Difference between revisions of "Template:Code injection alert"
Jump to navigation
Jump to search
Template documentation[create]
Template documentation
Template documentation[create]
Joelmartin (talk | contribs) m (Text replacement - "<translate>" to "") |
Joelmartin (talk | contribs) m (Text replacement - "<languages/>" to "") |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
<noinclude> | <noinclude> | ||
| − | + | ||
| − | </noinclude>{{#switch: | + | </noinclude>{{#switch: |
| = | | = | ||
{{Security alert | {{Security alert | ||
| − | |problem={{{problem| | + | |problem={{{problem| Vulnerable to '''[[w:Code injection|code injection]] attacks'''. This may lead to '''compromisation of your entire wiki''', '''severe data loss''', '''malware being injected''', and '''other parts of your server being compromised''', among other things.}}} |
| − | |solution={{{solution| | + | |solution={{{solution| [[w:Code injection|avoid the use of things like eval(), create_function(), and /e]]}}} |
|signed={{{signed|{{{1||}}}}}} | |signed={{{signed|{{{1||}}}}}} | ||
|nocat=1 | |nocat=1 | ||
Latest revision as of 15:32, 21 December 2019
Template documentation[create] Template documentation- Description
- Adds an alert box describing a code injection vulnerability in including Extension page. Also adds including page to Category:Extensions with code injection vulnerabilities
- If your extension was tagged with this template please read
- For extension developers and extension users: en:Code injection
- Specifically for extension developers: Security for developers
- Example
{{Code injection alert|~~~~}}
- Creates
Template documentation[create]