Skip to content
Browse files

(bug 36938) Fix escaping uselang parameter

Quote uselang with double quotes, and add htmlspecialchar escaping
to prevent xss. Update code comments in Language.php to make the
return of getCode more clear.

Change-Id: I6612795e85e0fb0b3a1d10e4352cb649d36abc3f
  • Loading branch information...
1 parent 6002b31 commit b0e92c09fc24af2d50cebfd570a9a93b298b1912 @Stype Stype committed with reedy Jun 1, 2012
Showing with 8 additions and 2 deletions.
  1. +5 −2 includes/SkinTemplate.php
  2. +3 −0 languages/Language.php
View
7 includes/SkinTemplate.php
@@ -324,8 +324,11 @@ function outputPage( OutputPage $out ) {
$lang = $wgLang->getCode();
$dir = $wgLang->getDir();
if ( $lang !== $wgContLang->getCode() || $dir !== $wgContLang->getDir() ) {
- $attrs = " lang='$lang' dir='$dir'";
-
+ $escUserlang = htmlspecialchars( $userlang );
+ $escUserdir = htmlspecialchars( $userdir );
+ // Attributes must be in double quotes because htmlspecialchars() doesn't
+ // escape single quotes
+ $attrs = " lang=\"$escUserlang\" dir=\"$escUserdir\"";
$tpl->set( 'userlangattributes', $attrs );
// The content of SpecialPages should be presented in the
View
3 languages/Language.php
@@ -2788,6 +2788,9 @@ function getLangObj() {
/**
* Get the RFC 3066 code for this language object
+ *
+ * NOTE: The return value of this function is NOT HTML-safe and must be escaped with
+ * htmlspecialchars() or similar
*/
function getCode() {
return $this->mCode;

0 comments on commit b0e92c0

Please sign in to comment.
Something went wrong with that request. Please try again.