Commit graph

106 commits

Author SHA1 Message Date
jenkins-bot ea6dafd412 Merge "OutputPage::setPageTitle() can take a Message directly" 2023-09-07 17:05:19 +00:00
Bartosz Dziewoński 2dfc290c57 Remove incorrect documentation comment
isBadLoginPerUserTriggered() can never return null. This comment was
added in 2016 in 31c59374a4 and it was
already incorrect then. I don't know where this idea came from.

Change-Id: Ib919999fe83562cb4fa80246ae7c6b4707da775c
2023-08-24 00:12:19 +02:00
gerritbot 4bc5e7ed8f Replace some moved Title class uses, now MediaWiki\Title\Title
Bug: T321681
Change-Id: I639a03a5f828d7036e29a11a8a45d8d1e8923590
2023-08-19 04:14:21 +00:00
Umherirrender 5740fcf8c4 docs: Use IContextSource for EditFilterMergedContent hook handler
Use narrow interface IContextSource instead of class RequestContext

Change-Id: Ibe2c9101f40ac28a0c65eade35af896f9a54c285
2023-08-15 12:20:42 +02:00
C. Scott Ananian 6bc6f1ef87 OutputPage::setPageTitle() can take a Message directly
Bug: T343849
Change-Id: Ib519fbcb47cbe8d0af9ec495c7c91cb2ec8a736e
2023-08-10 11:44:44 -04:00
Amir Sarabadani 59a654711b Allow aggregation of captcha logs
without it, the normalized and non-normalized log entry would be the
same. As seen in:
https://logstash.wikimedia.org/app/dashboards#/doc/logstash-*/logstash-mediawiki-1-7.0.0-1-2023.08.03?id=UKIRu4kB6U_kV85AiHjE

Change-Id: I2eaca27b8c494b1b9749c2e9ad3770029c90b114
2023-08-03 13:10:17 +02:00
Amir Sarabadani 209db3647a Improve support for read-new wikis with externallinks
Depends-On: I921728974cde0a095fb3034fc80f7f4bb046f380
Bug: T337149
Change-Id: I996f99acb2a0f26b177fff097406b1d935467f80
2023-05-25 11:50:34 +02:00
Umherirrender c9511bb825 Replace $wgOut with RequestContext::getMain()
Bug: T252978
Change-Id: I5e677fde89accfa6363824ef4cbd8808097e00f3
2023-05-15 22:32:44 +02:00
gerritbot b8c790cd14 Update moved class EditPage
See T321882. Moved in Ibefc44eb64aed

Bug: T321681
Change-Id: Ifa1c20cd4e6ef6856194d4228dd542a9e2fda43f
2023-05-07 01:08:19 +02:00
gerritbot b3faf4d28b Update moved class ContentSecurityPolicy
See T321882. Moved in Ic809656a31

Bug: T321681
Change-Id: Ifee5e52ff0f67269fda4d90cd3dec1b6f89b7e8a
2023-05-06 21:18:56 +00:00
Amir Sarabadani 70a398c036 Use core's externallinks lookup
Depends-On: I8ae9ef388957b0c04efa281f3bc3b5796bec17fe
Bug: T326251
Change-Id: Ibb0f01bdb7a7286389732d45ed0177ca4dfbf2a5
2023-04-24 19:55:10 +02:00
Umherirrender 65d54c1a27 Replace deprecated HTMLForm::addFooterText
Bug: T325474
Change-Id: I32197ab82558b6aba9b535614f129dc06b51d0eb
2022-12-27 12:48:17 +01:00
Reedy 30cd1d8a23 Namespace base classes
Change-Id: I3fa9747e0ea970c5de39e2da8603e1bba9388a69
2022-07-30 18:13:03 +00:00
Alexander Vorwerk 607452ef05 Add new ConfirmEditTriggersCaptchaHook
This allows the dynamic activation of CAPTCHAS triggering without the
need to change the configuration.

This lays the foundation for stewards to later be able to activate
'emergency captchas' via an on-wiki interface.

Bug: T303433
Change-Id: If48689fe068aa3ec56e51e01b84cf25c63bcbf0b
2022-06-30 18:59:45 +00:00
Roman Stolar 87c1b07038 Replace deprecated methods IContextSource::getWikiPage && IContextSource::canUseWikiPage
Use CacheKeyHelper to collect status of captchas that was activated instead of set random properties on page object.

Bug: T275710
Change-Id: I7942ccd6b58584f436f872bf7c9deb63ab84482a
2021-11-11 17:02:30 +02:00
Daimona Eaytoy 6da60010a4 Don't put HTML via RawMessage in the EditFilterMergedContent hook Status
This just won't work:
- For edits via the UI, errors are wrapped in an errorbox div by
  EditPage.php, so this code is outputting an errorbox inside an
  errorbox, which is simply painful to see.
- API edits don't format errors via HTML, so trying to pass raw HTML
  there results in broken formatting

Bug: T293818
Change-Id: Ib74d128cc71246c7cfa72456cbe453e8086f2d63
2021-11-02 18:59:46 +01:00
sbassett 1493c928c2 SECURITY: Avoid double-escaping html tag contents
* Avoid double-escaping the captcha-edit-fail message
via both Html::element and RawMessage.

