Don't copy POST query params when generating link/redirect URLs

Use WebRequest::getQueryValues() instead of WebRequest::getValues()
whenever the result is used to generate links or redirect URLs,
so that only GET query params are copied and not POST params.

This is the same change as I53e58c16cd1292d78b5775358fc180901f4ce203
(for T309907), but repeated in several more places.

Two of these had bugs filed for it (T152920, T291852), others were
as yet undiscovered.

Some of my changes have no effect in practice (e.g. when the code
is guarded by wasPosted()), but I'm changing them anyway to avoid
perpetuating the bad pattern.

Bug: T152920
Bug: T291852
Change-Id: I67fbf82a7ec084623595e6aff62c26dbcce8fa4d

1 files changed, 1 insertions, 1 deletions

diff --git a/includes/Output/OutputPage.php b/includes/Output/OutputPage.php
index f4d4947f4531..6ef36a1cde60 100644
--- a/includes/Output/OutputPage.php
+++ b/includes/Output/OutputPage.php
@@ -3370,7 +3370,7 @@ class OutputPage extends ContextSource {
 				$query['returnto'] = $returnto->getPrefixedText();
 
 				if ( !$request->wasPosted() ) {
-					$returntoquery = $request->getValues();
+					$returntoquery = $request->getQueryValues();
 					unset( $returntoquery['title'] );
 					unset( $returntoquery['returnto'] );
 					unset( $returntoquery['returntoquery'] );