| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
This covers all occurrences of /onfig->.*get( '/ in includes/.
Undoubtedly there are still plenty more to go.
Change-Id: I33196c4153437778496f40436bcde399638ac361
|
| |
|
|
|
|
|
|
|
| |
Make phan stricter about conditional variable declaration
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T259172
Change-Id: I1f200ac37df7448453688bf464a8250c97313e5d
|
| |
|
|
|
|
|
|
|
|
|
| |
Make phan stricter about null types by setting null_casts_as_any_type to
false (the default in mediawiki-phan-config)
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T242536
Bug: T301991
Change-Id: I0f295382b96fb3be8037a01c10487d9d591e7e01
|
| |
|
|
|
|
|
|
|
|
|
| |
Removes deprecated API endpoints and modules for dealing with
CSRF tokens.
Note: i18n messages are removed in a followup for ease of revert.
Bug: T280806
Depends-On: Ic83f44587db119ff2e3e6d5ff33a10894e0695e7
Change-Id: I58aedec6942ac5d3c21574cb0072f00ef365098c
|
| |
|
|
|
| |
Bug: T283394
Change-Id: Idf8f3cc184cfa3b4ef3ec55c04ec4a4520cbc0b5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- ApiAMCreateAccount
- ApiClientLogin
- ApiChangeAuthenticationData
- ApiLinkAccount
- ApiLogin
- ApiRemoveAuthenticationData
Now that ApiLogin needs services injected,
update ApiModuleManagerTest to use ApiRsd
as the example api module that doesn't need
any services.
Bug: T259960
Change-Id: If78457f1d859d3d575f2016ef4b212263473cea6
|
| |
|
|
|
| |
Bug: T260933
Change-Id: Ic986640cc34e6ec6be239e410a8334f0e299c682
|
| |\ |
|
| | |
| |
| |
| | |
Change-Id: I0af2e5fe91097077eeaf83027494065a0c1a6c04
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
|
| |/
|
|
|
|
|
|
|
| |
This has long been somewhat confusing, and it's more likely a client
will wind up looping due to a cookie handling bug than that the session
loss is a transient failure on the server side.
Bug: T249526
Change-Id: I3430eb4cb1b6d85d6869c3d78709236f04da10a3
|
| |
|
|
|
| |
Bug: T245280
Change-Id: I5904fe7539322c4d923bc8b8c88fda272d7dff8b
|
| |
|
|
| |
Change-Id: I94a0ae83c65e8ee419bbd1ae1e86ab21ed4d8210
|
| |
|
|
| |
Change-Id: I9eb65bdfbd3aa581effc14ead801b9e89b0359c3
|
| |
|
|
|
|
|
|
| |
This first example demonstrates a deprecated flow that we should not
be encouraging and definetly shouldn't be before the example that we
want to promote
Change-Id: Ia1ec99a0fd88cee216fcb80aaebd0a00ce2942a4
|
| |
|
|
| |
Change-Id: If475c738b4af7208024c866594d4c0048af053dd
|
| |
|
|
|
| |
Bug: T216969
Change-Id: I4c06716c83b69d128f26fa7f68736808aa2d3d64
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Coverage is 100% except for one session-related bit that seems a bit
involved to test right now. It looks like it will be easier once
SessionManager becomes a service.
I removed the third parameter from the return value of
canonicalizeLoginData, since af37a4c7 made it always return true.
I also removed three lines of dead code from ApiLogin.php.
Change-Id: Ia0073eddd27c82827518e0031e3c313f83cfd7cc
|
| |
|
|
|
|
|
| |
Reported by Rxy
Bug: T194605
Change-Id: Ib41005e69ab4db6f849837de12f0d41398b58f9a
|
| |
|
|
|
|
|
|
|
| |
Certain things, such as changing the account's main login credentials,
causes all bot passwords to be invalidated. This state should be
indicated in Special:BotPasswords, and the API when login fails.
Bug: T193829
Change-Id: Ib12929fed861742c9f2f76702c9ac3254e8a5d97
|
| |
|
|
|
|
|
|
|
| |
It is the job of git and svn to provide this information/metadata.
The form was different, some with short, some with long month name
some with leading zero at the day, some without.
