe96f99682ab5c67ec3fe33
* Update extensions/Linter from branch 'REL1_43'
to 54be10ec80f60f46ee3295feffc94c685a869cee
- Localisation updates from https://translatewiki.net.
Change-Id: I36eacba73c47e93b214296141d8f294c77b10358
* Update extensions/DiscussionTools from branch 'REL1_43'
to 4c31142b3b9e1e835e900a8f8333b4290aca542f
- Localisation updates from https://translatewiki.net.
Change-Id: I1beb55de7b978028c2b7c3dba2496ddece756579
* Update extensions/Echo from branch 'REL1_43'
to c9279d7ba70b5cb482b6ea2edddb7243a5ed2db7
- Localisation updates from https://translatewiki.net.
Change-Id: Ie15937e1ce49cd733ba46d983a8c0cc1bde0e8bc
* Update extensions/ConfirmEdit from branch 'REL1_43'
to aad335c0969b5487b8f34bcfaa8f99f707b872fd
- Localisation updates from https://translatewiki.net.
Change-Id: I9b81b7b6324ec4da0652c77b74a1308d925cbcf6
* Update extensions/Cite from branch 'REL1_43'
to daf2831093d8378184ee85fd2ed00483bffa1e9c
- Localisation updates from https://translatewiki.net.
Change-Id: Ic63a1dbcb651bcca6920574c0efcf7c6f552ba2e
* Update extensions/AbuseFilter from branch 'REL1_43'
to 7dd7fefcbb31ae6c3530842a40e6a4638bd54fc0
- Localisation updates from https://translatewiki.net.
Change-Id: I0f9540cdcf7aed7740716be066879373a888a136
* Update skins/MinervaNeue from branch 'REL1_43'
to 30218160a02a789c1b155d8fed9560b1f1195e7d
- Localisation updates from https://translatewiki.net.
Change-Id: I3a83628dda4ff7e3a95a5ccf3a1815886edcedea
* Update skins/Vector from branch 'REL1_43'
to 5e7863738f126133411a9b37a3393c6a9b74d615
- Localisation updates from https://translatewiki.net.
Change-Id: I31bcb848ae5b3ce6056f6f4d87a7bed4cd2157cd
* Update skins/Timeless from branch 'REL1_43'
to c041b68c339fc1de27dcc437b9a923357474fec7
- Localisation updates from https://translatewiki.net.
Change-Id: I3a83628dda4ff7e3a95a5ccf3a1815886edcedea
* Update extensions/VisualEditor from branch 'REL1_43'
to 71c2969e32dd2d7e5beda63726ad3551e9a3bd83
- Localisation updates from https://translatewiki.net.
Change-Id: Icccf31fc99f4e997f5716ca4f1f1d8a1b82feab6
* Update extensions/WikiEditor from branch 'REL1_43'
to fa9835f176c00c83e314053cfd10ee9d6950902d
- Localisation updates from https://translatewiki.net.
Change-Id: Id8869b47763afd21f706b250ddcaba1296ae5132
* Update extensions/TitleBlacklist from branch 'REL1_43'
to d7aa46bf0af880c98526bf1ab623d5b1ff29ec28
- Localisation updates from https://translatewiki.net.
Change-Id: Ib6aeb7a98da6a57986fbb14fb901b37e3fb6ffff
* Update extensions/Thanks from branch 'REL1_43'
to 322717030c3af08867b1ec5d43255b6d5818aa04
- Localisation updates from https://translatewiki.net.
Change-Id: I0f3ac7cb495dfde3a1df52243d61649c23e31e1c
* Update extensions/TemplateData from branch 'REL1_43'
to e25ded1ddd1812ec0bc657bc35706cadf21c9954
- Localisation updates from https://translatewiki.net.
Change-Id: Ieaf52e3816f47a25f001d1683fc3272ae46ba9dd
* Update extensions/SpamBlacklist from branch 'REL1_43'
to d235088a0436b5804f858d4be46b14f4a9ba649e
- Localisation updates from https://translatewiki.net.
Change-Id: Iecabe42945a550db0e382b565481f65f86c01a4a
* Update extensions/OATHAuth from branch 'REL1_43'
to 4b932a2838ec4f1411331954e534aff015c61a39
- Localisation updates from https://translatewiki.net.
Change-Id: I1721922c6379bdaaef6c61c3cb6fd131ba1de003
* Update extensions/DiscussionTools from branch 'REL1_43'
to 44e8def7ac58aaba6bc4dfcb9e8a63f07dd2745c
- Localisation updates from https://translatewiki.net.
Change-Id: I00b4c9bb5cb7481ff46f13ee3412784923be2898
* Update extensions/Echo from branch 'REL1_43'
to 28f335a9f21bfb9eab4745607f4bd20a93e08fd5
- Localisation updates from https://translatewiki.net.