* Also add suppress comment due to overall taint of
RawMessage.

Bug: T293818
Change-Id: I6b985266a26f6b152bca05a91f6054ed1a5f2a5a
2021-11-02 09:45:06 -05:00
Alexander Vorwerk fc7a88124e Use Parser::getUserIdentity() instead of ::getUser() in SimpleCaptcha
ParserOptions::__construct() and Parser::preSaveTransform() both
accept an UserIdentity and don't need a full user object.

Bug: T289731
Change-Id: I9e3d3f21452167ae1b1e9dca664605ee471f90e2
2021-08-25 22:13:32 +02:00
jenkins-bot f5b0e5b9d2 Merge "SimpleCaptcha: avoid using ContentHandler::getContentText()" 2021-07-12 12:38:22 +00:00
Reedy cedfdae4c5 Revert "Replace depricating method IContextSource::getWikiPage && IContextSource::canUseWikiPage"
This reverts commit 0a221920ae.

Bug: T285959
Change-Id: Idc0d2beae2f73c15515041153daa831da5c29eaa
2021-07-01 15:57:03 +00:00
Roman Stolar 0a221920ae Replace depricating method IContextSource::getWikiPage && IContextSource::canUseWikiPage
Bug: T275710
Change-Id: Id27157692cd6a4e747b122813ba653d04854f042
2021-06-28 16:25:49 +03:00
DannyS712 aedd7f481b Pass a user to WikiPage::prepareContentForEdit()
Bug: T285447
Change-Id: Id9ca458d13c71a4114cf961541c47566afd80277
2021-06-24 03:30:14 +00:00
Alexander Vorwerk f2e8c8cf03 SimpleCaptcha: avoid using ContentHandler::getContentText()
ContentHandler::getContentText() is deprecated and should be
replaced with Content::getText() for TextContent instances.

Change-Id: Iafe14100b3776510c5159657f42f6c0c8d551539
2021-05-18 00:03:26 +02:00
Reedy 7662c8ab5f SimpleCaptcha: Remove unused SecurityCheck-DoubleEscaped suppression
Change-Id: Ib1a141df679bfaa9a94ba04cccea52a3d6503166
2021-04-21 23:22:37 +01:00
vladshapik 3f46a9b5c1 Avoid using User ::getCanonicalName
Remove using of User::getCanonicalName since this method will be hard-deprecated. Now it is soft-deprecated

Bug: T275030
Change-Id: Ic11a4259271c8941225882ddce64b53d44280409
2021-02-21 23:44:07 +02:00
libraryupgrader b482798a02 build: Updating mediawiki/mediawiki-phan-config to 0.10.5
Change-Id: I6f9091dbff52c91c6ad81a386a2355a82ab6012a
2020-12-10 22:03:48 +00:00
libraryupgrader fd495575a1 build: Updating mediawiki/mediawiki-codesniffer to 32.0.0
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationPrivate
* MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationProtected
* MediaWiki.Commenting.PropertyDocumentation.WrongStyle

Change-Id: I8479cfb5fbc67a6472e28045ece5ea2ae1ba6ac6
2020-10-29 08:41:34 +00:00
Florian 9aba484800 Add Content Security Policy handling for ReCaptcha and hCaptcha
Bug: T250544
Change-Id: I280054a8252c991cca04ec74bdb41e079c885d99
2020-10-29 02:36:00 +00:00
DannyS712 21ec725c5a Update hooks to use PageSaveComplete
Extension requires MW 1.35+, always available

Bug: T250566
Change-Id: I43d76880557dd794540147503c7c94091c7b847a
2020-06-23 19:36:44 +00:00
DannyS712 f0e26d680b Remove use of Revision::newFromTitle
Bug: T249183
Change-Id: I0532af197c7bf4ae88c85c27cdfb5e55ea46feb3
2020-04-04 04:10:13 +00:00
DannyS712 b8b0e23632 Pass a user when creating a new ParserOptions
Bug: T246861
Change-Id: Ib516006f0a02c26da50d2a865242adc5cc65be9e
2020-03-04 08:08:26 +00:00
jenkins-bot f5f9c0971d Merge "Remove unused return values and reduce code complexity" 2020-02-09 17:27:11 +00:00
Ammar Abdulhamid 07a2824630 Replace deprecated IP class with IP Utilities
* Also bump required MW version to 1.35.0

Bug: T242556
Change-Id: I279e7d83a0dc75414117208ed23f8cc6b729eb19
2020-02-09 08:23:02 +01:00
Thiemo Kreuz 0dfd1f4ed1 Remove unused return values and reduce code complexity
Changes:
* Do not return anything in a method that is not expected to return
  something.
* Inline some previously hard to read code.
* More specific type hints, if possible.

