Brian Wolff d4385537bc SECURITY: XSS in search if $wgAdvancedSearchHighlighting = true; ... In the non-default configuration where $wgAdvancedSearchHighlighting is set to true, there is an XSS vulnerability as HTML tags are not properly escaped if the tag spans multiple search results Issue introduced in abf726ea0 (MediaWiki 1.13 and above). Bug: T144845 Change-Id: I2db7888d591b97f1a01bfd3b7567ce6f169874d3		2017-04-06 13:42:44 -07:00
..
AugmentPageProps.php
DummySearchIndexFieldDefinition.php	Fix two instances of calling function with too few args	2016-12-15 13:24:40 -08:00
NullIndexField.php
ParserOutputSearchDataExtractor.php
PerRowAugmentor.php
ResultAugmentor.php	Remove empty lines from PHP and JavaScript comment blocks	2016-12-09 09:01:06 +00:00
ResultSetAugmentor.php	Remove empty lines from PHP and JavaScript comment blocks	2016-12-09 09:01:06 +00:00
SearchDatabase.php	Move IDatabase/IMaintainableDatabase to Rdbms namespace	2017-03-28 15:32:38 -07:00
SearchEngine.php	Add deleted archive titles search	2017-04-05 12:02:35 -07:00
SearchEngineConfig.php
SearchEngineFactory.php	Move IDatabase/IMaintainableDatabase to Rdbms namespace	2017-03-28 15:32:38 -07:00
SearchExactMatchRescorer.php
SearchHighlighter.php	SECURITY: XSS in search if $wgAdvancedSearchHighlighting = true;	2017-04-06 13:42:44 -07:00
SearchIndexField.php
SearchIndexFieldDefinition.php	Allow fields to define their own merge strategy via callback.	2017-03-07 10:36:53 -08:00
SearchMssql.php
SearchMySQL.php
SearchNearMatcher.php
SearchNearMatchResultSet.php
SearchOracle.php
SearchPostgres.php	Remove empty lines at end of functions	2016-11-05 11:55:10 +01:00
SearchResult.php
SearchResultSet.php
SearchSqlite.php
SearchSuggestion.php	Remove empty lines from PHP and JavaScript comment blocks	2016-12-09 09:01:06 +00:00
SearchSuggestionSet.php	Remove empty lines from PHP and JavaScript comment blocks	2016-12-09 09:01:06 +00:00
SqlSearchResultSet.php	Move ResultWrapper subclasses to Rdbms	2017-03-03 00:44:41 +00:00