API: Error if sensitive AuthManager parameters are in the query string

There was only 1 hit in the feature usage log in the past 30 days for this code path, so this should be good to go. ApiLogin, on the other hand, received 27048 hits over the same time period. So let's not do that one just yet. Change-Id: I1ae3b928fda9ddc94c8182155637920713dd404d
2016-10-31 13:41:17 -04:00 · 2016-10-31 13:41:17 -04:00 · 0838189391
commit 0838189391
parent f441c63a44
2 changed files with 5 additions and 7 deletions
--- a/RELEASE-NOTES-1.29
+++ b/RELEASE-NOTES-1.29
@ -20,6 +20,10 @@ production.
 === Bug fixes in 1.29 ===

 === Action API changes in 1.29 ===
+* Submitting sensitive authentication request parameters to action=clientlogin,
+  action=createaccount, action=linkaccount, and action=changeauthenticationdata
+  in the query string is now an error. They should be submitted in the POST
+  body instead.

 === Action API internal changes in 1.29 ===

--- a/includes/api/ApiAuthManagerHelper.php
+++ b/includes/api/ApiAuthManagerHelper.php
@ -173,13 +173,7 @@ class ApiAuthManagerHelper {
 		$this->module->getMain()->markParamsUsed( array_keys( $data ) );

 		if ( $sensitive ) {
-			try {
-				$this->module->requirePostedParameters( array_keys( $sensitive ), 'noprefix' );
-			} catch ( UsageException $ex ) {
-				// Make this a warning for now, upgrade to an error in 1.29.
-				$this->module->setWarning( $ex->getMessage() );
-				$this->module->logFeatureUsage( $this->module->getModuleName() . '-params-in-query-string' );
-			}
+			$this->module->requirePostedParameters( array_keys( $sensitive ), 'noprefix' );
 		}

 		return AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );