Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix: unsanitized shortdesc property
  • Loading branch information
alistair3149 committed Jan 21, 2022
1 parent 7aed6bb commit 7c86644
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion includes/Hooks/ActionsHooks.php
Expand Up @@ -32,7 +32,7 @@ public function onInfoAction( $context, &$pageInfo ) {

$pageInfo['header-basic'][] = [
$context->msg( 'shortdescription-info-label' ),
$shortdesc
htmlspecialchars( $shortdesc )
];
}
}
2 changes: 1 addition & 1 deletion modules/ext.shortDescription.js
Expand Up @@ -7,7 +7,7 @@ function main() {
// Wikipedia uses shortdescription class
// Added for gadgets and extension compatibility
tagline.classList.add( 'ext-shortdesc', 'shortdescription' );
tagline.innerHTML = shortdesc;
tagline.innerHTML = mw.html.escape( shortdesc );
}
}

Expand Down

0 comments on commit 7c86644

Please sign in to comment.