Change-Id: I0e460899eea07d8733f638a11133adc3000f0542
2020-02-03 15:37:32 +01:00
jenkins-bot efadd21e76 Merge "Stop passing objects by reference" 2020-01-19 16:43:11 +00:00
Max Semenik 9380fa050e Stop passing objects by reference
Bug: T193950
Change-Id: I8c4aabe75ffce55f81c7ffb0f76b67155db1f761
2020-01-17 20:08:16 +00:00
DannyS712 affb6a238e Remove use of global $wgUser
Bug: T242936
Change-Id: I618b223ba9a1d0c9944bb171ffff345ae8e512ed
2020-01-16 01:28:02 +00:00
libraryupgrader 54f6c6d87e build: Updating mediawiki/mediawiki-codesniffer to 29.0.0
Additional changes:
* Also sorted "composer fix" command to run phpcbf last.

Change-Id: Iba0ed9df5be4a7fbedce377556c87d42bddfb509
2020-01-14 04:33:04 +00:00
libraryupgrader d481d0c8db build: Updating mediawiki/mediawiki-phan-config to 0.9.0
Additional changes:
* Added .eslintcache to .gitignore.
* Fix wrong types

Change-Id: I833b061c62b82f3c88d968c70bae8317641aaa3d
2019-12-27 14:42:40 +00:00
Daimona Eaytoy 7297235b2a Pass correct type to constructor
Although there was no docblock on CaptchaAuthenticationRequest::__construct,
the method is supposed to get a string and an array, as that's how the
class members are documented and used. Trying to access offsets of null
resulted in PHP notices on PHP 7.4, as seen in the experimental job
for various repos.

Bug: T239726
Change-Id: Idd073ebf3d560543ec225479de060e3c198847eb
2019-12-03 19:30:55 +00:00
James D. Forrester d0d036ea50 Drop use of wgParser, replaced in 1.32 and to be removed in 1.35
Bug: T160811
Change-Id: I6147fc4aa6d004cd848c170750a740091c336012
2019-10-28 20:12:00 +00:00
RazeSoldier dd1ccc92ea Enable OOUI in SimpleCaptcha
If we use it without OOUI enabled, an exception will be thrown

Bug: T232129
Change-Id: I46ee483b67776fa528a0267cfcafb1b0cee1a670
2019-09-07 17:46:09 +08:00
Aaron Schulz 82d48cae8c Switch to using BagOStuff::incrWithInit()
Change-Id: Ia82d9985f3f416ccbb5d7414848cc5b894635ca4
2019-08-09 16:50:55 -07:00
Derick Alangi 4a1c8bbfbd SimpleCaptcha: Avoid usage of deprecated wfGlobalCacheKey()
Deprecated in 1.30 and makeGlobalKey() on a BagOStuff was available
since 1.27. This extension requires 1.31 so the migration seems fine.

Change-Id: Ia7b276ee65fdf58c4fc0859563930528d44a03ca
2019-07-18 17:40:04 +01:00
Derick Alangi 92b41aa481 Avoid usage of deprecated ObjectCache::getMainWANInstance()
Replacement with services made available in 1.28 and this extension
requires 1.31. So, the replacement is good.

Change-Id: Idd5dda1e7cfa34b71ffb13446eb0f9e4f113f678
2019-07-03 13:43:23 +01:00
jenkins-bot bdefccfd6c Merge "Fix bug in Captcha::confirmEditMerged which breaks the $wgCaptchaRegex check" 2019-05-26 10:42:22 +00:00
Umherirrender 72900c1ac5 Improve param docs
Change-Id: Ie0619f6f946e651df9c102f0f4f305c15b10eab4
2019-05-23 21:16:12 +02:00
Porplemontage e8c475dc8d Fix bug in Captcha::confirmEditMerged which breaks the $wgCaptchaRegex check
Change the passing of $section to an empty string instead of false to properly comply with its type and the check in Captcha::loadText

Bug: T211848
Change-Id: I0555f7fbe246b0a4741759aee5b265b4f2cc3843
2019-05-22 22:33:53 +00:00
Florian a46515f782 Do not ignore message parameters
The return value of the getMessage function is intentionally a Message
object (which can have different stuff, be a RawMessage or contain
parameters. Just getting the key of the message, passing it to another
function which just creates a new message out of it, doesn't make sense
and breaks the original intention of the method.

This is now fixed by this change.

Bug: T222590
Change-Id: Id8ebba6b8239e6eee4be698680edcafad6c86cb0
2019-05-18 21:27:16 +02:00
Umherirrender 9bc797453e Swap ternary check for if statement
isset is not needed to check for null
and if is used, because the else branch is not needed

Change-Id: I3069ac43911101aa500c4897d419dca68f968040
2019-03-14 19:54:36 +01:00