Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/img_auth.php

228 lines
8 KiB
PHP
Raw Normal View History

Script to allow MediaWiki-based authentication for downloading items from the upload directory. To use, deny access to the actual directory, and set $wgUploadPath to this script. Image URLs will be of the form "http://server.com/wiki/img_auth.php/0/00/Image.png". The script checks the cookies and the session data, and if everything is OK, streams out the named file.
2004-06-07 06:57:53 +00:00
<?php
* phpdoc for file description * single quotes
2005-01-27 04:30:18 +00:00
/**
docs: Improve "Entry points" documentation page Turn this into a doc group, and let the descriptions come directly from the files in question. This makes the list easier to maintain, and alsom means that the overview page becomes discoverable whenever one is looking at the entry point file as well. Previously the doc page pointed to the entry points, but not the other way around. This is also fixed. Bug: T244294 Change-Id: I891c5a37e17592edc1136d7367949927121c8bc8
2020-02-04 21:44:38 +00:00
* The web entry point for serving non-public images to logged-in users.
* Fix img_auth.php image name extraction for whitelist checking * (bug 10756) img_auth.php will now refuse logged-out requests when there is no whitelist, rather than allowing them through
2007-08-06 06:15:21 +00:00
*
Changing URLs of mediawiki.org in scripts to the SSL-based website http://www.mediawiki.org --> https://www.mediawiki.org Part 2 Change-Id: I3be61fe3dfb502cc20180486eb1a8016eac151df
2014-03-12 22:30:35 +00:00
* To use this, see https://www.mediawiki.org/wiki/Manual:Image_Authorization
* Fix img_auth.php image name extraction for whitelist checking * (bug 10756) img_auth.php will now refuse logged-out requests when there is no whitelist, rather than allowing them through
2007-08-06 06:15:21 +00:00
*
Same as r48631; added "@file" when needed, also added doc in redirect.php and install-utils.inc
2009-03-21 16:48:09 +00:00
* - Set $wgUploadDirectory to a non-public directory (not web accessible)
* - Set $wgUploadPath to point to this file
* s~ +$~~
2006-01-07 13:09:30 +00:00
*
Cleaned up img_auth code and re-integrated core img-auth- messages.
2009-09-10 21:12:55 +00:00
* Optional Parameters
*
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
* - Set $wgImgAuthDetails = true if you want the reason the access was denied messages to
* be displayed instead of just the 403 error (doesn't work on IE anyway),
* otherwise it will only appear in error logs
Cleaned up img_auth code and re-integrated core img-auth- messages.
2009-09-10 21:12:55 +00:00
*
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
* For security reasons, you usually don't want your user to know *why* access was denied,
* just that it was. If you want to change this, you can set $wgImgAuthDetails to 'true'
* in localsettings.php and it will give the user the reason why access was denied.
Cleaned up img_auth code and re-integrated core img-auth- messages.
2009-09-10 21:12:55 +00:00
*
INSTALL: Don't warn against using PHP "as a CGI plugin" This note is very old; it was added in r2832 (635388356be70130) and r3285 (7ab7a50cf928861f). Modern versions of MediaWiki support CGI and FastCGI installations nearly as well as mod_php installations. In fact, Wikimedia currently uses HHVM's "fastcgi" server type, and intends to use php-fpm with PHP 7 (see migration plan in T176370). For a basic MediaWiki installation using the web installer, the only difference I know of is the default URLs: /w/index.php?title=$1 for CGI, as opposed to /w/index.php/$1 for mod_php. This issue is easy to fix by changing $wgArticlePath, if the web server sets REQUEST_URI. Admins who want to use short URLs (e.g. /wiki/$1) have to do this anyway. Also, in img_auth.php and the "img-auth-nopathinfo" message, don't imply that CGI and FastCGI server configurations generally can't provide path information or support MediaWiki features that need it. Change-Id: I89212e9d51f950a58f911083b9e109b69cd4e060
2018-07-26 05:36:19 +00:00
* Your server needs to support REQUEST_URI or PATH_INFO; CGI-based
* configurations sometimes don't.
Same as r48631; added "@file" when needed, also added doc in redirect.php and install-utils.inc
2009-03-21 16:48:09 +00:00
*
Added missing GPLv2 headers in some places. Also made file documentation more consistent. Change-Id: I30e124514396f110a572467b94ca06cefd5f7b46
2012-05-23 11:41:30 +00:00
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
Cleaned up img_auth code and re-integrated core img-auth- messages.
2009-09-10 21:12:55 +00:00
*
Added missing GPLv2 headers in some places. Also made file documentation more consistent. Change-Id: I30e124514396f110a572467b94ca06cefd5f7b46
2012-05-23 11:41:30 +00:00
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @file
docs: Improve "Entry points" documentation page Turn this into a doc group, and let the descriptions come directly from the files in question. This makes the list easier to maintain, and alsom means that the overview page becomes discoverable whenever one is looking at the entry point file as well. Previously the doc page pointed to the entry points, but not the other way around. This is also fixed. Bug: T244294 Change-Id: I891c5a37e17592edc1136d7367949927121c8bc8
2020-02-04 21:44:38 +00:00
* @ingroup entrypoint
Added missing GPLv2 headers in some places. Also made file documentation more consistent. Change-Id: I30e124514396f110a572467b94ca06cefd5f7b46
2012-05-23 11:41:30 +00:00
*/
Cleaned up img_auth code and re-integrated core img-auth- messages.
