On Thu, Mar 26, 2009 at 3:24 PM, Ilmari Karonen nospam@vyznev.net wrote:
--- includes/CategoryPage.php (revision 48416) +++ includes/CategoryPage.php (working copy) @@ -189,7 +189,7 @@ */ function addPage( $title, $sortkey, $pageLength, $isRedirect = false ) { global $wgContLang;
- $titletext = $wgContLang->convert( $title->getPrefixedText() );
- $titletext = $wgContLang->convert( $sortkey );
$this->articles[] = $isRedirect ? '<span class="redirect-in-category">' . $this->getSkin()->makeKnownLinkObj( $title, $titletext ) . '</span>' : $this->getSkin()->makeSizeLinkObj( $pageLength, $title, $titletext );
It would be easy to make this depend on a config option, too. If anyone else thinks that would be a good idea, I can commit it.
Doesn't this introduce a trivial XSS vulnerability?