Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/includes/parser
History
Brian Wolff 1c7889446d SECURITY: Disable <html> tag on system messages despite $wgRawHtml = true; 
System messages may take parameters from untrusted sources. This
may include taking parameters from urls given by unauthenticated
users even if the wiki is a read-only wiki. Allowing <html> tags
in such a context seems like an accident waiting to happen.

Bug: T156184
Change-Id: I661f482986d319cf41da1d3e7b20a0f028a42e90
2017-03-28 21:51:44 +00:00
..
BlockLevelPass.php includes: Replace implicit Bugzilla bug numbers with Phab ones 2017-02-21 18:13:24 +00:00
CacheTime.php
CoreParserFunctions.php includes: Replace implicit Bugzilla bug numbers with Phab ones 2017-02-21 18:13:24 +00:00
CoreTagHooks.php SECURITY: Disable <html> tag on system messages despite $wgRawHtml = true; 2017-03-28 21:51:44 +00:00
DateFormatter.php Miscellaneous indentation tweaks 2017-02-27 19:23:54 +01:00
LinkHolderArray.php Replace use of &$this 2017-01-31 23:01:54 -05:00
MWTidy.php Add RemexHtml to the list of available Tidy drivers 2017-03-09 10:19:23 +11:00
Parser.php Add a tracking category when a template loop is detected 2017-03-17 11:52:38 +00:00
ParserCache.php includes: Replace implicit Bugzilla bug numbers with Phab ones 2017-02-21 18:13:24 +00:00
ParserDiffTest.php
ParserOptions.php SECURITY: Disable <html> tag on system messages despite $wgRawHtml = true; 2017-03-28 21:51:44 +00:00
ParserOutput.php includes: Replace implicit Bugzilla bug numbers with Phab ones 2017-02-21 18:13:24 +00:00
Preprocessor.php Protect language converter markup in the preprocessor. 2016-12-15 23:50:44 +00:00
Preprocessor_DOM.php includes: Replace implicit Bugzilla bug numbers with Phab ones 2017-02-21 18:13:24 +00:00
Preprocessor_Hash.php includes: Replace implicit Bugzilla bug numbers with Phab ones 2017-02-21 18:13:24 +00:00
StripState.php