Book creator (disable)

Add this page to your book

Show book (0 pages)

User talk:EdmundMielach

From Meta, a Wikimedia project coordination wiki

Jump to: navigation, search

someone pointed out User:EdmundMielach/FileProtocolLinks to me recently. looking at the source, it doesn't seem like you escape HTML in the URL input, so given input like <file>"><script>alert(document.cookie)</script></file> you would end up with a fairly nasty XSS vulnerability. Kate

[edit] Feature request: Info button

Hi Edmund, please take a look at my question at the end of mw:Extension talk:FileProtocolLinks. Thanks, --Flominator 13:46, 5 June 2008 (UTC)

Retrieved from "http://meta.wikimedia.org/w/index.php?title=User_talk:EdmundMielach&oldid=1029221"

Personal tools

Log in / create account

Community

Beyond the Web

Print/export

Toolbox