diff options
| author | Brion Vibber <brion@users.mediawiki.org> | 2005-06-03 14:50:34 +0000 |
|---|---|---|
| committer | Brion Vibber <brion@users.mediawiki.org> | 2005-06-03 14:50:34 +0000 |
| commit | 6a2ec5877b26cb417921fef66c5b6aa6db4b954d (patch) | |
| tree | cf201d5a80ca4677053cdcdca40c66d9b7dd3b29 /includes | |
| parent | cfa06c17aede70ef8d6744bf80672ca36f6c977c (diff) | |
| download | mediawikicore-1.5.0alpha2.tar.gz mediawikicore-1.5.0alpha2.zip | |
Bump to 1.5alpha21.5.0alpha2
Notes
Notes:
http://mediawiki.org/wiki/Special:Code/MediaWiki/9316
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/DefaultSettings.php | 2 | ||||
| -rw-r--r-- | includes/Sanitizer.php | 14 |
2 files changed, 15 insertions, 1 deletions
diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index bba8c6dc3811..ffb26c194be9 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -18,7 +18,7 @@ if( !defined( 'MEDIAWIKI' ) ) { } /** MediaWiki version number */ -$wgVersion = '1.5alpha1'; +$wgVersion = '1.5alpha2'; /** Name of the site. It must be changed in LocalSettings.php */ $wgSitename = 'MediaWiki'; diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php index 40016d93b2d1..9f05ed87cd86 100644 --- a/includes/Sanitizer.php +++ b/includes/Sanitizer.php @@ -539,6 +539,20 @@ class Sanitizer { continue; } + # Templates and links may be expanded in later parsing, + # creating invalid or dangerous output. Suppress this. + $value = strtr( $value, array( + '{' => '{', + '[' => '[', + "''" => '''', + 'ISBN' => 'ISBN', + 'RFC' => 'RFC', + 'PMID' => 'PMID', + ) ); + $value = preg_replace( + '/(' . URL_PROTOCOLS . '):/', + '\\1:', $value ); + if( !isset( $attribs[$attribute] ) ) { $attribs[$attribute] = "$attribute=\"$value\""; } |