The year is also present in the Copyright clause
Change-Id: If006907b82b9e45f13cfa2e45d41107a95570e1a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ApiLogin which will currently always try an AuthManager login which will
by default throttle via ThrottlePreAuthenticationProvider, but this only
happens after the BotPassword is checked so it's still possible to keep
trying to break the bot password.
There's a potential odd-behavior mode here: if the main account username
and password looks like a BotPasswords username and password, a
successful main account login will increment the BotPasswords throttle
for the user and not reset it after the successful main account login.
That seems such an odd edge case I say let's not worry about it.
Bug: T165846
Change-Id: Ie60f0e05c2a94722b91bc3a80c80346e28b443f4
|
| |
|
|
|
|
|
|
| |
To fix T123930, it would be very handy to have the summary for each
module without any of the additional explanatory text.
Bug: T166411
Change-Id: I778bab2b87971875aed4c804341ad59c1c6e021f
|
| |
|
|
|
|
| |
Ia6c402a4 did it for 'Failed', but overlooked 'Aborted'.
Change-Id: I3f7379af3609c30f10ea8c648f2ec840310e8d97
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Stuff like passwords and CSRF tokens shouldn't be in the logs.
The fact of being sensitive is intentionally separated from the need to
be in the POST body because, for example, the wltoken parameter to
ApiQueryWatchlist needs to be in the query string to serve its purpose
but still shouldn't be logged.
Bug: T125177
Change-Id: I1d61f4dcf792d77401ee2e2988b1afcb2a2ad58f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Links generated by the API are now aware of the user's preferred
language and will show documents in that language if available.
To test, log in to mediawiki.org and set your language preference to 'es',
then on an MediaWiki installation with this patch view the generated
expanded API help at `api.php?action=help&recursivesubmodules=1&modules=main`.
Each link to documentation on mediawiki.org should take you to its
translated /es subpage, if one exists.
Bug: T104518
Change-Id: I339a1f3ae1bce9d759cf251899d57c32b1def91e
|
| |
|
|
|
|
|
|
|
|
| |
I was bored. What? Don't look at me that way.
I mostly targetted mixed tabs and spaces, but others were not spared.
Note that some of the whitespace changes are inside HTML output,
extended regexps or SQL snippets.
Change-Id: Ie206cc946459f6befcfc2d520e35ad3ea3c0f1e0
|
| |
|
|
|
|
|
|
|
| |
This change was announced October 31, 2016,[1] with the deadline set for
today.
[1]: https://lists.wikimedia.org/pipermail/mediawiki-api-announce/2016-October/000119.html
Change-Id: Ic7f0cea1510381e3fef5d4850677a66ea257c16b
|
| |
|
|
|
|
|
|
|
|
|
| |
* Use errorformat for action=login Failed responses in non-BC mode.
* We removed 'messageHtml' from action=rollback's response on error, but
left it for success. Remove it there too, it's even less useful.
* We changed action=watch's reporting of errors, but left the
mostly-pointless reporting of "success" UI messages. These should be
handled on the client side.
Change-Id: Ia6c402a4254fbacf4c2c3f125ce8bf0bcc71e509
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
API warnings and error messages are currently hard-coded English
strings. This patch changes that.
With a few exceptions, this patch should be compatible with non-updated
extensions:
* The change to ApiBase::$messageMap will blow up anything trying to
mess with it.
* The changes to the 'ApiCheckCanExecute' hook will cause a wrong
(probably unparsed) error message to be emitted for extensions not
already using an ApiMessage. Unless they're currently broken like
Wikibase.
Bug: T37074
Bug: T47843
Depends-On: Ia2b66b57cd4eaddc30b3ffdd7b97d6ca3e02d898
Depends-On: I2e1bb975bb0045476c03ebe6cdec00259bae22ec
Depends-On: I53987bf87c48f6c00deec17a8e957d24fcc3eaa6
Depends-On: Ibf93a459eb62d30f7c70d20e91ec9faeb80d10ed
Depends-On: I3cf889811f44a15935e454dd42f081164d4a098c
Depends-On: Ieae527de86735ddcba34724730e8730fb277b99b
Depends-On: I535344c29d51521147c2a26c341dae38cec3e931
Change-Id: Iae0e2ce3bd42dd4776a9779664086119ac188412
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
Re-apply 23e5cdb after temporarily reverting in fda4d48 due to bot breakage.
