r62967 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r62966‎ \| r62967 \| r62968 >
Date:	17:44, 25 February 2010
Author:	maxsem
Status:	ok (Comments)
Tags:
Comment:	(bug 17790) Users instantly logged off on HughesNet
Modified paths:	/trunk/phase3/HISTORY (modified) (history) /trunk/phase3/includes/specials/SpecialUserlogout.php (modified) (history) /trunk/phase3/languages/messages/MessagesEn.php (modified) (history) /trunk/phase3/maintenance/language/messages.inc (modified) (history)

Diff [purge]

Index: trunk/phase3/maintenance/language/messages.inc
—	—	@@ -465,6 +465,7 @@
466	466	'login-throttled',
467	467	'loginlanguagelabel',
468	468	'loginlanguagelinks',
	469	+ 'suspicious-userlogout',
469	470	),
470	471	'resetpass' => array(
471	472	'resetpass',
Index: trunk/phase3/HISTORY
—	—	@@ -745,6 +745,7 @@
746	746	* (bug 22551) Special:Resetpass now has a "Cancel" button that sends the user to
747	747	the page set in the &returnto parameter.
748	748	* (bug 19194) Search box in Modern skin doesn't focus with Safari/Chrome
	749	+* (bug 17790) Users instantly logged off on HughesNet
749	750
750	751	== API changes in 1.16 ==
751	752
Index: trunk/phase3/includes/specials/SpecialUserlogout.php
—	—	@@ -10,6 +10,16 @@
11	11	function wfSpecialUserlogout() {
12	12	global $wgUser, $wgOut;
13	13
	14	+ /**
	15	+ * Some satellite ISPs use broken precaching schemes that log people out straight after
	16	+ * they're logged in (bug 17790). Luckily, there's a way to detect such requests.
	17	+ */
	18	+ wfDebug( $_SERVER['REQUEST_URI'] . "\n" );
	19	+ if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], '&' ) !== false ) {
	20	+ wfHttpError( 400, wfMsg( 'loginerror' ), wfMsg( 'suspicious-userlogout' ) );
	21	+ return;
	22	+ }
	23	+
14	24	$oldName = $wgUser->getName();
15	25	$wgUser->logout();
16	26	$wgOut->setRobotPolicy( 'noindex,nofollow' );
Index: trunk/phase3/languages/messages/MessagesEn.php
—	—	@@ -1134,6 +1134,7 @@
1135	1135	* Español\|es
1136	1136	* Italiano\|it
1137	1137	* Nederlands\|nl', # do not translate or duplicate this message to other languages
	1138	+'suspicious-userlogout' => 'Your request to log out was denied because it looks like it was sent by a broken browser or caching proxy.',
1138	1139
1139	1140	# Password reset dialog
1140	1141	'resetpass' => 'Change password',

Follow-up revisions

Revision	Commit summary	Author	Date
r62968	fix debug logging from r62967	maxsem	17:50, 25 February 2010
r62973	Backported r62967 and r62968 to 1.16: (bug 17790) Users instantly logged off ...	maxsem	20:29, 25 February 2010
r86182	Prevent bug 17790 from reappearing on Special:Preferences	maxsem	07:39, 16 April 2011

Comments

#Comment by MaxSem (talk | contribs) 17:45, 25 February 2010

Logged to HISTORY instead of RELEASE-NOTES because I'll backport it to 1.16 shortly.

Status & tagging log

00:46, 12 March 2010 Tim Starling (talk | contribs) changed the status of r62967 [removed: new added: ok]