Last modified: 2014-02-18 19:18:18 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 6019 - Allow HTML attributes for <ref(erences)> tags
Allow HTML attributes for <ref(erences)> tags
Status: NEW
Product: MediaWiki extensions
Classification: Unclassified
Cite (Other open bugs)
unspecified
All All
: Low enhancement with 2 votes (vote)
: ---
Assigned To: Nobody - You can work on this!
: patch, patch-reviewed
: 11161 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-19 08:18 UTC by Chris Chittleborough
Modified: 2014-02-18 19:18 UTC (History)
4 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments
Patch (1.54 KB, patch)
2006-05-19 16:31 UTC, Chris Chittleborough
Details
a sanitised patch (2.36 KB, patch)
2012-04-03 23:17 UTC, bluehairedlawyer
Details

Description Chris Chittleborough 2006-05-19 08:18:00 UTC
After taking a look at Cite.php, it seems to me that it might be (*cough*) A
Small Matter of Programming to allow the <references> element to take a class
attribute. For example,
 <references class="foo bar"/>
would generate <ol class="references foo bar">.

A patch follows. I have not tested it (or even compiled it!). Feel free to
ignore it, laugh at my feeble PHP skills, etc.
 -- Chris Chittleborough
==========================================
--- Cite.php	Fri May 19 17:19:44 2006
+++ Cite.CWC.php	Fri May 19 17:35:50 2006
@@ -105,7 +105,7 @@
 
 			// Although I could just use # instead of <li> above and nothing here that
 			// will break on input that contains linebreaks
-			'cite_references_prefix' => '<ol class="references">',
+			'cite_references_prefix' => '<ol class="references $1">',
 			'cite_references_suffix' => '</ol>',
 		)
 	);
@@ -311,12 +311,18 @@
 		 */
 		function references( $str, $argv, $parser ) {
 			$this->mParser = $parser;
+			$classes = '';
+			$cnt = count ( $argv );
+			if ( $cnt == 1 and isset( $argv['class'] ) ) {
+				$classes = ' '. $argv['class'];
+				$cnt = 0;
+			}
 			if ( $str !== null )
 				return $this->error( CITE_ERROR_REFERENCES_INVALID_INPUT );
-			else if ( count( $argv ) )
+			else if ( $cnt > 0 )
 				return $this->error( CITE_ERROR_REFERENCES_INVALID_PARAMETERS );
 			else
-				return $this->referencesFormat();
+				return $this->referencesFormat($classes);
 		}
 
 		/**
@@ -324,13 +330,13 @@
 		 *
 		 * @return string XHTML ready for output
 		 */
-		function referencesFormat() {
+		function referencesFormat( $classes ) {
 			$ent = array();
 			
 			foreach ( $this->mRefs as $k => $v )
 				$ent[] = $this->referencesFormatEntry( $k, $v );
 			
-			$prefix = wfMsgForContentNoTrans( 'cite_references_prefix' );
+			$prefix = wfMsgForContentNoTrans( 'cite_references_prefix', $classes );
 			$suffix = wfMsgForContentNoTrans( 'cite_references_suffix' );
 			$content = implode( "\n", $ent );
Comment 1 Chris Chittleborough 2006-05-19 08:26:09 UTC
Ah. Leading whitespace gets trimmed, eh? You can find an intact version of that
diff at "http://cchittleborough.cluemail.com/Cite.CWC.patch".
Comment 2 Brion Vibber 2006-05-19 16:04:31 UTC
Please do not paste patches into comments; attach them as files.
Comment 3 Chris Chittleborough 2006-05-19 16:31:15 UTC
Created attachment 1790 [details]
Patch

Sorry about that. I looked for an attachment feature when I created the "bug",
but didn't find one.
Comment 4 Rob Church 2006-06-25 02:11:12 UTC
Comment on attachment 1790 [details]
Patch

Patch isn't safe; allows insertion of arbitrary HTML and may provide a vector
for a JavaScript/XSS attack.
Comment 5 Chad H. 2008-10-21 00:52:31 UTC
*** Bug 11161 has been marked as a duplicate of this bug. ***
Comment 6 p858snake 2011-04-30 00:09:11 UTC
*Bulk BZ Change: +Patch to open bugs with patches attached that are missing the keyword*
Comment 7 John Du Hart 2011-09-01 04:00:09 UTC
+reviewed

Current patch is obsolete and is unsafe.
Comment 8 bluehairedlawyer 2012-04-03 23:17:57 UTC
Created attachment 10374 [details]
a sanitised patch

The attached patch allows editors to pass class and style attributes in the references tag to the underlying <ol> HTML tag. It uses Sanitizer::escapeClass and Sanitizer::fixTagAttributes to sanitise the classes and css code.
Comment 9 Gabriel Wicke 2014-02-18 19:18:18 UTC
We should not encourage inline styles, so lets please limit this to a class attribute only.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links