diff -urN mediawiki-1.14.0/includes/Linker.php ../mediawiki-1.14.0/includes/Linker.php
--- mediawiki-1.14.0/includes/Linker.php 2009-01-05 15:59:46.000000000 +0000
+++ ../mediawiki-1.14.0/includes/Linker.php 2009-03-09 14:03:06.000000000 +0000
@@ -1521,13 +1523,12 @@
* @return string HTML headline
*/
public function makeHeadline( $level, $attribs, $anchor, $text, $link, $legacyAnchor = false ) {
- $ret = ""
- . "$text"
. "";
if ( $legacyAnchor !== false ) {
- $ret = "$ret";
+ $ret = "$ret";
}
return $ret;
}
diff -urN mediawiki-1.14.0/includes/Sanitizer.php ../mediawiki-1.14.0/includes/Sanitizer.php
--- mediawiki-1.14.0/includes/Sanitizer.php 2009-01-07 02:31:30.000000000 +0000
+++ ../mediawiki-1.14.0/includes/Sanitizer.php 2009-03-06 09:09:04.000000000 +0000
@@ -40,7 +40,7 @@
* Allows some... latitude.
* Used in Sanitizer::fixTagAttributes and Sanitizer::decodeTagAttributes
*/
-$attrib = '[A-Za-z0-9]';
+$attrib = '(xmlns:)?[A-Za-z0-9]';
$space = '[\x09\x0a\x0d\x20]';
define( 'MW_ATTRIBS_REGEX',
"/(?:^|$space)($attrib+)
@@ -600,7 +600,12 @@
$whitelist = array_flip( $whitelist );
$out = array();
foreach( $attribs as $attribute => $value ) {
- if( !isset( $whitelist[$attribute] ) ) {
+
+ if ( isset($whitelist['xmlns'])
+ && strtolower(substr($attribute, 0, 6))=='xmlns:' ) {
+ $xyz = 1;
+ }
+ elseif( !isset( $whitelist[$attribute] ) ) {
continue;
}
# Strip javascript "expression" from stylesheets.
@@ -1154,7 +1159,8 @@
* @return array
*/
static function setupAttributeWhitelist() {
- $common = array( 'id', 'class', 'lang', 'dir', 'title', 'style' );
+ $common = array( 'id', 'class', 'lang', 'dir', 'title', 'style'
+ , 'about' , 'rel', 'rev', 'property', 'typeof', 'content' , 'datatype' , 'resource' , 'xmlns' );
$block = array_merge( $common, array( 'align' ) );
$tablealign = array( 'align', 'char', 'charoff', 'valign' );
$tablecell = array( 'abbr',