2009-09-10 21:12:55 +00:00
* Moved the main ob_start() from the default LocalSettings.php to WebStart.php. The ob_start() section should preferably be removed from older LocalSettings.php files. * Give Content-Length header for HTTP/1.0 clients. * Partial support for Flash cross-domain-policy filtering. Text entry points should be protected, but uploads are not.
2007-02-19 23:03:37 +00:00
define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
Add MW_REST_API and MW_ENTRY_POINT Define the global constant MW_REST_API in rest.php, by analogy with MW_API. Also generalize this by adding MW_ENTRY_POINT, which contains the entry script name, "cli" or "unknown". This allows tests such as if ( MW_ENTRY_POINT !== 'index' ) which is probably what is really intended by defined('MW_API') in many cases. Change-Id: I24099f4cdd170de17afd6e1bbad67c9b204071fc
2019-09-02 23:55:00 +00:00
define( 'MW_ENTRY_POINT', 'img_auth' );
phpcs: More require/include is not a function Follows-up I1343872de7, Ia533aedf63 and I2df2f80b81. Also updated usage in text in documentation and the installer LocalSettingsGenerator. Most of them were handled by this regex: - find: (require|include|require_once|include_once)\s*\(\s*(.+?)\s*\)\s*;$ - replace: $1 $2; Change-Id: I6b38aad9a5149c9c43ce18bd8edbab14b8ce43fa
2013-05-17 00:16:59 +00:00
require __DIR__ . '/includes/WebStart.php';
Script to allow MediaWiki-based authentication for downloading items from the upload directory. To use, deny access to the actual directory, and set $wgUploadPath to this script. Image URLs will be of the form "http://server.com/wiki/img_auth.php/0/00/Image.png". The script checks the cookies and the session data, and if everything is OK, streams out the named file.
2004-06-07 06:57:53 +00:00
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
wfImageAuthMain();
Refactored entry points to have uniform shutdown handling * Added doPreOutputCommit() and doPostOutputShutdown(), which most entry points just using the later * Also fixed problem where text profiling did not show up * Avoid calling triggerJobs() in the file streaming entry points Bug: T100127 Bug: T100085 Change-Id: Ibc7e768fd483389a01847f08cdeba4058c853d3f
2015-05-20 23:32:20 +00:00
$mediawiki = new MediaWiki();
Avoid using "enqueue" mode for deferred updates in doPostOutputShutdown Set appropriate headers and flush the output as needed to avoid blocking the client on post-send updates for the stock apache2 server scenario. Several cases have bits of header logic to avoid delay: a) basic GET/POST requests that succeed (e.g. HTTP 2XX) b) requests that fail with errors (e.g. HTTP 500) c) If-Modified-Since requests (e.g. HTTP 304) d) HEAD requests This last two still block on deferred updates, so schedulePostSendJobs() does not trigger on them as a form of mitigation. Slow deferred updates should only trigger on POST anyway (inline and redirect responses are OK), so this should not be much of a problem. Deprecate triggerJobs() and implement post-send job runs as a deferred. This makes it easy to check for the existence of post-send updates by calling DeferredUpdates::pendingUpdatesCount() after the pre-send stage. Also, avoid running jobs on requests that had exceptions. Relatedly, remove $mode option from restInPeace() and doPostOutputShutdown() Only one caller was using the non-default options. Bug: T206283 Change-Id: I2dd2b71f1ced0f4ef8b16ff41ffb23bb5b4c7028
2019-09-20 07:27:30 +00:00
$mediawiki->doPostOutputShutdown();
Whitespace cleanup
2011-02-01 23:08:10 +00:00
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
function wfImageAuthMain() {
Stop using SCRIPT_NAME where possible, rely on statically configured routing It has become apparent that $_SERVER['SCRIPT_NAME'] may contain the same thing as REQUEST_URI, for example in WMF production. PATH_INFO is not set, so there is no way to split the URL into SCRIPT_NAME and PATH_INFO components apart from configuration. * Revert the fix for T34486, which added a route for SCRIPT_NAME to the PathRouter for the benefit of img_auth.php. In T235357, the route thus added contained $1, breaking everything. * Remove calls to WebRequest::getPathInfo() from everywhere other than index.php. Dynamic modification of $wgArticlePath in order to make PathRouter work was weird and broken anyway. All that is really needed is a suffix of REQUEST_URI, so I added a function which provides that. * Add $wgImgAuthPath, for use as a last resort workaround for T34486. * Avoid the use of $_SERVER['SCRIPT_NAME'] to detect the currently running script. * Deprecated wfGetScriptUrl(), a fairly simple wrapper for SCRIPT_NAME. Apparently no callers in core or extensions. Bug: T235357 Change-Id: If2b82759f3f4aecec79d6e2d88cd4330927fdeca
2020-03-31 05:33:41 +00:00
global $wgImgAuthUrlPathMap, $wgScriptPath, $wgImgAuthPath;
img_auth: Avoid various usage of deprecated code and also optimize [X] Create just one MW services instance and use it all the way down. [X] Use same $permissionManager object for checking basic authorization of the user. [X] Use a MediaWiki service for both local file repository and file backend group. Using singletons have been deprecated. Change-Id: Iaf183c312de2235c36d99e01007712bb22fa43ec
