|
@@ 1372-1376 (lines=5) @@
|
| 1369 |
|
/* |
| 1370 |
|
* check for elements that can contain javascript |
| 1371 |
|
*/ |
| 1372 |
|
if ( $strippedElement == 'script' ) { |
| 1373 |
|
wfDebug( __METHOD__ . ": Found script element '$element' in uploaded file.\n" ); |
| 1374 |
|
|
| 1375 |
|
return [ 'uploaded-script-svg', $strippedElement ]; |
| 1376 |
|
} |
| 1377 |
|
|
| 1378 |
|
# e.g., <svg xmlns="http://www.w3.org/2000/svg"> |
| 1379 |
|
# <handler xmlns:ev="http://www.w3.org/2001/xml-events" ev:event="load">alert(1)</handler> </svg> |
|
@@ 1380-1384 (lines=5) @@
|
| 1377 |
|
|
| 1378 |
|
# e.g., <svg xmlns="http://www.w3.org/2000/svg"> |
| 1379 |
|
# <handler xmlns:ev="http://www.w3.org/2001/xml-events" ev:event="load">alert(1)</handler> </svg> |
| 1380 |
|
if ( $strippedElement == 'handler' ) { |
| 1381 |
|
wfDebug( __METHOD__ . ": Found scriptable element '$element' in uploaded file.\n" ); |
| 1382 |
|
|
| 1383 |
|
return [ 'uploaded-script-svg', $strippedElement ]; |
| 1384 |
|
} |
| 1385 |
|
|
| 1386 |
|
# SVG reported in Feb '12 that used xml:stylesheet to generate javascript block |
| 1387 |
|
if ( $strippedElement == 'stylesheet' ) { |
|
@@ 1387-1391 (lines=5) @@
|
| 1384 |
|
} |
| 1385 |
|
|
| 1386 |
|
# SVG reported in Feb '12 that used xml:stylesheet to generate javascript block |
| 1387 |
|
if ( $strippedElement == 'stylesheet' ) { |
| 1388 |
|
wfDebug( __METHOD__ . ": Found scriptable element '$element' in uploaded file.\n" ); |
| 1389 |
|
|
| 1390 |
|
return [ 'uploaded-script-svg', $strippedElement ]; |
| 1391 |
|
} |
| 1392 |
|
|
| 1393 |
|
# Block iframes, in case they pass the namespace check |
| 1394 |
|
if ( $strippedElement == 'iframe' ) { |
wikimedia /
mediawiki
