Commit graph

4138 commits

Author SHA1 Message Date
Daimona Eaytoy 354e75f681 Show only changed sections in diffs
In order to have a less clogged diff and spot the real changes more
easily.

Bug: T21716
Change-Id: I60ab88d47716186fd0af289081033a8e274d9d85
2018-05-01 21:05:01 +02:00
Daimona Eaytoy 9b1f1b263e Fix XSS vulnerabilities
I found these vulnerabilities while trying to setup seccheck. Although
I'm not sure whether seccheck recognised them, I'm sure that they exist
since I did manual tests, and it's possible to inject custom scripts
with these.

Change-Id: I97804be8352a1b784d483195edb29e363a0c616e
2018-05-01 16:55:46 +02:00
Roan Kattouw cbabcf1276 Follow-up 392f37d516: fix undefined index notice
'disallow' rules with a missing first parameters are perfectly fine (and
quite common), so don't throw notices when that happens.

This broke Flow's unit tests, and caused exceptions for all api.php
edits that triggered a 'disallow' rule.

Change-Id: Ibebedb566da705e77ffb831ebda6476adba07c93
2018-04-30 15:24:25 -07:00
Translation updater bot 1d04847a06 Localisation updates from https://translatewiki.net.
Change-Id: I184f95c793092d0210f90ce0cccf12b6bb5c91a0
2018-04-30 22:21:44 +02:00
Daimona Eaytoy 04b15a1b75 Reset condCount when entering checkAllFilters
This seems like the logical way to be sure that multiple mass actions
won't be counted as one, thus reaching the conditions limit. I tried to
test this locally, but I actually had troubles to simply replicate the
issue of the reached limit in a stable manner, so I'm not totally sure.
Anyway, this shouldn't do any harm.

Bug: T193374
Change-Id: Icdc172f76705870ee502339a53e912e15a3bd31d
2018-04-30 18:42:24 +02:00
Daimona Eaytoy 99f32a1408 Fix undeclared variable
The variable was declared in the "if" branch but also used in the "else"
one. This caused the rules textarea to not have the readonly attribute
if the user wasn't allowed and CodeEditor wasn't installed.

Change-Id: I2bf69dc0f2d24efac41d1ac6100ed7e286e3afa4
2018-04-30 15:55:10 +02:00
Daimona Eaytoy b18e763c7e Move phan dependency to dev
Change-Id: I2527a26c1cdbf9842e87660c9787362a6d99bdb4
2018-04-30 14:16:46 +02:00
Daimona Eaytoy caa4b1c763 Add phan configuration
This is taken from I6a57a28f22600aafb2e529587ecce6083e9f7da4 and makes
all the needed changes to make phan pass. Seccheck will instead fail,
but since it's not clear how to fix it (and it is non-voting), for the
moment we may merge this and enable phan on IC.

Bug: T192325
Change-Id: I77648b6f8e146114fd43bb0f4dfccdb36b7ac1ac
2018-04-30 08:32:58 +00:00
Translation updater bot 128fe988b3 Localisation updates from https://translatewiki.net.
Change-Id: I497256570bb9a2bb581c82b097f9d4e15ca62f43
2018-04-29 22:30:48 +02:00
jenkins-bot 6977370883 Merge "Sync parser tests with examples on mediawiki" 2018-04-29 13:55:04 +00:00
jenkins-bot a267c7be8a Merge "Fix i18n for equals_to_any" 2018-04-29 13:51:25 +00:00
Translation updater bot 4c214289d7 Localisation updates from https://translatewiki.net.
Change-Id: Ia38d4fbd68b458c3afa76c4e66f01c04d3fa0f4d
2018-04-28 22:32:34 +02:00
Translation updater bot 64614ad673 Localisation updates from https://translatewiki.net.
Change-Id: I020959c376623e405115ea67deddae61a46781fb
2018-04-27 22:25:31 +02:00
Daimona Eaytoy fb325948b6 Fix i18n for equals_to_any
I wrongly wrote that it's used for strings, while it actually accepts
any kind of argument. Also, specified the used operator.

Change-Id: I6d3545517a83f56f7393a1d1f99ce61d480e333d
2018-04-26 22:28:23 +02:00
Translation updater bot 8b1fdb8a7c Localisation updates from https://translatewiki.net.
Change-Id: I4628fc7418c0ef11583e9a50051d9521da4f8fee
2018-04-26 22:16:17 +02:00
Daimona Eaytoy 9eea111d9f Sync parser tests with examples on mediawiki
I added on MW an example of comparison with empty array, which we should
keep inside the dedicated test as well.

