Wikimedia Meta-Wiki

EdmundMielach

Latest comment: 16 years ago by Flominator in topic Feature request: Info button
Learn more about this page

someone pointed out User:EdmundMielach/FileProtocolLinks to me recently. looking at the source, it doesn't seem like you escape HTML in the URL input, so given input like <file>"><script>alert(document.cookie)</script></file> you would end up with a fairly nasty XSS vulnerability. Kate

Feature request: Info button

edit
Latest comment: 16 years ago1 comment1 person in discussion

Hi Edmund, please take a look at my question at the end of mw:Extension talk:FileProtocolLinks. Thanks, --Flominator 13:46, 5 June 2008 (UTC)Reply

Add topic
Retrieved from "https://meta.wikimedia.org/w/index.php?title=User_talk:EdmundMielach&oldid=1029221"