2020-02-20 15:57:16 +00:00
$services = \MediaWiki\MediaWikiServices::getInstance();
$permissionManager = $services->getPermissionManager();
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
$request = RequestContext::getMain()->getRequest();
Replace deprecated PermissionManager::getGroupPermissions Change-Id: I271473cedb1d10b8a2b9529d4af0c42f04bfcd98
2022-11-13 21:17:11 +00:00
$publicWiki = $services->getGroupPermissionsLookup()->groupHasPermission( '*', 'read' );
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
Stop using SCRIPT_NAME where possible, rely on statically configured routing It has become apparent that $_SERVER['SCRIPT_NAME'] may contain the same thing as REQUEST_URI, for example in WMF production. PATH_INFO is not set, so there is no way to split the URL into SCRIPT_NAME and PATH_INFO components apart from configuration. * Revert the fix for T34486, which added a route for SCRIPT_NAME to the PathRouter for the benefit of img_auth.php. In T235357, the route thus added contained $1, breaking everything. * Remove calls to WebRequest::getPathInfo() from everywhere other than index.php. Dynamic modification of $wgArticlePath in order to make PathRouter work was weird and broken anyway. All that is really needed is a suffix of REQUEST_URI, so I added a function which provides that. * Add $wgImgAuthPath, for use as a last resort workaround for T34486. * Avoid the use of $_SERVER['SCRIPT_NAME'] to detect the currently running script. * Deprecated wfGetScriptUrl(), a fairly simple wrapper for SCRIPT_NAME. Apparently no callers in core or extensions. Bug: T235357 Change-Id: If2b82759f3f4aecec79d6e2d88cd4330927fdeca
2020-03-31 05:33:41 +00:00
// Find the path assuming the request URL is relative to the local public zone URL
$baseUrl = $services->getRepoGroup()->getLocalRepo()->getZoneUrl( 'public' );
if ( $baseUrl[0] === '/' ) {
$basePath = $baseUrl;
} else {
$basePath = parse_url( $baseUrl, PHP_URL_PATH );
}
$path = WebRequest::getRequestPathSuffix( $basePath );
if ( $path === false ) {
// Try instead assuming img_auth.php is the base path
$basePath = $wgImgAuthPath ?: "$wgScriptPath/img_auth.php";
$path = WebRequest::getRequestPathSuffix( $basePath );
}
if ( $path === false ) {
wfForbidden( 'img-auth-accessdenied', 'img-auth-notindir' );
* Fix for r81363: instead of giving a PHP notice when PATH_INFO is missing, show the informative error message used before that revision. * Revert the change to the relevant message made in r102612: it is plain text, not wikitext, a format which does not support protocol-relative URLs.
2012-02-07 03:43:23 +00:00
return;
}
Stop using SCRIPT_NAME where possible, rely on statically configured routing It has become apparent that $_SERVER['SCRIPT_NAME'] may contain the same thing as REQUEST_URI, for example in WMF production. PATH_INFO is not set, so there is no way to split the URL into SCRIPT_NAME and PATH_INFO components apart from configuration. * Revert the fix for T34486, which added a route for SCRIPT_NAME to the PathRouter for the benefit of img_auth.php. In T235357, the route thus added contained $1, breaking everything. * Remove calls to WebRequest::getPathInfo() from everywhere other than index.php. Dynamic modification of $wgArticlePath in order to make PathRouter work was weird and broken anyway. All that is really needed is a suffix of REQUEST_URI, so I added a function which provides that. * Add $wgImgAuthPath, for use as a last resort workaround for T34486. * Avoid the use of $_SERVER['SCRIPT_NAME'] to detect the currently running script. * Deprecated wfGetScriptUrl(), a fairly simple wrapper for SCRIPT_NAME. Apparently no callers in core or extensions. Bug: T235357 Change-Id: If2b82759f3f4aecec79d6e2d88cd4330927fdeca
2020-03-31 05:33:41 +00:00
if ( $path === '' || $path[0] !== '/' ) {
Update img_auth.php and WebRequest code to handle non index.php scripts like img_auth.php better. Also update img_auth.php so it's abuse of $wg variables is done in a way that doesn't let "/*" action paths clobber it's handling. This should theoretically fix bug 32486.
2011-11-24 09:55:33 +00:00
// Make sure $path has a leading /
$path = "/" . $path;
}
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
Migrate remaining usages of Title::userCan() to PermissionManager T208768 introduced the PermissionManager service that can now be used for page specific permission checks. This change replaces remaining calls to Title::userCan() with the new service in MediaWiki core. Bug: T220191 Change-Id: Ie45e0cb6aa49a8c66147b470946161fc18160fc1
2019-06-03 10:48:02 +00:00
$user = RequestContext::getMain()->getUser();
Added support to img_auth.php for non-repo containers * This adds a new $wgImgAuthUrlPathMap config variable * Also fixed ImgAuthBeforeStream hook msg formatting bug: 51136 Change-Id: I77528f92b20670e3b09adc79c49e62060f1614f3
2013-11-13 23:25:37 +00:00
// Various extensions may have their own backends that need access.