Change-Id: Ifa4bca85c8978ef24ed5bb26787730bb4521261f
2018-04-26 18:47:51 +02:00
jenkins-bot 2e116e5c6d Merge "Don't use an empty string for block parameters" 2018-04-26 14:20:09 +00:00
jenkins-bot 13141ebe3e Merge "Convert Special:AbuseFilter/tools to use OOUI" 2018-04-26 14:20:05 +00:00
jenkins-bot fce4b4c305 Merge "Switch plain links to OOUI buttons in /history and diffs" 2018-04-26 13:45:08 +00:00
jenkins-bot 51591b9fb8 Merge "Move AbuseFilter::buildEditBox static method to AbuseFilterView class" 2018-04-26 13:45:07 +00:00
jenkins-bot 9a696727f7 Merge "Show the search error on a new line" 2018-04-26 13:41:08 +00:00
jenkins-bot 6aa6b8fc13 Merge "Add the remaining equality checks" 2018-04-26 13:25:56 +00:00
Daimona Eaytoy 30d1eac47f Show the search error on a new line
By wrapping it in a P element. Plus, use Html class to build the error
box.

Bug: T193109
Change-Id: If753a7a7c56ea041a80b7efd6bee5a175a001221
2018-04-26 09:38:44 +02:00
Daimona Eaytoy d9fc90c281 Move AbuseFilter::buildEditBox static method to AbuseFilterView class
Make it non static, plus a couple of minor stylistic fixes to such method.

Bug: T190180
Change-Id: I54dd1f785d33908a0481aa2db997aa085776fc2d
2018-04-26 09:24:04 +02:00
Daimona Eaytoy 26ef911517 Switch plain links to OOUI buttons in /history and diffs
Like we did for the button to create a new filter on
Special:AbuseFilter.

Bug: T132284
Change-Id: Ie4e43b74893b00b88dd5e7fd627a2572d3157acc
2018-04-26 09:21:59 +02:00
Daimona Eaytoy 7008de80e6 Don't use an empty string for block parameters
Follow-up of Iaeae672dca66ffc745054daabd6f0eae7dfbc648. Some actions
were still marked with red, specifically the ones with block inside. The
reason is that we stored the 'blocktalk' parameter as an emtpy string if
false, which wasn't filtered when loading request. Changing the empty
string to something different is enough to fix the problem, hopefully
without regressions. Note that this isn't retroactive and needs an edit
to become effective.

Bug: T189681
Change-Id: I7d7f0606fc23bad5ba342076066ab0e935680b3f
2018-04-26 09:13:02 +02:00
jenkins-bot 0b35bdcae9 Merge "Add missing parameter and suppress warnings for regex errors" 2018-04-26 02:28:20 +00:00
jenkins-bot 04325d0f99 Merge "Add equals_to_any function" 2018-04-25 23:26:04 +00:00
jenkins-bot 5c8b6cf3a6 Merge "Fix typo in i18n message" 2018-04-25 23:21:19 +00:00
Daimona Eaytoy 71f375f19a Add equals_to_any function
Introduce a new function which can be used to group multiple comparisons
in a single condition. In particular, equals_to_any(S, A, B) is the
equivalent of S === A || S === B. This is especially useful in checking
for multiple namespaces, as proposed in the Community health initiative.

Change-Id: I9dcfe303eb5e51e1882fe4a65fa876aa93db7686
2018-04-25 23:12:19 +00:00
Translation updater bot 1f8b5db73f Localisation updates from https://translatewiki.net.
Change-Id: Iaf87f7dbdfbfa56c49caf0fb9fee2437a55588b0
2018-04-25 22:38:15 +02:00
Daimona Eaytoy 61cd27972d Fix typo in i18n message
As pointed out on phab, there's a space missing here. Fixing as proposed
there.

Bug: T172617
Change-Id: I6b74f511bbae481a93e3a174d40928445096148b
2018-04-25 18:24:16 +02:00
Daimona Eaytoy 24c8d7d54e Add the remaining equality checks
I left as ToDo the checks between an array and something else. With this
patch, it'll work like PHP: the result will be true iff the comparison
is loose, the array is empty and the other operand is either false or
null.

