r110822 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r110821‎ \| r110822 \| r110823 >
Date:	03:43, 7 February 2012
Author:	tstarling
Status:	resolved (Comments)
Tags:	core
Comment:	* Fix for r81363: instead of giving a PHP notice when PATH_INFO is missing, show the informative error message used before that revision. * Revert the change to the relevant message made in r102612: it is plain text, not wikitext, a format which does not support protocol-relative URLs.
Modified paths:	/trunk/phase3/img_auth.php (modified) (history) /trunk/phase3/languages/messages/MessagesEn.php (modified) (history)

Diff [purge]

Index: trunk/phase3/img_auth.php
—	—	@@ -56,6 +56,10 @@
57	57
58	58	// Get the requested file path (source file or thumbnail)
59	59	$matches = WebRequest::getPathInfo();
	60	+ if ( !isset( $matches['title'] ) ) {
	61	+ wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
	62	+ return;
	63	+ }
60	64	$path = $matches['title'];
61	65	if ( $path && $path[0] !== '/' ) {
62	66	// Make sure $path has a leading /
Index: trunk/phase3/languages/messages/MessagesEn.php
—	—	@@ -2295,7 +2295,7 @@
2296	2296	'img-auth-nopathinfo' => 'Missing PATH_INFO.
2297	2297	Your server is not set up to pass this information.
2298	2298	It may be CGI-based and cannot support img_auth.
2299		~~-[//www.mediawiki.org/wiki/Manual:Image_Authorization See image authorization.]',~~
	2299	+See http://www.mediawiki.org/wiki/Manual:Image_Authorization.',
2300	2300	'img-auth-notindir' => 'Requested path is not in the configured upload directory.',
2301	2301	'img-auth-badtitle' => 'Unable to construct a valid title from "$1".',
2302	2302	'img-auth-nologinnWL' => 'You are not logged in and "$1" is not in the whitelist.',

Revision	Commit summary	Author	Date
r110840	Omg HTTPS...	reedy	12:30, 7 February 2012

Revision	Commit summary	Author	Date
r81363	* Remove last bit of code that uses PATH_INFO from img_auth.php so that peopl...	mah	01:08, 2 February 2011
r102612	This SVN commit fixes bug32220 and makes links to mediawiki.org in language m...	bsitu	01:13, 10 November 2011

#Comment by P858snake (talk | contribs) 06:24, 7 February 2012

Perhaps we should just put a HTTPS link there, which is what I think we have done in a couple of other spots where protcol-rel magic wouldn't work.

#Comment by Siebrand (talk | contribs) 06:58, 7 February 2012

Adding fixme because I'm using my phone. Easy to change http to https

18:45, 7 February 2012 Aaron Schulz (talk | contribs) changed the status of r110822 [removed: new added: resolved]
16:57, 7 February 2012 MarkAHershberger (talk | contribs) changed the tags for r110822 [added: core]
12:30, 7 February 2012 Reedy (talk | contribs) changed the status of r110822 [removed: fixme added: new]
06:58, 7 February 2012 Siebrand (talk | contribs) changed the status of r110822 [removed: ok added: fixme]
06:53, 7 February 2012 Aaron Schulz (talk | contribs) changed the status of r110822 [removed: new added: ok]