// Check if there is a special backend and storage base path for this file.
foreach ( $wgImgAuthUrlPathMap as $prefix => $storageDir ) {
$prefix = rtrim( $prefix, '/' ) . '/'; // implicit trailing slash
if ( strpos( $path, $prefix ) === 0 ) {
img_auth: Avoid various usage of deprecated code and also optimize [X] Create just one MW services instance and use it all the way down. [X] Use same $permissionManager object for checking basic authorization of the user. [X] Use a MediaWiki service for both local file repository and file backend group. Using singletons have been deprecated. Change-Id: Iaf183c312de2235c36d99e01007712bb22fa43ec
2020-02-20 15:57:16 +00:00
$be = $services->getFileBackendGroup()->backendFromPath( $storageDir );
Added support to img_auth.php for non-repo containers * This adds a new $wgImgAuthUrlPathMap config variable * Also fixed ImgAuthBeforeStream hook msg formatting bug: 51136 Change-Id: I77528f92b20670e3b09adc79c49e62060f1614f3
2013-11-13 23:25:37 +00:00
$filename = $storageDir . substr( $path, strlen( $prefix ) ); // strip prefix
Use Tab instead of Space as per PHP codesniffer Change-Id: Iea84018c3dee45d5f062b41b1337af40e3de2fcf
2014-03-15 08:59:41 +00:00
// Check basic user authorization
img_auth: Avoid various usage of deprecated code and also optimize [X] Create just one MW services instance and use it all the way down. [X] Use same $permissionManager object for checking basic authorization of the user. [X] Use a MediaWiki service for both local file repository and file backend group. Using singletons have been deprecated. Change-Id: Iaf183c312de2235c36d99e01007712bb22fa43ec
2020-02-20 15:57:16 +00:00
$isAllowedUser = $permissionManager->userHasRight( $user, 'read' );
if ( !$isAllowedUser ) {
Use Tab instead of Space as per PHP codesniffer Change-Id: Iea84018c3dee45d5f062b41b1337af40e3de2fcf
2014-03-15 08:59:41 +00:00
wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $path );
return;
}
Convert all array() syntax to [] Per wikitech-l consensus: https://lists.wikimedia.org/pipermail/wikitech-l/2016-February/084821.html Notes: * Disabled CallTimePassByReference due to false positives (T127163) Change-Id: I2c8ce713ce6600a0bb7bf67537c87044c7a45c4b
2016-02-17 09:09:32 +00:00
if ( $be->fileExists( [ 'src' => $filename ] ) ) {
Added support to img_auth.php for non-repo containers * This adds a new $wgImgAuthUrlPathMap config variable * Also fixed ImgAuthBeforeStream hook msg formatting bug: 51136 Change-Id: I77528f92b20670e3b09adc79c49e62060f1614f3
2013-11-13 23:25:37 +00:00
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
SECURITY: Fix accidental public CC headers in img_auth.php Incorrect parameters to FileBackend::streamFile() caused Cache-Control:private and Vary:Cookie response headers to be omitted when requesting a file in a path configured by $wgImgAuthUrlPathMap. Typically this is used to deliver images generated by extensions. CVE-2020-15005 Bug: T248947 Change-Id: I404d9462e4b35d3d832bfab21954ff87e46e3eb2
2020-03-31 06:02:49 +00:00
$be->streamFile( [
'src' => $filename,
'headers' => [ 'Cache-Control: private', 'Vary: Cookie' ]
] );
Added support to img_auth.php for non-repo containers * This adds a new $wgImgAuthUrlPathMap config variable * Also fixed ImgAuthBeforeStream hook msg formatting bug: 51136 Change-Id: I77528f92b20670e3b09adc79c49e62060f1614f3
2013-11-13 23:25:37 +00:00
} else {
SECURITY: Added missing auth check in img_auth.php For $wgImgAuthUrlPathMap in img_auth.php Bug: 57016 Change-Id: I874878322a91bf14091500223d3520861a1556bb
2014-01-07 19:32:40 +00:00
wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $path );
Added support to img_auth.php for non-repo containers * This adds a new $wgImgAuthUrlPathMap config variable * Also fixed ImgAuthBeforeStream hook msg formatting bug: 51136 Change-Id: I77528f92b20670e3b09adc79c49e62060f1614f3
2013-11-13 23:25:37 +00:00
}
return;
}
}
Merged FileBackend branch. Manually avoiding merging the many prop-only changes SVN likes to sprinkle in (easy to spot from the change list). Did not add SwiftFileBackend.php as it still is in development.
2011-12-20 03:52:06 +00:00
// Get the local file repository
img_auth: Avoid various usage of deprecated code and also optimize [X] Create just one MW services instance and use it all the way down. [X] Use same $permissionManager object for checking basic authorization of the user. [X] Use a MediaWiki service for both local file repository and file backend group. Using singletons have been deprecated. Change-Id: Iaf183c312de2235c36d99e01007712bb22fa43ec
2020-02-20 15:57:16 +00:00
$repo = $services->getRepoGroup()->getRepo( 'local' );
img_auth: handle files in the transcoded zone img_auth.php does not currently handle filepaths for transcoded videos at all, and instead falls back attempting to open files out of the public zone, which obviously fails as these files do not exist there. Add a branch that handles transcoded containers in the same manner as thumbs and thus allowing access to those files from private wiki. Bug: 65007 Change-Id: I7182206ba09dd2466fc51aa1d51116dd13db980c
2014-05-07 17:01:16 +00:00
$zone = strstr( ltrim( $path, '/' ), '/', true );
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
Merged FileBackend branch. Manually avoiding merging the many prop-only changes SVN likes to sprinkle in (easy to spot from the change list). Did not add SwiftFileBackend.php as it still is in development.
2011-12-20 03:52:06 +00:00
// Get the full file storage path and extract the source file name.
