Page MenuHomePhabricator
Create Task
Maniphest T42551

Check insertDefaultSites in Utils.php
Closed, ResolvedPublic
Actions

Description

Version: unspecified
Severity: normal
Whiteboard: storypoints: 2

Details

Reference
bz40551

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 12:44 AM
bzimport added a project: MediaWiki-extensions-WikibaseRepository.
bzimport set Reference to bz40551.
bzimport added a subscriber: Unknown Object (MLST).
Abraham created this task.Sep 27 2012, 11:12 AM
jeblad added a comment.Sep 28 2012, 10:34 AM

The way that you're passing in a function to insertDefaultSites in Utils.php makes a security evaluation difficult. I'm not sure what your intent was behind that syntax, but it would be better to either have a whitelist of function names, or possibly use the builtin debugging functions if you're only trying to get debugging information.

johl added a comment.Oct 1 2012, 10:55 AM

Fixed by Tim Starling in I394c33f3ef06d09bae32fa875a33c93b3131daed

AnjaJentzsch added a comment.Nov 29 2012, 12:42 PM

Verified in Wikidata demo time for sprint 18

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL