PEAR Bug Search Results
http://pear.php.net/bugs/search.php?cmd=display&package_name%5B0%5D=Text_Wiki_Mediawiki&PHPSESSID=jfurjajqpt756h6fllnlhpl8t0
Search Resultsen-uspear-webmaster@lists.php.netpear-webmaster@lists.php.nethourly12000-01-01T12:00+00:00PEAR Bugshttp://pear.php.net/gifs/pearsmall.gif
http://pear.php.net/bugs
Text_Wiki_Mediawiki: Bug 16701 [Open] XSS with Tables possible
http://pear.php.net/bugs/16701
Text_Wiki_Mediawiki Bug
Reported by jurik
2009-10-15T10:15:16+00:00
PHP: 5.2.5 OS: Linux Package Version: 0.2.0
Description:
------------
One can inject javascript code in table definitions.
Our resolution:
in Parse/Mediawiki/Table.php
-----------------------
--- add code ---
/**
* Remove all bogus formatting
* Allowed are key="value" pairs only
*
* @param string $format
* @return string
*/
private function _cleanupFormat($format)
{
$validAttrs = array();
// regex pitch: (\w) = ["'] (.*) ["']
if (preg_match_all('/\s*(\w+)\s*=\s*(["\'])(.*)\\2/U', $format, $matches)) {
for ($i = 0; $i < count($matches[0]); $i++) {
$validAttrs[] = $matches[1][$i] . '="' . htmlspecialchars($matches[3][$i], ENT_QUOTES) . '"';
}
}
return implode(' ', $validAttrs);
}
----------------------
--- around line 170 replace with ---
if ($format = trim($matches[1])) {
$param['format'] = $this->_cleanupFormat($format);
}
---
Test script:
---------------
You can try to render this snippet:
{| ><script>alert('gotcha!');</script
|}
Actual result:
--------------
javascript gets executed]]>Text_Wiki_Mediawiki Bug
Reported by jurik
2009-10-15T10:15:16+00:00
PHP: 5.2.5 OS: Linux Package Version: 0.2.0
Description:
------------
One can inject javascript code in table definitions.
Our resolution:
in Parse/Mediawiki/Table.php
-----------------------
--- add code ---
/**
* Remove all bogus formatting
* Allowed are key="value" pairs only
*
* @param string $format
* @return string
*/
private function _cleanupFormat($format)
{
$validAttrs = array();
// regex pitch: (\w) = ["'] (.*) ["']
if (preg_match_all('/\s*(\w+)\s*=\s*(["\'])(.*)\\2/U', $format, $matches)) {
for ($i = 0; $i < count($matches[0]); $i++) {
$validAttrs[] = $matches[1][$i] . '="' . htmlspecialchars($matches[3][$i], ENT_QUOTES) . '"';
}
}
return implode(' ', $validAttrs);
}
----------------------
--- around line 170 replace with ---
if ($format = trim($matches[1])) {
$param['format'] = $this->_cleanupFormat($format);
}
---
Test script:
---------------
You can try to render this snippet:
{| ><script>alert('gotcha!');</script
|}
Actual result:
--------------
javascript gets executed]]>2009-10-15T10:15:16+00:00mail at jurikuehn dot deText_Wiki_Mediawiki BugText_Wiki_Mediawiki: Feature/Change Request 8504 [Open] MediaWiki citation format
http://pear.php.net/bugs/8504
Text_Wiki_Mediawiki Feature/Change Request
Reported by bjs5075@...
2006-08-18T09:26:45+00:00
PHP: 5.1.4 OS: Debian etch Package Version: CVS
Description:
------------
I have created a MediaWiki-style citation parser/renderer
this spans more than one PEAR package, and is quite
specific to mediawiki, so I'm posting the notice here.
There are four files involved, so I don't want to paste
them in here.
If you want the files, you can email me directly.
I don't know if you will be able to easily integrate them,
but I want to release the source now so that it can be
worked on later.
Test script:
---------------
Citation format:
text1<ref>reference text</ref>
text2<ref name="this">that</ref>
text3<ref name="this" />
text4<ref name="this">
etc.
<references />
Expected result:
----------------
text1 [1]
text2 [2]
text3 [2]
text4 [2]
1. ^ reference text
2. ^abc that
Actual result:
--------------
Currently no support]]>Text_Wiki_Mediawiki Feature/Change Request
Reported by bjs5075@...
2006-08-18T09:26:45+00:00
PHP: 5.1.4 OS: Debian etch Package Version: CVS
Description:
------------
I have created a MediaWiki-style citation parser/renderer
this spans more than one PEAR package, and is quite
specific to mediawiki, so I'm posting the notice here.
There are four files involved, so I don't want to paste
them in here.
If you want the files, you can email me directly.
I don't know if you will be able to easily integrate them,
but I want to release the source now so that it can be
worked on later.
Test script:
---------------
Citation format:
text1<ref>reference text</ref>
text2<ref name="this">that</ref>
text3<ref name="this" />
text4<ref name="this">
etc.
<references />
Expected result:
----------------
text1 [1]
text2 [2]
text3 [2]
text4 [2]
1. ^ reference text
2. ^abc that
Actual result:
--------------
Currently no support]]>2006-08-18T09:26:45+00:00bjs5075 at rit dot eduText_Wiki_Mediawiki Feature/Change Request