Change-Id: Ibfa2b561ed55b350bc52b14d3116a3e0dac7f0fc
* Update extensions/ConfirmEdit from branch 'REL1_43'
to cf5029dedcbc78c009c721c95aaaeb1ba67acaa7
- Localisation updates from https://translatewiki.net.
Change-Id: Ifc81bf8e8f215969da4c11076123f358dda40554
* Update extensions/Cite from branch 'REL1_43'
to fe8c6380627e9c69e8f744e554c6299225c0e678
- Localisation updates from https://translatewiki.net.
Change-Id: Ia73d53368d1153102621cba8d9763a95430d3f2c
* Update extensions/CategoryTree from branch 'REL1_43'
to 57e489715e48f2180d3b399708525dcdcae4fb00
- Localisation updates from https://translatewiki.net.
Change-Id: I90d45252e27a59644920774ed8f8a0ca8d650543
* Update extensions/AbuseFilter from branch 'REL1_43'
to 442baabd79ef96935b213287e0251606594946a1
- Localisation updates from https://translatewiki.net.
Change-Id: I6faebaafe86a27a38012f8de05acdef91c8db37e
Before commit 5d317c2, this encoding happens in the parser before
calling the ParserAfterTidy hook, at this stage, the input usually
don't contain any raw-text elements, all good;
After commit 5d317c2 but before the core is actively using the
RemexCompatFormatter for OutputTransform, the bug can only be triggered
by extensions. But for now, the transform can happen on every page
with a ToC.
The issue and the fix is similar to T255007 and commit c44a395, which
5d317c2 follows-up to, so I am a bit confused why this stays broken.
Bug: T406391
Change-Id: I41959bf5ee243bdcfba571eb8f121fb571d960db
(cherry picked from commit e928409b4f7a81a8ee02d563c18829d5524e0fa6)
Usages were migrated in 7b791474a5,
but 7a21b9a032 added a new one
Follows-Up: I6536ef2909caeed047447e8b6a25831d6f00d827
Change-Id: I7360ea3d79e509b602b3e3c572e3a4c3eb8877ff
(cherry picked from commit e72b45b6cc0314a3591a7f3462018aad40d8096e)
* Update skins/Vector from branch 'REL1_43'
to abff63a12777ddc43037de1b1df7e5a2f506c23c
- Localisation updates from https://translatewiki.net.
Change-Id: I67a420df7180f5523dab3d9d676c4de48c7d634e
* Update skins/Timeless from branch 'REL1_43'
to 09c355c4531fe018f45b8161a5ac20a7bf8ce3f2
- Localisation updates from https://translatewiki.net.
Change-Id: I4d11f27f39ae147b0a4e76254de482277af7c7ce
* Update skins/MinervaNeue from branch 'REL1_43'
to 4b5570e6b9a56a4ec3c8c940602027ada5faed8f
- Localisation updates from https://translatewiki.net.
Change-Id: I372fb4d81c1d004655a53cf025a58843ae2d2d65
* Update extensions/VisualEditor from branch 'REL1_43'
to c0a4f2367acbb346273206e456c92e8f0f0a133c
- Localisation updates from https://translatewiki.net.
Change-Id: Icc99dca4af984a4ab0414adc42b289b8b5c073d4
* Update extensions/WikiEditor from branch 'REL1_43'
to 114830b9351f3eac3dfc7d7a47d5c781bef85805
- Localisation updates from https://translatewiki.net.
Change-Id: I8d143481efdfa3d2bb957a32156226fda29384c6
* Update extensions/Thanks from branch 'REL1_43'
to a9519c39a352843d21523a815a1213d1c9b96c4f
- Localisation updates from https://translatewiki.net.
Change-Id: I07b59ddbe1176229c7769db47e60e04daa0a1732
* Update extensions/TemplateData from branch 'REL1_43'
to f5402d7604e0cb2266f9aa28dcf53a4510cd4940
- Localisation updates from https://translatewiki.net.
Change-Id: I54f0a8e77ee82135c73d30b0495c111abb2217bc
* Update extensions/OATHAuth from branch 'REL1_43'
to e3b4c178dca2cdee8930fee23a7c04f032a3831c
- Localisation updates from https://translatewiki.net.
Change-Id: I250c4d3acb1783fe4ffb5cf165387631f7025ac9
* Update extensions/Nuke from branch 'REL1_43'
to f3b2580fc56273a0d869f57e5506bd8dd13eaac6
- Localisation updates from https://translatewiki.net.
Change-Id: I297a30559f34a75a996a746c0e28396dde38855f
* Update extensions/Math from branch 'REL1_43'
to 490f3997f63c15f30fdce0c2ea20a0585a618230
- Localisation updates from https://translatewiki.net.
