Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/includes/upload
History
csteipp b7ee3aca38 SECURITY: Always expand xml entities when checking SVG's 
XmlTypeCheck's use of xml_parse for filtering SVG's sometimes left xml
entities unexpanded, which can lead to false-negatives when the
callback was used for filtering. Update XmlTypeCheck to use XMLReader
instead, tell the library to fully expand entities, and rely on the
library to error out if it encounters XML that is likely to cause a DoS
if parsed.

Bug: T88310
Change-Id: I77c77a2d6d22f549e7ef969811f7edd77a45dbba
2015-04-01 09:56:20 -07:00
..
UploadBaseTest.php SECURITY: Always expand xml entities when checking SVG's 2015-04-01 09:56:20 -07:00
UploadFromUrlTest.php UploadFromUrlTest: Don't reference skins/common/ (via bits.wm.o) 2014-09-05 20:37:53 +02:00
UploadStashTest.php test: Clean up data providers that should be static 2014-09-18 12:52:44 -07:00