r58659 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r58658‎ \| r58659 \| r58660 >
Date:	16:23, 6 November 2009
Author:	ariel
Status:	ok (Comments)
Tags:
Comment:	set meaningful Expires: header, validate page title
Modified paths:	/trunk/extensions/ExternalPages/ExternalPages_body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/ExternalPages/ExternalPages_body.php
—	—	@@ -57,7 +57,7 @@
58	58	* process parameters of the request
59	59	*/
60	60	private function parseParams() {
61		~~- global $wgRequest, $wgServer;~~
	61	+ global $wgRequest, $wgServer, $wgLegalTitleChars;
62	62
63	63	if (!$wgRequest->getVal( 'EPyear') ) {
64	64	$this->mYear=false;
—	—	@@ -102,6 +102,12 @@
103	103	return(false);
104	104	}
105	105	$this->mPage = $wgRequest->getVal( 'EPpage' );
	106	+ $this->mPage = Sanitizer::decodeCharReferences( $this->mPage );
	107	+ // strictly speaking this setting may differ between local and remote wiki, oh well
	108	+ if ( preg_match( "/[^$wgLegalTitleChars]/", $this->mPage ) ) {
	109	+ ExternalPagesErrors::showError( 'externalpages-bad-page' );
	110	+ return(false);
	111	+ }
106	112	return( true );
107	113	}
108	114
—	—	@@ -127,6 +133,8 @@
128	134	} else {
129	135	$wgRequest->response()->header( "Cache-Control: private, s-maxage=0, max-age=$maxage" );
130	136	}
	137	+ $time = time() + self::EP_MAXAGE;
	138	+ $wgRequest->response()->header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', $time ) . ' GMT' );
131	139	return( true );
132	140	}
133	141

#Comment by Brion VIBBER (talk | contribs) 17:19, 6 November 2009

expires looks ok; should use the regular title funcs for title validation

01:40, 11 January 2010 Tim Starling (talk | contribs) changed the status of r58659 [removed: resolved added: ok]
17:39, 6 November 2009 Brion VIBBER (talk | contribs) changed the status of r58659 [removed: fixme added: resolved]
17:19, 6 November 2009 Brion VIBBER (talk | contribs) changed the status of r58659 [removed: new added: fixme]