Bug: T121527
Change-Id: Ia89719d8bbebb7446b9c41cc9f29ecf26c75839b
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bot passwords allow backwards-compatible login (with grants, for API
usage only) with "<real username>@<botname>" for username plus a
random-generated password.
This doesn't work well with some bot frameworks (including Pywikibot,
the most popular one) which assume that the text that goes into the
username field of the login API is the username that they will be
logged in with afterwards (and so the @-postfix causes all kinds of
errors).
Since the goal of bot passwords is compatibility with old unmaintained
API clients, this patch adds an alternative format which does not
cause problems with old bots: use the username normally, and use
"<botname>@<random-generated password>" as password. Since this is
technically a valid normal password, there is some ambiguity, but
bot passwords have a distintive format so it's easy to check and it is
extremely unlikely that someone would use the exact same format for
their normal password; and if the bot password login fails we can
simply retry it as a normal password, just in case.
Bug: T142304
Change-Id: Ib59a6fbe0e65d80d5e7d19ff37cec5e011c00539
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Passwords should always be submitted in the POST body, not in the query
string. Thus, a warning will now be returned if the password for
action=login or any sensitive authentication request parameters for
AuthManager actions are found in the query string.
These warnings should be upgraded to errors in 1.29.
Change-Id: Ifb2c684bb28c9acc004be2b0c2fef839eb7624aa
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | | |
Bug: T142600
Change-Id: Id5af923ef10c31fc15e5d4da43ce220e1258b723
|
| |/ /
| |
| |
| |
| |
| |
| | |
Also, move some events which did not belong there to the
'authentication' channel.
Change-Id: I4d7564343318899fc498ed2bd2d5260041ee22cc
|
| |/
|
|
| |
Change-Id: I2b2c9693a275fcc026916bd97f303e7a5c8df341
|
| |
|
|
|
|
|
|
|
| |
Revert commit 23e5cdb5034dca5bbdfc2ac9c111c5fac20ff579
temporarily so Pywikibot users can catch up with API changes
Bug: T121527
Bug: T142155
Change-Id: I3879a5d76a1727dd653daeebc79d4d9cabd0332e
|
| |
|
|
|
| |
Bug: T121527
Change-Id: Ie370d6dc5a922ad9c50758ba81b98aa8492f83cb
|
| |
|
|
|
|
|
|
| |
This will help to differentiate between actual login and visiting
the login page while already logged in.
Bug: T140853
Change-Id: If8582ff61aee62b1d424e473b230ca883ddb6d05
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes here are:
* action=login is deprecated for use other than bot passwords
* list=users will indicate if a missing user name is creatable.
* Added action=query&meta=authmanagerinfo
* Added action=clientlogin is to be used to log into the main account
* action=createaccount is changed in a non-BC manner
* Added action=linkaccount
* Added action=unlinkaccount
* Added action=changeauthenticationdata
* Added action=removeauthenticationdata
* Added action=resetpassword
Bug: T110276
Bug: T110747
Bug: T110751
Bug: T32788
Bug: T67857
Bug: T28597
Bug: T76103
Change-Id: I244fa9b1e0623247d6d9fa30990411c6df94a496
|
| |
|
|
|
|
|
|
| |
Status::getWikiText is used for internal logging, api error messages and
maintenance scripts. All this places are usually in english, so pass an
english language to getWikiText.
Change-Id: I3010fca8eb5740a3a851c55a8b12e171714c78f7
|
| |
|
|
| |
Change-Id: Ia94ae232308ad47ee88dbd30675cfcbdb6b371ed
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In addition to the 5 attempts every 5 minutes rule, add some long
term rules. Its extraordinarily unlikely that a non-malicious person would
use the wrong password 150 times in a row, so add a rule that you
can't have 150 login fails in a row in 48 hours all from the same
IP address. Also add the ability to set throttles across all IPs, but
do not set any of these types by default (There is an unclear risk/benefit
tradeoff between making it easy to lock someone out of their
account in a DoS attack, and preventing brute-forcing)
Bug: T122164
Change-Id: I5c279906936ef3991a42fc21325c3ffd4a200493
|
| |
|
|
| |
Change-Id: I20600c865b9f239ac281a1f8c5776ad4dbec4359
|
| |
|
|
|
|
|
|
|
|
| |
Per wikitech-l consensus:
https://lists.wikimedia.org/pipermail/wikitech-l/2016-February/084821.html
Notes:
* Disabled CallTimePassByReference due to false positives (T127163)
Change-Id: I2c8ce713ce6600a0bb7bf67537c87044c7a45c4b
|
| |
|
|
|
|
| |
This reverts commit 823db5d63dd5200d04c63da50ba6bf16f928e70b.