// (e.g. 120px-Foo.png => Foo.png or page2-120px-Foo.png => Foo.png).
img_auth: handle files in the transcoded zone img_auth.php does not currently handle filepaths for transcoded videos at all, and instead falls back attempting to open files out of the public zone, which obviously fails as these files do not exist there. Add a branch that handles transcoded containers in the same manner as thumbs and thus allowing access to those files from private wiki. Bug: 65007 Change-Id: I7182206ba09dd2466fc51aa1d51116dd13db980c
2014-05-07 17:01:16 +00:00
// This only applies to thumbnails/transcoded, and each of them should
Merged FileBackend branch. Manually avoiding merging the many prop-only changes SVN likes to sprinkle in (easy to spot from the change list). Did not add SwiftFileBackend.php as it still is in development.
2011-12-20 03:52:06 +00:00
// be under a folder that has the source file name.
img_auth: handle files in the transcoded zone img_auth.php does not currently handle filepaths for transcoded videos at all, and instead falls back attempting to open files out of the public zone, which obviously fails as these files do not exist there. Add a branch that handles transcoded containers in the same manner as thumbs and thus allowing access to those files from private wiki. Bug: 65007 Change-Id: I7182206ba09dd2466fc51aa1d51116dd13db980c
2014-05-07 17:01:16 +00:00
if ( $zone === 'thumb' || $zone === 'transcoded' ) {
$name = wfBaseName( dirname( $path ) );
Fixed spacing - use tab as indent instead of spaces - Added space after closures "function" - Added spaces around string_concat - Added newline inside empty blocks - Removed four spaces after comma Change-Id: I4425b0c6a69b36f40acfea6511b8950cf09ce2b2
2014-07-20 19:41:41 +00:00
$filename = $repo->getZonePath( $zone ) . substr( $path, strlen( "/" . $zone ) );
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
// Check to see if the file exists
if ( !$repo->fileExists( $filename ) ) {
wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
return;
}
Merged FileBackend branch. Manually avoiding merging the many prop-only changes SVN likes to sprinkle in (easy to spot from the change list). Did not add SwiftFileBackend.php as it still is in development.
2011-12-20 03:52:06 +00:00
} else {
$name = wfBaseName( $path ); // file is a source file
$filename = $repo->getZonePath( 'public' ) . $path;
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
// Check to see if the file exists and is not deleted
$bits = explode( '!', $name, 2 );
if ( substr( $path, 0, 9 ) === '/archive/' && count( $bits ) == 2 ) {
$file = $repo->newFromArchiveName( $bits[1], $name );
} else {
$file = $repo->newFile( $name );
}
if ( !$file->exists() || $file->isDeleted( File::DELETED_FILE ) ) {
wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
return;
}
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
}
Convert all array() syntax to [] Per wikitech-l consensus: https://lists.wikimedia.org/pipermail/wikitech-l/2016-February/084821.html Notes: * Disabled CallTimePassByReference due to false positives (T127163) Change-Id: I2c8ce713ce6600a0bb7bf67537c87044c7a45c4b
2016-02-17 09:09:32 +00:00
$headers = []; // extra HTTP headers to send
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
Add ImgAuthModifyHeaders hook to img_auth.php to modify headers Change-Id: I3c6fd7b0c39d7fd52c484494233241093d152f88
2019-03-15 04:03:29 +00:00
$title = Title::makeTitleSafe( NS_FILE, $name );
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
if ( !$publicWiki ) {
// For private wikis, run extra auth checks and set cache control headers
Add ImgAuthModifyHeaders hook to img_auth.php to modify headers Change-Id: I3c6fd7b0c39d7fd52c484494233241093d152f88
2019-03-15 04:03:29 +00:00
$headers['Cache-Control'] = 'private';
$headers['Vary'] = 'Cookie';
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
if ( !$title instanceof Title ) { // files have valid titles
wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
return;
}
w/s
2012-02-07 13:05:31 +00:00
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
// Run hook for extension authorization plugins
Fix order of @var parameter in PHP Replace @var $foo type by @var type $foo Change-Id: Iec8b90ffea4028a1005daef422b7c4ec38c2715f
2019-02-02 13:39:58 +00:00
/** @var array $result */
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
$result = null;
Hooks::run() call site migration Migrate all callers of Hooks::run() to use the new HookContainer/HookRunner system. General principles: * Use DI if it is already used. We're not changing the way state is managed in this patch. * HookContainer is always injected, not HookRunner. HookContainer is a service, it's a more generic interface, it is the only thing that provides isRegistered() which is needed in some cases, and a HookRunner can be efficiently constructed from it (confirmed by benchmark). Because HookContainer is needed for object construction, it is also needed by all factories. * "Ask your friendly local base class". Big hierarchies like SpecialPage and ApiBase have getHookContainer() and getHookRunner() methods in the base class, and classes that extend that base class are not expected to know or care where the base class gets its HookContainer from. * ProtectedHookAccessorTrait provides protected getHookContainer() and getHookRunner() methods, getting them from the global service container. The point of this is to ease migration to DI by ensuring that call sites ask their local friendly base class rather than getting a HookRunner from the service container directly. * Private $this->hookRunner. In some smaller classes where accessor methods did not seem warranted, there is a private HookRunner property which is accessed directly. Very rarely (two cases), there is a protected property, for consistency with code that conventionally assumes protected=private, but in cases where the class might actually be overridden, a protected accessor is preferred over a protected property. * The last resort: Hooks::runner(). Mostly for static, file-scope and global code. In a few cases it was used for objects with broken construction schemes, out of horror or