|
@@ 1219-1225 (lines=7) @@
|
| 1216 |
|
$encodingRegex = '!encoding[ \t\n\r]*=[ \t\n\r]*[\'"](.*?)[\'"]!si'; |
| 1217 |
|
|
| 1218 |
|
if ( preg_match( "!<\?xml\b(.*?)\?>!si", $contents, $matches ) ) { |
| 1219 |
|
if ( preg_match( $encodingRegex, $matches[1], $encMatch ) |
| 1220 |
|
&& !in_array( strtoupper( $encMatch[1] ), self::$safeXmlEncodings ) |
| 1221 |
|
) { |
| 1222 |
|
wfDebug( __METHOD__ . ": Found unsafe XML encoding '{$encMatch[1]}'\n" ); |
| 1223 |
|
|
| 1224 |
|
return true; |
| 1225 |
|
} |
| 1226 |
|
} elseif ( preg_match( "!<\?xml\b!si", $contents ) ) { |
| 1227 |
|
// Start of XML declaration without an end in the first $wgSVGMetadataCutoff |
| 1228 |
|
// bytes. There shouldn't be a legitimate reason for this to happen. |
|
@@ 1247-1253 (lines=7) @@
|
| 1244 |
|
$str = iconv( $encoding, 'UTF-8', $contents ); |
| 1245 |
|
MediaWiki\restoreWarnings(); |
| 1246 |
|
if ( $str != '' && preg_match( "!<\?xml\b(.*?)\?>!si", $str, $matches ) ) { |
| 1247 |
|
if ( preg_match( $encodingRegex, $matches[1], $encMatch ) |
| 1248 |
|
&& !in_array( strtoupper( $encMatch[1] ), self::$safeXmlEncodings ) |
| 1249 |
|
) { |
| 1250 |
|
wfDebug( __METHOD__ . ": Found unsafe XML encoding '{$encMatch[1]}'\n" ); |
| 1251 |
|
|
| 1252 |
|
return true; |
| 1253 |
|
} |
| 1254 |
|
} elseif ( $str != '' && preg_match( "!<\?xml\b!si", $str ) ) { |
| 1255 |
|
// Start of XML declaration without an end in the first $wgSVGMetadataCutoff |
| 1256 |
|
// bytes. There shouldn't be a legitimate reason for this to happen. |
wikimedia /
mediawiki
