wikimedia/mediawiki-extensions-AbuseFilter
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git synced 2024-11-15 10:15:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
mediawiki-extensions-AbuseF.../includes
History
Martin Urbanec 5fd861365f SECURITY: Make sure provided filter id match provided history ID in history view 
AbuseFilterViewEdit does privilege checks based on filter ID,
and displays what is hidden under given history ID, but doesn't
make sure those two IDs actually belong to one filter.

That means user can easily change filter ID to a public
filter and view old versions of nowadays private filters.

Bug: T237887
Change-Id: Ic12790bd33982473f77551bde9599ed083a3e1f1
2019-11-14 15:53:14 -06:00
..
api Remove usages of deprecated User methods 2019-10-30 12:51:01 +00:00
pagers Use PHP regexps instead of SQL to filter on Special:AbuseFilter 2019-11-01 11:26:17 +11:00
parser Also parse numbers with the new syntax and hard-deprecate the old one 2019-11-12 11:52:38 +00:00
special Remove usages of deprecated User methods 2019-10-30 12:51:01 +00:00
Views SECURITY: Make sure provided filter id match provided history ID in history view 2019-11-14 15:53:14 -06:00
AbuseFilter.php Fix conditionals examples in i18n messages 2019-11-02 11:32:05 +01:00
AbuseFilterChangesList.php Merge "Don't send long patterns with GET" 2019-01-20 14:20:31 +00:00
AbuseFilterHooks.php Remove usages of deprecated User methods 2019-10-30 12:51:01 +00:00
AbuseFilterModifyLogFormatter.php build: Upgrade phan-taint-check-plugin from 1.5.x to 2.0.1 2019-07-10 15:30:52 +00:00
AbuseFilterPreAuthenticationProvider.php Add profiling points throughout the code for the CachingParser switch 2019-09-18 10:02:55 +00:00
AbuseFilterRightsLogFormatter.php Remove script for blockautopromote entries 2019-09-09 13:56:56 +02:00
AbuseFilterRunner.php Use AbstractBlock setters and getters instead of deprecated properties 2019-10-20 00:35:00 +01:00
AbuseFilterSuppressLogFormatter.php Migrate AbuseFilter suppress log 2018-08-21 16:05:54 +00:00
AbuseFilterVariableHolder.php Remove disabled variables deprecation 2019-10-04 15:03:08 +02:00
AbuseLogHitFormatter.php Minor escaping fixes 2018-07-05 18:51:30 +00:00
AFComputedVariable.php Drop HHVM support 2019-10-03 12:27:18 +00:00
TableDiffFormatterFullContext.php Fix coding conventions exclusion rules 2018-04-20 08:40:18 +00:00