laziness. Constructors with new required arguments: * AuthManager * BadFileLookup * BlockManager * ClassicInterwikiLookup * ContentHandlerFactory * ContentSecurityPolicy * DefaultOptionsManager * DerivedPageDataUpdater * FullSearchResultWidget * HtmlCacheUpdater * LanguageFactory * LanguageNameUtils * LinkRenderer * LinkRendererFactory * LocalisationCache * MagicWordFactory * MessageCache * NamespaceInfo * PageEditStash * PageHandlerFactory * PageUpdater * ParserFactory * PermissionManager * RevisionStore * RevisionStoreFactory * SearchEngineConfig * SearchEngineFactory * SearchFormWidget * SearchNearMatcher * SessionBackend * SpecialPageFactory * UserNameUtils * UserOptionsManager * WatchedItemQueryService * WatchedItemStore Constructors with new optional arguments: * DefaultPreferencesFactory * Language * LinkHolderArray * MovePage * Parser * ParserCache * PasswordReset * Router setHookContainer() now required after construction: * AuthenticationProvider * ResourceLoaderModule * SearchEngine Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
if ( !Hooks::runner()->onImgAuthBeforeStream( $title, $path, $name, $result ) ) {
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
return;
}
// Check user authorization for this title
// Checks Whitelist too
Migrate remaining usages of Title::userCan() to PermissionManager T208768 introduced the PermissionManager service that can now be used for page specific permission checks. This change replaces remaining calls to Title::userCan() with the new service in MediaWiki core. Bug: T220191 Change-Id: Ie45e0cb6aa49a8c66147b470946161fc18160fc1
2019-06-03 10:48:02 +00:00
if ( !$permissionManager->userCan( 'read', $user, $title ) ) {
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $name );
return;
}
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
}
Added Range support to FileBackend::streamFile() * Added HTTP options headers parameter to streamFile(). * Refactored doStreamFile() to either call StreamFile::stream() or delagate that to the subclass. SwiftFileBackend now relays the full Swift response rather than manually making the headers. This also makes Range headers easy to support. * Made use of this in img_auth.php for performance on private wikis. * Elimate stat call in streamFile() for Swift if "headers" is empty. * Refactored StreamFile a bit to inject request headers instead of using the $_SERVER global. A header options parameter is used instead, which also supports Range. * Removed now unused prepareForStream(). * Cleaned up streamFile() unit tests. Change-Id: I2ccbcbca6caabb8cf65bd6b3084cede2e6ea628a
2014-04-20 08:40:06 +00:00
if ( isset( $_SERVER['HTTP_RANGE'] ) ) {
Add ImgAuthModifyHeaders hook to img_auth.php to modify headers Change-Id: I3c6fd7b0c39d7fd52c484494233241093d152f88
2019-03-15 04:03:29 +00:00
$headers['Range'] = $_SERVER['HTTP_RANGE'];
Added Range support to FileBackend::streamFile() * Added HTTP options headers parameter to streamFile(). * Refactored doStreamFile() to either call StreamFile::stream() or delagate that to the subclass. SwiftFileBackend now relays the full Swift response rather than manually making the headers. This also makes Range headers easy to support. * Made use of this in img_auth.php for performance on private wikis. * Elimate stat call in streamFile() for Swift if "headers" is empty. * Refactored StreamFile a bit to inject request headers instead of using the $_SERVER global. A header options parameter is used instead, which also supports Range. * Removed now unused prepareForStream(). * Cleaned up streamFile() unit tests. Change-Id: I2ccbcbca6caabb8cf65bd6b3084cede2e6ea628a
2014-04-20 08:40:06 +00:00
}
if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
Add ImgAuthModifyHeaders hook to img_auth.php to modify headers Change-Id: I3c6fd7b0c39d7fd52c484494233241093d152f88
2019-03-15 04:03:29 +00:00
$headers['If-Modified-Since'] = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
Added Range support to FileBackend::streamFile() * Added HTTP options headers parameter to streamFile(). * Refactored doStreamFile() to either call StreamFile::stream() or delagate that to the subclass. SwiftFileBackend now relays the full Swift response rather than manually making the headers. This also makes Range headers easy to support. * Made use of this in img_auth.php for performance on private wikis. * Elimate stat call in streamFile() for Swift if "headers" is empty. * Refactored StreamFile a bit to inject request headers instead of using the $_SERVER global. A header options parameter is used instead, which also supports Range. * Removed now unused prepareForStream(). * Cleaned up streamFile() unit tests. Change-Id: I2ccbcbca6caabb8cf65bd6b3084cede2e6ea628a
2014-04-20 08:40:06 +00:00
}
thumb.php and img_auth.php cleanups * Specifically check isDeleted() instead of relying on the file being moved to the deleted zone alone. * Made img_auth.php skip some unnecessary checks for public wikis. Also made it set the private cache control headers only if needed. Change-Id: If82589acd53c02943d5f3bbafd29381fd63f8f68
2014-04-20 23:52:08 +00:00
if ( $request->getCheck( 'download' ) ) {
Add ImgAuthModifyHeaders hook to img_auth.php to modify headers Change-Id: I3c6fd7b0c39d7fd52c484494233241093d152f88
2019-03-15 04:03:29 +00:00
$headers['Content-Disposition'] = 'attachment';
Have ?download parameter trigger Content-Disposition: attachment This parameter triggers Content-Disposition: Attachment which makes the browser download the image instead of displaying it. This is needed by Media Viewer to allow users to click a button in order to download an image at a given resolution or the original. Change-Id: I470a24a09139ac65588312104995e34d97a89b0f
2014-03-24 23:31:21 +00:00
}
Add ImgAuthModifyHeaders hook to img_auth.php to modify headers Change-Id: I3c6fd7b0c39d7fd52c484494233241093d152f88
2019-03-15 04:03:29 +00:00
// Allow modification of headers before streaming a file
