aboutsummaryrefslogtreecommitdiffstats
path: root/includes/Rest/Handler/EditHandler.php
Commit message (Collapse)AuthorAgeFilesLines
* REST: Content/v1: Validate responses against response schemas in testsAtieno2025-01-151-0/+12
| | | | | Bug: T376607 Change-Id: I837b0a8471b8a2c8675d33852406d3ba4ce4ae05
* Replace uses of deprecated MediaWiki\Message\ConverterBartosz Dziewoński2024-10-231-6/+6
| | | | | | | | | The converter is no longer needed now that Message and MessageValue use the same internal format for the message parameters. Bug: T358779 Depends-On: I625a48a6ecd3fad5c2ed76b23343a0fef91e1b83 Change-Id: I41392aca4ae6b40f3476397d7ca37ba6cadb2ae4
* Merge "Adding token validation to the edit handler"jenkins-bot2024-10-171-0/+9
|\
| * Adding token validation to the edit handlerWendy Quarshie2024-09-261-0/+9
| | | | | | | | Change-Id: I86fa7d613aa79e07ce20ea7936becf02f25832ac
* | Add namespace to includes/api classesJames D. Forrester2024-09-251-1/+1
|/ | | | | Bug: T353458 Change-Id: I3ea6b08c5018ba03ba45c5766e1f46e12f6b8597
* Use real type hints for services etc. in includes/Rest/Bartosz Dziewoński2024-06-111-29/+5
| | | | | | | | | | | | | | | | | Mostly used find-and-replace: Find: /\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?)[\s\*]+/\s*(private|protected|public) (\$[a-z]\w+;\n)((?=\s*/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?))\n|) Replace with: \3 \1 \4 More could be done, but to keep this patch reasonably sized, I only changed the most obvious and unambiguously correct cases. In some cases, I also removed redundant doc comments on the constructor, and re-ordered the properties to match the constructor. Change-Id: Ifa710fdf4d8d44a2d7244798b787a1b2a58c35a7
* Use LocalizedHttpException for remaining errors in REST handlersWendy Quarshie2024-04-291-2/+4
| | | | | Bug: T358745 Change-Id: I4845af0eacab31e6f648bdea9a2ed67d7188782b
* Improve error localization in REST handlersWendy Quarshie2024-04-021-1/+2
| | | | | BUg: T358745 Change-Id: Icb804560c827ee3e5df56d9d8d9565b8157fa9e1
* Namespace Config-related classes under \MediaWiki\ConfigJames D. Forrester2023-09-211-1/+1
| | | | | Bug: T166010 Change-Id: I4066885a7ea071d22497abcdb3f95e73e154d08c
* Namespace TitleParser under \MediaWiki\TitleJames D. Forrester2023-09-191-1/+1
| | | | | | | One of the big ones, so doing this alone. Bug: T166010 Change-Id: I4848e903b0c0a2f7c58ac19e0baeef0085a36bdc
* Namespace TitleFormatter under \MediaWiki\TitleJames D. Forrester2023-09-191-1/+1
| | | | | | | One of the big ones, so doing this alone. Bug: T166010 Change-Id: Ic2d59eb6764b1a273ed7162ecabf641f638b8f66
* Reorg: Move WebResponse and FauxResponse to Request/Amir Sarabadani2023-03-011-1/+1
| | | | | Bug: T321882 Change-Id: Iae8b9e0170c67c1adf861a6d0da45178a7d3cca7
* Add TokenAwareHandlerTrait for handlers supporting CSRF-unsafe providersDaimona Eaytoy2022-05-251-22/+2
| | | | | | | | | Returning a known-good token is not part of the trait method because I think handlers other than the ones based on the action API wouldn't even need a token if the session is safe against CSRF. Bug: T305043 Change-Id: If41749722b28c8c0e9898b3d3e7937167653fb10
* Allow REST API handlers to require csrf-safe session providersBill Pirkle2022-05-201-8/+0
| | | | | | Bug: T305043 Depends-On: Ic7c1b19b86e8a151e2d42aaec00ef0e89db77f08 Change-Id: Ic6bd48b400ecd839ef99b518ef955781470cd05c
* Use MainConfigNames instead of string literals, #2Aryeh Gregor2022-04-131-2/+3
| | | | | | | This covers all occurrences of /onfig->.*get( '/ in includes/. Undoubtedly there are still plenty more to go. Change-Id: I33196c4153437778496f40436bcde399638ac361
* Revert "Use CsrfTokenSet as CSRF token source"Kunal Mehta2021-08-051-1/+1
| | | | | | | This reverts commit 0d75fdb4f73ddbf4ad5f29e14258d58e507d55b4. Bug: T287542 Change-Id: Iedd3461869f973f8d621a39e6ad4674cbb577551
* Use CsrfTokenSet as CSRF token sourcePetr Pchelko2021-07-121-1/+1
| | | | Change-Id: I079d2c802d9b48d6abf7f37fa9ef7dafac631345
* REST /page/{title}: Fix title encoding.daniel2020-07-231-1/+1
| | | | | | | | | Page titles used in URL paths, such as the Location header returned after a page was created, must use the correct encoding for spaces and pluses. Bug: T258606 Change-Id: I75e91ac8f8da4eb183a9c8f1a682ea08c2225227
* REST: page/ endpoints: don't use tokens with OAuthdaniel2020-03-271-3/+14
| | | | | | | | | | | | | CSRF tokens should only be required (and only be allowed) if the current session isn't already inherently safe against CSRF due to the way the authentication mechanism works. This allows (and requires) tokens to be omitted for requests that use an OAuth Authorization header. Bug: T230843 Bug: T230842 Bug: T237852 Change-Id: Ib2922d556ff2470d4bf8c386c18986ca9f37d1b5
* Define POST handler for /page/: create pagedaniel2020-03-251-0/+189
NOTE: once this is merged, also merge Ie7b47e6868cc on the OAuth repo, to fix unit tests after a breaking change to Router's constructor signature. Bug: T230842 Change-Id: I8f5b92918a58e44a4f2d8c78d234d9f64c2d06bf
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-25 02:05:42 +0000