Change-Id: Idc5cadb697ed4fc7f4856967274169f77495ed9f
2018-04-25 10:16:50 +02:00
Daimona Eaytoy c2302385c1 Add missing parameter and suppress warnings for regex errors
I added searchEnabled in I0771fa048d21031ed1e0f8a6909213bdb869a5ed, but
forgot to pass it as parameter when there's an error with the regex.
This means that, if you try to make a search with a wrong regex, when
the page is reloaded the fields for searching aren't shown and you get a
PHP warning. Here I also added warning suppressions as usually done when
checking regex validity to avoid unnecessary PHP warnings.

Change-Id: Ibc3110c30959c99d0825e1e3d7edb1e96dd9d536
2018-04-25 08:06:15 +00:00
Translation updater bot 220597e214 Localisation updates from https://translatewiki.net.
Change-Id: I3ee8e2d3cbb37a04f0961df3d721b9e6507e4809
2018-04-24 22:22:05 +02:00
jenkins-bot 913d37eba6 Merge "Filter parameters when loading/editing them" 2018-04-24 00:24:57 +00:00
Daimona Eaytoy fa413d431e Use the old textarea if JavaScript is disabled
Basically, with this we always start with a functioning textarea. If JS
is enabled (and CodeEditor installed), it gets then replaced by the Ace
editor.

Bug: T192241
Change-Id: Id4dc1debf0240d5b336f4d9ab5b363c240f08807
2018-04-23 23:43:23 +00:00
Daimona Eaytoy 392f37d516 Filter parameters when loading/editing them
Re-opening of I8eb50d38c81b4e446c0f1dc03abc27122b8fa025 by Thiemo Kreuz.

Bug: T189681
Change-Id: Iaeae672dca66ffc745054daabd6f0eae7dfbc648
2018-04-23 23:43:05 +00:00
Translation updater bot fb9b947a67 Localisation updates from https://translatewiki.net.
Change-Id: Iac620ebd10bc24276b1492de63094e84dd598b5a
2018-04-23 22:29:57 +02:00
Translation updater bot 44f1c0a7a8 Localisation updates from https://translatewiki.net.
Change-Id: I9008645e7150e1ae31e578590f7dc89d91f9be23
2018-04-22 22:21:12 +02:00
jenkins-bot 97be7d21ed Merge "Remove unused wgTitle + remove exception from PHPCS" 2018-04-22 13:53:37 +00:00
Translation updater bot 5e2fa0ab1e Localisation updates from https://translatewiki.net.
Change-Id: I5c77ed3aca76470838c24ab2c30c7173f633e65e
2018-04-21 22:15:20 +02:00
Daimona Eaytoy f84b7f7158 Remove unused wgTitle + remove exception from PHPCS
As discussed in the task, wgTitle was used (overridden) since it was null in API
calls. However, the problem has been fixed in api.php in 2009, so we
don't need to deal with it anymore. This also means that we may remove
anything else that was added to restore the original title at the end of
the function. At last, this was the only remaining exception for PHPCS.

Bug: T178007
Change-Id: Id043c74ec8d57c5fb0ab22f54acf6a31fe6b6f06
2018-04-21 10:03:49 +02:00
Translation updater bot e58674664c Localisation updates from https://translatewiki.net.
Change-Id: I97a0eea8bf7e9fda8126b1a380189ab2c061171a
2018-04-20 22:12:39 +02:00
Daimona Eaytoy 3c3a521fec Fix coding conventions exclusion rules
This should fix every error with excluded rules, leaving only the one
for $wgTitle. A double check would be nice in order to avoid regressions
due to stupid mistakes.

Bug: T178007
Change-Id: I22c179f3a01d652640304b59e43fcb5b5a9abac3
2018-04-20 08:40:18 +00:00
Translation updater bot 1658bc176f Localisation updates from https://translatewiki.net.
Change-Id: I74d8bb7eb066ed3b0a4331d721eb3777b9efd90d
2018-04-19 22:13:27 +02:00
Translation updater bot d1070e5956 Localisation updates from https://translatewiki.net.
Change-Id: If84e411c1a785f94a21feffc7ed912ff7825afe3
2018-04-18 22:10:26 +02:00
Reedy f990b07bec Update at-ease calls
Bug: T187037
Change-Id: I6448e581a14c468ac2ea8f1752ded6be550d0592
2018-04-18 14:29:37 +00:00
Translation updater bot e7654c986f Localisation updates from https://translatewiki.net.
Change-Id: Iccddef22e482a702d42c49f67d6e71e473b96c14
2018-04-17 22:24:48 +02:00
jenkins-bot 0c47bb5574 Merge "Fix parameter order for AbuseFilterParser::contains" 2018-04-16 23:32:50 +00:00