Hooks::run() call site migration Migrate all callers of Hooks::run() to use the new HookContainer/HookRunner system. General principles: * Use DI if it is already used. We're not changing the way state is managed in this patch. * HookContainer is always injected, not HookRunner. HookContainer is a service, it's a more generic interface, it is the only thing that provides isRegistered() which is needed in some cases, and a HookRunner can be efficiently constructed from it (confirmed by benchmark). Because HookContainer is needed for object construction, it is also needed by all factories. * "Ask your friendly local base class". Big hierarchies like SpecialPage and ApiBase have getHookContainer() and getHookRunner() methods in the base class, and classes that extend that base class are not expected to know or care where the base class gets its HookContainer from. * ProtectedHookAccessorTrait provides protected getHookContainer() and getHookRunner() methods, getting them from the global service container. The point of this is to ease migration to DI by ensuring that call sites ask their local friendly base class rather than getting a HookRunner from the service container directly. * Private $this->hookRunner. In some smaller classes where accessor methods did not seem warranted, there is a private HookRunner property which is accessed directly. Very rarely (two cases), there is a protected property, for consistency with code that conventionally assumes protected=private, but in cases where the class might actually be overridden, a protected accessor is preferred over a protected property. * The last resort: Hooks::runner(). Mostly for static, file-scope and global code. In a few cases it was used for objects with broken construction schemes, out of horror or laziness. Constructors with new required arguments: * AuthManager * BadFileLookup * BlockManager * ClassicInterwikiLookup * ContentHandlerFactory * ContentSecurityPolicy * DefaultOptionsManager * DerivedPageDataUpdater * FullSearchResultWidget * HtmlCacheUpdater * LanguageFactory * LanguageNameUtils * LinkRenderer * LinkRendererFactory * LocalisationCache * MagicWordFactory * MessageCache * NamespaceInfo * PageEditStash * PageHandlerFactory * PageUpdater * ParserFactory * PermissionManager * RevisionStore * RevisionStoreFactory * SearchEngineConfig * SearchEngineFactory * SearchFormWidget * SearchNearMatcher * SessionBackend * SpecialPageFactory * UserNameUtils * UserOptionsManager * WatchedItemQueryService * WatchedItemStore Constructors with new optional arguments: * DefaultPreferencesFactory * Language * LinkHolderArray * MovePage * Parser * ParserCache * PasswordReset * Router setHookContainer() now required after construction: * AuthenticationProvider * ResourceLoaderModule * SearchEngine Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
Hooks::runner()->onImgAuthModifyHeaders( $title->getTitleValue(), $headers );
Add ImgAuthModifyHeaders hook to img_auth.php to modify headers Change-Id: I3c6fd7b0c39d7fd52c484494233241093d152f88
2019-03-15 04:03:29 +00:00
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
// Stream the requested file
Use short array destructuring instead of list() Introduced in PHP 7.1. Because it's shorter and looks nice. I used regex replacement. Change-Id: I0555e199d126cd44501f859cb4589f8bd49694da
2022-10-21 04:32:38 +00:00
[ $headers, $options ] = HTTPFileStreamer::preprocessHeaders( $headers );
Update code formatting Change-Id: I8741b5b979e55f38a666961a16c387586a92410e
2013-02-13 18:38:32 +00:00
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
Stop calling FileRepo->streamFile() Change-Id: Ifdf379dc7f2501e561dfbc06f9afa7a9089306f2
2019-04-20 01:06:50 +00:00
$repo->streamFileWithStatus( $filename, $headers, $options );
Fix whitespace, braces Fix return items
2011-10-15 22:58:42 +00:00
}
Clean up a few scriptlets
2004-10-14 02:13:12 +00:00
* Fix img_auth.php image name extraction for whitelist checking * (bug 10756) img_auth.php will now refuse logged-out requests when there is no whitelist, rather than allowing them through
2007-08-06 06:15:21 +00:00
/**
Cleaned up img_auth code and re-integrated core img-auth- messages.
2009-09-10 21:12:55 +00:00
* Issue a standard HTTP 403 Forbidden header ($msg1-a message index, not a message) and an
* error message ($msg2, also a message index), (both required) then end the script
Whitespace cleanup
2011-02-01 23:08:10 +00:00
* subsequent arguments to $msg2 will be passed as parameters only for replacing in $msg2
Fixed some @params documentation Swapped some "$var type" to "type $var" or added missing types before the $var. Changed some other types to match the more common spelling. Makes beginning of some text in captial. Change-Id: I8c9f30128b46086064326708a4878228ba459447
2014-04-14 19:43:18 +00:00
* @param string $msg1
* @param string $msg2
Get rid of unnecessary func_get_args() and friends HHVM does not support variadic arguments with type hints. This is mostly not a big problem, because we can just drop the type hint, but for some reason PHPUnit adds a type hint of "array" when it creates mocks, so a class with a variadic method can't be mocked (at least in some cases). As such, I left alone all the classes that seem like someone might like to mock them, like Title and User. If anyone wants to mock them in the future, they'll have to switch back to func_get_args(). Some of the changes are definitely safe, like functions and test classes. In most cases, func_get_args() (and/or func_get_arg(), func_num_args() ) were only present because the code was written before we required PHP 5.6, and writing them as variadic functions is strictly superior. In some cases I left them alone, aside from HHVM compatibility: * Forwarding all arguments to another function. It's useful to keep func_get_args() here where we want to keep the list of expected arguments and their meanings in the function signature line for documentation purposes, but don't want to copy-paste a long line of argument names. * Handling deprecated calling conventions. * One or two miscellaneous cases where we're basically using the arguments individually but want to use them as an array as well for some reason. Change-Id: I066ec95a7beb7c0665146195a08e7cce1222c788
2018-10-08 14:10:45 +00:00
* @param mixed ...$args To pass as params to wfMessage() with $msg2. Either variadic, or a single
* array argument.
