Last modified: 2011-11-22 23:02:16 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T34154, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 32154 - Extension:CSS does not sanitize CSS from article pages
Extension:CSS does not sanitize CSS from article pages
Status: RESOLVED FIXED
Product: MediaWiki extensions
Classification: Unclassified
CSS (Other open bugs)
unspecified
All All
: Unprioritized normal (vote)
: ---
Assigned To: Rusty Burchfield
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-11-02 21:01 UTC by Rusty Burchfield
Modified: 2011-11-22 23:02 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Rusty Burchfield 2011-11-02 21:01:21 UTC 
The extension should add a custom URL parameter to the link and hook into RawPageViewBeforeOutput to sanitize CSS requests with that parameter.

Inline CSS is already sanitized, and "external" files can't/shouldn't be sanitized.  However, the same custom URL parameter must be appended to "external" includes so if they are actually referencing wiki pages, they will be sanitized appropriately.

"external" URLs should also be expanded and verified to be inside the base (to prevent "../../").
Comment 1 Rusty Burchfield 2011-11-03 02:59:21 UTC 
I also need to turn the inline styles into a link tag to eliminate any injection possibility there.
Comment 2 Rusty Burchfield 2011-11-20 19:41:36 UTC 
Should be taken care of in r103771.
Comment 3 Platonides 2011-11-20 22:32:43 UTC 
I don0t think goign through javascript would be needed.
Comment 4 Rusty Burchfield 2011-11-20 22:51:54 UTC 
(In reply to comment #3)
> I don0t think goign through javascript would be needed.

Care to elaborate?
Comment 5 Platonides 2011-11-22 23:02:16 UTC 
We have code for CSS sanitizing in other parts of MediaWiki, the CSSMin class is able to remap and datify css urls... I'm not an expert with that part, but I think the needed pieces should be there.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links