Change-Id: I1ddc18f49eff9ba83912dc0733fcb66f4bf0db3d
* Update extensions/InputBox from branch 'REL1_43'
to daddb65011e475dfbf3bd7b379056d93d4c87f89
- Localisation updates from https://translatewiki.net.
Change-Id: I6f5d14111f391df2db791dd840b1c44e921d6d7f
* Update extensions/Gadgets from branch 'REL1_43'
to a2a34286eb5882e69a8bc99022fad864bce27807
- Localisation updates from https://translatewiki.net.
Change-Id: Id23956fe5ae73cd891006b514ce8dac1ff0ced8f
* Update extensions/DiscussionTools from branch 'REL1_43'
to 7d219325abe90ea1a41d6e42812f873b8725a960
- Localisation updates from https://translatewiki.net.
Change-Id: I2b736906784816311832425168653a59c480a5d6
* Update extensions/Echo from branch 'REL1_43'
to 8edc16dc8ffc74b370124710fc912813cd5f4030
- Localisation updates from https://translatewiki.net.
Change-Id: I20dd04716614c0b2880ab8a0a6a14c6900041b7a
* Update extensions/Cite from branch 'REL1_43'
to 2afd79cd200024eb68370031e4a3e1505964d32a
- Localisation updates from https://translatewiki.net.
Change-Id: Idb24f0c66f4ef640f3f6f9384520cbb44d7a855c
* Update extensions/AbuseFilter from branch 'REL1_43'
to 3f0366cdbbbf0f5c1691f8b07e7b54a2b7613ace
- Localisation updates from https://translatewiki.net.
Change-Id: I33dc5181ba52675a54913baf231733170f46c201
Why:
- DeduplicateStyles runs as a default post-cache output transformation
for every backend pageview. It tokenizes the article HTML via Remex to
deduplicate style nodes within.
- This is expensive for large pages. On the Barack Obama page, the
transform takes 350+ ms on a parser cache hit.
- Some other transforms, like HandleSectionLinks, already use regexes to
only run Remex-driven transforms on relevant elements to avoid a
potentially expensive tokenization of the whole page.
What:
- Use a regular expression to limit this transform so that it only
tokenizes potential <style> nodes. This takes ~2ms to execute on a
large page[1], compared to ~166ms currently.
- Restrict this optimization to legacy parser output transformations,
since the naïve regex used might otherwise match encoded style tags
within data-parsoid attribute values, as described in
I32d3d1772243c3819e1e1486351d16871b6e21c4.
Add a test for this.
[1] https://en.m.wikipedia.org/wiki/Democratic_Party_(United_States)?action=render
Bug: T394059
Change-Id: I33ebcc2da7685b4b6dafdad3ed3ef2a9edea9a00
(cherry picked from commit 02f69d5dc99a964981c57b597eedffa1f253a14c)
This reverts commit 596c2615de.
Reason for revert: This has already been fixed in
I7fe42df7b9a3fd97eaf89515b7c1afb5ae3e688c. This second patch does not
address the issue properly and causes strings to be double escaped that
should only be escaped once.
Full reasoning:
* The parameter is now marked as `@param-taint $buttonLabel exec_html`
since the fix for T402313
* All callers outside of HTMLButtonField escape the label now
* There is another method call in HTMLButtonField, which passes the
`buttonLabel` property to the function. This property is assigned
in the following places:
** L63: Parsed message
** L67: String literal with a unicode character
** L69: Escaped string
** L72: Intentionally raw HTML string
** L126: `$this->getDefault()`, which will be escaped again in that line
after this patch is reverted
Bug: T394396
Change-Id: Ifc982e93c3cf2b6658cb8943eb717cb7a2aea7f5
* Update extensions/Thanks from branch 'REL1_43'
to 7b1006569a9b8b228fbf4306162dd731f30b8209
- SECURITY: Exclude deleted entries when counting thanks
CVE-2025-61654
Why:
- `ThanksQueryHelper` counts all thanks, even those that user is not
authorized to see.
What:
- Count only those thanks, which are visible to everybody
(`log_deleted` = 0).
- May be later extended to take into account the permissions of the
current user.
Bug: T397497
Change-Id: Idbc1b5a288ffaa7074eedcbac066358a8ec649dc
(cherry picked from commit ceea84f682ac52fe521b02733fb718add296efde)
CVE-2025-11261
It should be possible to use the result of this method as HTML
without introducing i18n XSSs.
The PHP-equivalent Language::listToText also escapes the messages.
This fixes a stored i18n XSS in CheckUser.
Bug: T406322
Change-Id: Ieb809b043dec288e92356d8f6492d22340c8c3f6
(cherry picked from commit d951fa4ff07a96907b023e4f7e5dd7c630a78fc1)
