1. 15 Sep, 2019 1 commit
  2. 26 Dec, 2018 2 commits
  3. 22 Dec, 2018 2 commits
  4. 14 Dec, 2018 5 commits
  5. 02 Dec, 2018 3 commits
  6. 27 Nov, 2018 2 commits
  7. 24 Nov, 2018 3 commits
  8. 08 Nov, 2018 2 commits
  9. 19 Oct, 2018 1 commit
  10. 17 Oct, 2018 1 commit
  11. 05 Oct, 2018 6 commits
  12. 08 Jul, 2018 1 commit
    • Tripple Moon's avatar
      Fix two E_NOTICEs when the Echo extension is not installed · 0060e478
      Tripple Moon authored
      PHP Notice:  Undefined index: notifications-alert in /var/www/html/mediawiki-1.31.0/skins/Liberty/LibertyTemplate.php on line 638
      PHP Notice:  Undefined index: notifications-message in /var/www/html/mediawiki-1.31.0/skins/Liberty/LibertyTemplate.php on line 639
      0060e478
  13. 23 May, 2018 1 commit
  14. 22 May, 2018 1 commit
  15. 24 Nov, 2017 1 commit
  16. 23 Nov, 2017 5 commits
  17. 21 Nov, 2017 1 commit
    • Jack Phoenix's avatar
      SECURITY: Fix potential XSS vectors · 939ee9b8
      Jack Phoenix authored
      Since $title (actually a Title object, which is converted magically to a
      string here due to Title::__toString()) can be used supplied, it needs to
      be escaped before being output to avoid $title from being something like
      Foo " onmouseover="alert('xss') or somesuch.
      
      Furthermore changed the output format of [[MediaWiki:Liberty-facebook]]
      and [[MediaWiki:Liberty-twitter]] messages to ->escaped() so that admins
      cannot do nasty things by adding a " to one or both of the aforementioned
      MediaWiki: pages (thanks bawolff!).
      939ee9b8
  18. 17 Nov, 2017 2 commits