r87482 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r87481‎ | r87482 | r87483 >
Date:05:29, 5 May 2011
Author:tstarling
Status:resolved (Comments)
Tags:
Comment:
* Fix for bug 28534: IE 6 content type detection again
* Fix for bug 28639: user object instance cache pollution
* Release notes formatting tweak.
Modified paths:
  • /trunk/phase3/RELEASE-NOTES (modified) (history)
  • /trunk/phase3/images/.htaccess (modified) (history)
  • /trunk/phase3/img_auth.php (modified) (history)
  • /trunk/phase3/includes/User.php (modified) (history)
  • /trunk/phase3/includes/WebRequest.php (modified) (history)

Diff [purge]

Index: trunk/phase3/images/.htaccess
@@ -1,6 +1,6 @@
22 # Protect against bug 28235
33 <IfModule rewrite_module>
44 RewriteEngine On
5 - RewriteCond %{QUERY_STRING} \.[a-z0-9]{1,4}(#|\?|$) [nocase]
 5+ RewriteCond %{QUERY_STRING} \.[^\\/:*?\x22<>|%]+(#|\?|$) [nocase]
66 RewriteRule . - [forbidden]
77 </IfModule>
Index: trunk/phase3/includes/User.php
@@ -937,24 +937,25 @@
938938 return false;
939939 }
940940
941 - $this->mId = $sId;
942 - if ( !$this->loadFromId() ) {
943 - # Not a valid ID, loadFromId has switched the object to anon for us
 941+ $proposedUser = User::newFromId( $sId );
 942+ if ( !$proposedUser->isLoggedIn() ) {
 943+ # Not a valid ID
 944+ $this->loadDefaults();
944945 return false;
945946 }
946947
947948 global $wgBlockDisablesLogin;
948 - if( $wgBlockDisablesLogin && $this->isBlocked() ) {
 949+ if( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
949950 # User blocked and we've disabled blocked user logins
950951 $this->loadDefaults();
951952 return false;
952953 }
953954
954955 if ( $wgRequest->getSessionData( 'wsToken' ) !== null ) {
955 - $passwordCorrect = $this->mToken == $wgRequest->getSessionData( 'wsToken' );
 956+ $passwordCorrect = $proposedUser->getToken() === $wgRequest->getSessionData( 'wsToken' );
956957 $from = 'session';
957958 } else if ( $wgRequest->getCookie( 'Token' ) !== null ) {
958 - $passwordCorrect = $this->mToken == $wgRequest->getCookie( 'Token' );
 959+ $passwordCorrect = $proposedUser->getToken() === $wgRequest->getCookie( 'Token' );
959960 $from = 'cookie';
960961 } else {
961962 # No session or persistent login cookie
@@ -962,7 +963,8 @@
963964 return false;
964965 }
965966
966 - if ( ( $sName == $this->mName ) && $passwordCorrect ) {
 967+ if ( ( $sName === $proposedUser->getName() ) && $passwordCorrect ) {
 968+ $this->loadFromUserObject( $proposedUser );
967969 $wgRequest->setSessionData( 'wsToken', $this->mToken );
968970 wfDebug( "User: logged in from $from\n" );
969971 return true;
@@ -1064,6 +1066,18 @@
10651067 }
10661068
10671069 /**
 1070+ * Load the data for this user object from another user object.
 1071+ */
 1072+ protected function loadFromUserObject( $user ) {
 1073+ $user->load();
 1074+ $user->loadGroups();
 1075+ $user->loadOptions();
 1076+ foreach ( self::$mCacheVars as $var ) {
 1077+ $this->$var = $user->$var;
 1078+ }
 1079+ }
 1080+
 1081+ /**
10681082 * Load the groups from the database if they aren't already loaded.
10691083 * @private
10701084 */
Index: trunk/phase3/includes/WebRequest.php
@@ -786,7 +786,7 @@
787787 global $wgScriptExtension;
788788
789789 if ( isset( $_SERVER['QUERY_STRING'] )
790 - && preg_match( '/\.[a-z0-9]{1,4}(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) )
 790+ && preg_match( '/\.[^\\/:*?"<>|%]+(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) )
791791 {
792792 // Bug 28235
793793 // Block only Internet Explorer, and requests with missing UA
Index: trunk/phase3/img_auth.php
@@ -40,7 +40,7 @@
4141
4242 // Check for bug 28235: QUERY_STRING overriding the correct extension
4343 if ( isset( $_SERVER['QUERY_STRING'] )
44 - && preg_match( '/\.[a-z0-9]{1,4}(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) )
 44+ && preg_match( '/\.[^\\/:*?"<>|%]+(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) )
4545 {
4646 wfForbidden( 'img-auth-accessdenied', 'img-auth-bad-query-string' );
4747 }
Index: trunk/phase3/RELEASE-NOTES
@@ -1,7 +1,7 @@
22 = MediaWiki release notes =
33
44 Security reminder: MediaWiki does not require PHP's register_globals
5 -setting since version 1.2.0. If you have it on, turn it *off* if you can.
 5+setting since version 1.2.0. If you have it on, turn it '''off''' if you can.
66
77 == MediaWiki 1.18 ==
88

Follow-up revisions

RevisionCommit summaryAuthorDate
r87483* Fix for bug 28534: IE 6 content type detection again...tstarling05:31, 5 May 2011
r87484* Fix for bug 28534: IE 6 content type detection again...tstarling05:33, 5 May 2011

Past revisions this follows-up on

RevisionCommit summaryAuthorDate
r85844Fix for bug 28235: IE6 looks for the file extension in the query stringtstarling00:55, 12 April 2011

Comments

#Comment by Duplicatebug (talk | contribs)   09:13, 7 May 2011 
preg_match( '/\.[^\\/:*?"<>|%]+(#|\?|$)/i', 'load.php' );

is true. That breaks the loading of stylesheets in some cases for IE. For example bug 28840

#Comment by Catrope (talk | contribs)   16:27, 9 May 2011

It's checking against QUERY_STRING, so the actual value fed is not load.php but something more like debug=false&modules=jquery.ui.foo|jquery.ui.bar&skin=vector . But the general principle is the same: this contains dots, so it matches the regex and triggers 403s for IE clients.

#Comment by Brion VIBBER (talk | contribs)   18:12, 7 June 2011

IE6 bits are follow-up to r85844.

#Comment by Reedy (talk | contribs)   19:02, 24 August 2011

Is this still broken?

#Comment by Catrope (talk | contribs)   19:03, 24 August 2011

I believe this is fixed now, but someone should break out an IE6 VM and check.

#Comment by Tim Starling (talk | contribs)   04:08, 29 August 2011

The problems with this revision have been fixed. I checked the relevant fixes against IE 6 at the time.

Status & tagging log