* Fix img_auth.php image name extraction for whitelist checking * (bug 10756) img_auth.php will now refuse logged-out requests when there is no whitelist, rather than allowing them through
2007-08-06 06:15:21 +00:00
*/
Get rid of unnecessary func_get_args() and friends HHVM does not support variadic arguments with type hints. This is mostly not a big problem, because we can just drop the type hint, but for some reason PHPUnit adds a type hint of "array" when it creates mocks, so a class with a variadic method can't be mocked (at least in some cases). As such, I left alone all the classes that seem like someone might like to mock them, like Title and User. If anyone wants to mock them in the future, they'll have to switch back to func_get_args(). Some of the changes are definitely safe, like functions and test classes. In most cases, func_get_args() (and/or func_get_arg(), func_num_args() ) were only present because the code was written before we required PHP 5.6, and writing them as variadic functions is strictly superior. In some cases I left them alone, aside from HHVM compatibility: * Forwarding all arguments to another function. It's useful to keep func_get_args() here where we want to keep the list of expected arguments and their meanings in the function signature line for documentation purposes, but don't want to copy-paste a long line of argument names. * Handling deprecated calling conventions. * One or two miscellaneous cases where we're basically using the arguments individually but want to use them as an array as well for some reason. Change-Id: I066ec95a7beb7c0665146195a08e7cce1222c788
2018-10-08 14:10:45 +00:00
function wfForbidden( $msg1, $msg2, ...$args ) {
Cleaned up img_auth code and re-integrated core img-auth- messages.
2009-09-10 21:12:55 +00:00
global $wgImgAuthDetails;
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
Added support to img_auth.php for non-repo containers * This adds a new $wgImgAuthUrlPathMap config variable * Also fixed ImgAuthBeforeStream hook msg formatting bug: 51136 Change-Id: I77528f92b20670e3b09adc79c49e62060f1614f3
2013-11-13 23:25:37 +00:00
$args = ( isset( $args[0] ) && is_array( $args[0] ) ) ? $args[0] : $args;
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
Use Mustache template in img_auth.php Let the template do the output encoding. Change-Id: I01fc60f10f98c032c5104d3a2f4b44cdfbeee51c
2019-10-04 14:11:29 +00:00
$msgHdr = wfMessage( $msg1 )->text();
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
$detailMsgKey = $wgImgAuthDetails ? $msg2 : 'badaccess-group0';
Use Mustache template in img_auth.php Let the template do the output encoding. Change-Id: I01fc60f10f98c032c5104d3a2f4b44cdfbeee51c
2019-10-04 14:11:29 +00:00
$detailMsg = wfMessage( $detailMsgKey, $args )->text();
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
wfDebugLog( 'img_auth',
Update code formatting Change-Id: I8741b5b979e55f38a666961a16c387586a92410e
2013-02-13 18:38:32 +00:00
"wfForbidden Hdr: " . wfMessage( $msg1 )->inLanguage( 'en' )->text() . " Msg: " .
wfMessage( $msg2, $args )->inLanguage( 'en' )->text()
image_auth.php cleanups: * Factored main code into wfImageAuthMain() * Made preg_match() for $name account for "page3-" type specifiers in the thumb name * Code style cleanups
2011-11-20 08:50:13 +00:00
);
Use HttpStatus::header instead of manually crafting header() Also: * Update wfHttpError() to use uppercase DOCTYPE, to match other code such as Html.php, wfThumbError(), HttpError.php, etc. Change-Id: I4027e7fe1a138b03f78797b6d1bfe7bd1064d360
2015-06-01 14:31:52 +00:00
HttpStatus::header( 403 );
Cleaned up img_auth code and re-integrated core img-auth- messages.
2009-09-10 21:12:55 +00:00
header( 'Cache-Control: no-cache' );
* Add 'charset' to Content-Type headers on various HTTP error responses to forestall additional UTF-7-autodetect XSS issues. Probably not an issue on Apache 2.0+, but most servers send only 'text/html' by default when the script didn't specify more details. This fixes an issue with the Ajax interface error message on MSIE when $wgUseAjax is enabled (not default configuration); this UTF-7 variant on a previously fixed attack vector was discovered by Moshe BA from BugSec: http://www.bugsec.com/articles.php?Security=24 * Trackback responses now specify XML content type
2007-02-21 01:02:47 +00:00
header( 'Content-Type: text/html; charset=utf-8' );
Use Mustache template in img_auth.php Let the template do the output encoding. Change-Id: I01fc60f10f98c032c5104d3a2f4b44cdfbeee51c
2019-10-04 14:11:29 +00:00
$templateParser = new TemplateParser();
echo $templateParser->processTemplate( 'ImageAuthForbidden', [
'msgHdr' => $msgHdr,
'detailMsg' => $detailMsg,
] );
Send Cache-Control: private and Vary headers in img_auth.php.
2007-11-03 02:38:40 +00:00
}
Reference in a new issue Copy permalink