Change-Id: Ibb3e023e4eb6715295586dea87d0725c344a8271
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The plan here is to take it out of 1.27.0-wmf.12 and put it back in
1.27.0-wmf.13.
Since BotPasswords depends on SessionManager, that's getting temporarily
removed too.
This reverts the following commits:
* 6acd424e0dbc322e8b9a141bd2625453c1b9b6f1 SessionManager: Notify AuthPlugin before calling hooks
* 4d1ad32d8acbd443346253d2f6a95024c833295c Close a loophole in CookieSessionProvider
* fcdd643a46d87b677f6cdcc3ba9440e1472d8df7 SessionManager: Don't save non-persisted sessions to backend storage
* 058aec4c76129b7ee8541692a8a48f8046e15bb6 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php
* b5c0c03bb708f8dad6e404969df8addc123984db SessionManager: Save user name to metadata even if the user doesn't exist locally
* 13f2f09a193215aa7a061d10a1955e172d06fa0a SECURITY: Fix User::setToken() call on User::newSystemUser
* 305bc75b27903237a9683ec1f329bcbec0ecd266 SessionManager: Don't generate user tokens when checking the tokens
* 7c4bd85d2152fd9fa975ea0fb5ffb1a0b804f99b RequestContext::exportSession() should only export persisted session IDs
* 296ccfd4a9a6ad3ae412db7e2408c923aaa61f64 SessionManager: Save 'persisted' flag in session metadata
* 94ba53f67731b0553a6178841d9506e384f74496 Move CSRF token handling into MediaWiki\Session\Session
* 46a565d6b00174e631d2022b47677e1a78e73897 Avoid false "added in both Session and $_SESSION" when value is null
* c00d0b5d94c946b8883dd7062bf7160a199aa5c2 Log backtrace for "User::loadFromSession called before the end of Setup.php"
* 4eeff5b559e2ae7b8fa1f45572968ba28573a421 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure'
* 7491b52f700e220814a8190781fd794b4dd88a20 Call session_cache_limiter() before starting a session
* 2c34aeea72471f9a598e67bdbf34bc5f9fb3f0c5 SessionManager: Abstract forceHTTPS cookie setting
* 9aa53627a53aabec0273cecf45a86e77927ef406 Ignore auth cookies with value 'deleted'
* 43f904b51a746d7f71ea2ab9951c5c98d269765b SessionManager: Kill getPersistedSessionId()
* 50c52563528ba3d765c3762211f98d6f3c0e39fd SessionManager: Add SessionBackend::setProviderMetadata()
* f640d403154bc0a2b4f6d399582797a9e3bc6fcb SessionManager: Notify AuthPlugin when auto-creating accounts
* 70b05d1ac1e859bac2185b246e9b93ec9051e4d8 Add checks of $wgEnableBotPasswords in more places
* bfed32eb78b6c720b16bc7ed60153fd2fe257a9e Do not raise a PHP warning when session write fails
* 722a7331ad8d98228511f8da38adc7a3c64dd617 Only check LoggedOut timestamp on the user loaded from session
* 4f5057b84b36eccd16627a6b29831dfdb4483b02 SessionManager: Change behavior of getSessionById()
* 66e82e614e157e39b03d813e71ddf23f53cf640b Fix typo in [[MediaWiki:Botpasswords-editexisting/en]]
* f9fd9516d922d36291037baca7205a2b0ac9f15f Add "bot passwords"
* d7716f1df0b692902571bf415a0984071e3e9a60 Add missing argument for wfDebugLog
* a73c5b7395a07d490f7052fd3b2491ebd656b190 Add SessionManager
Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
|
