Allows to upload multiple files via the editor including drag&drop.
Details
Details
Fri, Jul 11
Fri, Jul 11
gerritbot added a project to T399142: MsUpload does not accommodate vector 2022's dark mode: Patch-For-Review.
gerritbot added a comment to T399142: MsUpload does not accommodate vector 2022's dark mode.
Change #1168177 had a related patch set uploaded (by Samwilson; author: Samwilson):
[mediawiki/extensions/MsUpload@master] Use backwards-compatible variable for bottom spacer
Samwilson reopened T399142: MsUpload does not accommodate vector 2022's dark mode as "Open".
Needs fixing for 1.43.
Fixed now:
Thu, Jul 10
Thu, Jul 10
Maintenance_bot removed a project from T399142: MsUpload does not accommodate vector 2022's dark mode: Patch-For-Review.
gerritbot added a comment to T399142: MsUpload does not accommodate vector 2022's dark mode.
Change #1167729 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@master] Replace a few background-colors with variable names
gerritbot added a project to T399142: MsUpload does not accommodate vector 2022's dark mode: Patch-For-Review.
gerritbot added a comment to T399142: MsUpload does not accommodate vector 2022's dark mode.
Change #1167729 had a related patch set uploaded (by Samwilson; author: Samwilson):
[mediawiki/extensions/MsUpload@master] Replace a few background-colors with variable names
lihaohong updated the task description for T399142: MsUpload does not accommodate vector 2022's dark mode.
A_smart_kitten added a project to T399142: MsUpload does not accommodate vector 2022's dark mode: dark-mode.
Tue, Jul 8
Tue, Jul 8
mmartorana renamed T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload from Stored XSS through a system message in MsUpload to CVE-2025-7362: Stored XSS through a system message in MsUpload.
Mon, Jul 7
Mon, Jul 7
SomeRandomDeveloper closed T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload as Resolved.
Closing as this was fixed a while ago and is no longer reproducible.
Maintenance_bot removed a project from T398665: Add a foreign-resources.yaml file to MsUpload: Patch-For-Review.
gerritbot added a comment to T398665: Add a foreign-resources.yaml file to MsUpload.
Change #1166293 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@master] Use foreign-resources to load Plupload, and remove flash and silverlight
Sat, Jul 5
Sat, Jul 5
Actually I'm seeing the same bug with older versions as well, so it's obviously something else.
Fri, Jul 4
Fri, Jul 4
Samwilson reopened T397572: Alignment of upload button in toolbar is wrong as "Open".
It looks like I may have introduced a race condition here, where uploading files selected via the button doesn't always work (but dragging onto the dropzone does). Sorry about this!
gerritbot added a project to T398665: Add a foreign-resources.yaml file to MsUpload: Patch-For-Review.
gerritbot added a comment to T398665: Add a foreign-resources.yaml file to MsUpload.
Change #1166293 had a related patch set uploaded (by Samwilson; author: Samwilson):
[mediawiki/extensions/MsUpload@master] Use foreign-resources to load Plupload, and remove flash and silverlight
Samwilson added a comment to T139341: MsUpload does not show up in mediawiki >=1.27.
Is anyone still having trouble running MsUpload on an old version? This can perhaps be closed as stale now. MsUpload works on all recent MediaWiki versions that I've used in the last few years.
Wed, Jun 25
Wed, Jun 25
Tue, Jun 24
Tue, Jun 24
Maintenance_bot removed a project from T397564: Texts are not centred vertically on narrow screens: Patch-For-Review.
Maintenance_bot removed a project from T397572: Alignment of upload button in toolbar is wrong: Patch-For-Review.
gerritbot added a comment to T397564: Texts are not centred vertically on narrow screens.
Change #1162277 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@master] Fix height of drop zone and insertion button area
gerritbot added a comment to T397572: Alignment of upload button in toolbar is wrong.
Change #1162579 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@master] Use OOUI button for the toolbar upload button
Sun, Jun 22
Sun, Jun 22
gerritbot added a project to T397572: Alignment of upload button in toolbar is wrong: Patch-For-Review.
gerritbot added a comment to T397572: Alignment of upload button in toolbar is wrong.
Change #1162579 had a related patch set uploaded (by Samwilson; author: Samwilson):
[mediawiki/extensions/MsUpload@master] Use OOUI button for the toolbar upload button
Sat, Jun 21
Sat, Jun 21
gerritbot added a project to T397564: Texts are not centred vertically on narrow screens: Patch-For-Review.
gerritbot added a comment to T397564: Texts are not centred vertically on narrow screens.
Change #1162277 had a related patch set uploaded (by Samwilson; author: Samwilson):
[mediawiki/extensions/MsUpload@master] Fix height of drop zone and insertion button area
Samwilson renamed T397564: Texts are not centred vertically on narrow screens from Drop zone label is not centred vertically on narrow screens to Texts are not centred vertically on narrow screens.
May 27 2025
May 27 2025
sbassett moved T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload from Incoming to Watching on the Security-Team board.
sbassett changed the status of T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload from Open to In Progress.
sbassett added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
May 26 2025
May 26 2025
Sophivorus added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
All done. If someone wants to review this, we can close it. Cheers!
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150735 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@REL1_42] Sanitize message before appending
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150736 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@REL1_39] Sanitize message before appending
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150736 had a related patch set uploaded (by Sophivorus; author: Sophivorus):
[mediawiki/extensions/MsUpload@REL1_39] Sanitize message before appending
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150735 had a related patch set uploaded (by Sophivorus; author: Sophivorus):
[mediawiki/extensions/MsUpload@REL1_42] Sanitize message before appending
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150734 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@REL1_43] Sanitize message before appending
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150733 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@REL1_44] Sanitize message before appending
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150734 had a related patch set uploaded (by Sophivorus; author: Sophivorus):
[mediawiki/extensions/MsUpload@REL1_43] Sanitize message before appending
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150733 had a related patch set uploaded (by Sophivorus; author: Sophivorus):
[mediawiki/extensions/MsUpload@REL1_44] Sanitize message before appending
Sophivorus added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Thanks, that was it. I was testing in REL1_43.
gerritbot added a comment to T394864: CVE-2025-7362: Stored XSS through a system message in MsUpload.
Change #1150676 merged by jenkins-bot:
[mediawiki/extensions/MsUpload@master] Sanitize message before appending