Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/includes/rcfeed
History
C. Scott Ananian 9e033de4f2 Don't double-escape the ellipses in Language::truncateForVisual() 
It turns out this gets rid of a bunch of suppressed
"SecurityCheck-DoubleEscaped" that appear to have been accurate
warnings.

There seems to have been some confusion about how ::truncateForVisual()
is supposed to be used; in particular it is to be passed *unescaped*
output, because it is not (generally speaking) safe to truncate
HTML-escaped strings.  The goal of ::truncateForVisual() is to have
a specific number of codepoints in the output for display purposes,
the encoding of those codepoints is not an issue (htmlspecialchars
can be applied to the *return value*.)  If you need a specific number
of *bytes* you should be using ::truncateForDatabase().  If you want
a certain number of *HTML bytes* then the ::truncateHtml() method
is probably what you want.

Slightly refactor some code in RevDelLogItem to avoid a false positive.

Bug: T301205
Bug: T290624
Change-Id: I893362e049aedfa699043fcf27caf4815196f748
2022-02-10 17:09:18 -05:00
..
Hook Document hook names in hook interfaces. 2020-09-27 12:03:12 +02:00
FormattedRCFeed.php
IRCColourfulRCFeedFormatter.php Don't double-escape the ellipses in Language::truncateForVisual() 2022-02-10 17:09:18 -05:00
JSONRCFeedFormatter.php
MachineReadableRCFeedFormatter.php Refactor global variables to use MediaWikiServices instead 2022-01-10 13:55:53 -05:00
RCFeed.php
RCFeedEngine.php
RCFeedFormatter.php Fix some @stable for ... annotations to use @stable to ... 2021-07-08 02:54:59 +00:00
RedisPubSubFeedEngine.php
UDPRCFeedEngine.php
XMLRCFeedFormatter.php