r70640 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r70639‎ \| r70640 \| r70641 >
Date:	18:56, 7 August 2010
Author:	ialex
Status:	reverted (Comments)
Tags:
Comment:	Per comments, follow-up to r70278: make patrol tokens compatibles between api and normal interface
Modified paths:	/trunk/phase3/includes/Article.php (modified) (history) /trunk/phase3/includes/diff/DifferenceInterface.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/diff/DifferenceInterface.php
—	—	@@ -236,7 +236,7 @@
237	237	}
238	238	// Build the link
239	239	if( $rcid ) {
240		~~- $token = $wgUser->editToken( $rcid );~~
	240	+ $token = $wgUser->editToken();
241	241	$patrol = ' <span class="patrollink">[' . $sk->link(
242	242	$this->mTitle,
243	243	wfMsgHtml( 'markaspatrolleddiff' ),
—	—	@@ -463,7 +463,7 @@
464	464	# Add redundant patrol link on bottom...
465	465	if( $this->mRcidMarkPatrolled && $this->mTitle->quickUserCan('patrol') ) {
466	466	$sk = $wgUser->getSkin();
467		~~- $token = $wgUser->editToken( $this->mRcidMarkPatrolled );~~
	467	+ $token = $wgUser->editToken();
468	468	$wgOut->addHTML(
469	469	"<div class='patrollink'>[" . $sk->link(
470	470	$this->mTitle,
Index: trunk/phase3/includes/Article.php
—	—	@@ -1307,7 +1307,7 @@
1308	1308	}
1309	1309
1310	1310	$sk = $wgUser->getSkin();
1311		~~- $token = $wgUser->editToken( $rcid );~~
	1311	+ $token = $wgUser->editToken();
1312	1312
1313	1313	$wgOut->addHTML(
1314	1314	"<div class='patrollink'>" .
—	—	@@ -2366,7 +2366,7 @@
2367	2367	# If we haven't been given an rc_id value, we can't do anything
2368	2368	$rcid = (int) $wgRequest->getVal( 'rcid' );
2369	2369
2370		~~- if ( !$wgUser->matchEditToken( $wgRequest->getVal( 'token' ), $rcid ) ) {~~
	2370	+ if ( !$wgUser->matchEditToken( $wgRequest->getVal( 'token' ) ) ) {
2371	2371	$wgOut->showErrorPage( 'sessionfailure-title', 'sessionfailure' );
2372	2372	return;
2373	2373	}

Follow-up revisions

Revision	Commit summary	Author	Date
r75270	Revert r70640 per CR: don't expose unsalted edit tokens in URLs. Should inste...	catrope	16:56, 23 October 2010
r75274	BREAKING CHANGE: Per r70640 CR, salt patrol tokens with rcid in the API too. ...	catrope	17:22, 23 October 2010

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r70278	* (bug 24418) action=markpatrolled now requires a token	ialex	15:50, 1 August 2010

Comments

#Comment by Platonides (talk | contribs) 22:20, 7 August 2010

You are exposing the main token inside an url. This leaks it to proxy logs, referer urls...

You should instead change the api to use the token salted with the rcid. Such token can only be used to patrol that edit and so it's not an issue if a third party gains knowledge of it.

Status & tagging log

15:57, 25 October 2010 Platonides (talk | contribs) changed the status of r70640 [removed: resolved added: reverted]
16:57, 23 October 2010 Catrope (talk | contribs) changed the status of r70640 [removed: fixme added: resolved]
22:20, 7 August 2010 Platonides (talk | contribs) changed the status of r70640 [removed: new added: fixme]