Merge "Remove references to Suhosin and its INI settings"
This commit is contained in:
jenkins-bot
Gerrit Code Review
commit
af9efedb55
7 changed files with 2 additions and 29 deletions
|
|
@ -419,8 +419,6 @@ config-schema:
|
|||
Enable deferred upload tasks that use the job queue.
|
||||
Only enable this if job runners are set up for both the
|
||||
'AssembleUploadChunks' and 'PublishStashedFile' job types.
|
||||
@note If you use suhosin, this setting is incompatible with
|
||||
suhosin.session.encrypt.
|
||||
UploadMaintenance:
|
||||
default: false
|
||||
description: 'To disable file delete/restore temporarily'
|
||||
|
|
|
|||
|
|
@ -1187,8 +1187,8 @@ class EditPage implements IEditObject {
|
|||
|
||||
if ( $this->textbox1 === '' && !$request->getCheck( 'wpTextbox1' ) ) {
|
||||
// wpTextbox1 field is missing, possibly due to being "too big"
|
||||
// according to some filter rules such as Suhosin's setting for
|
||||
// suhosin.request.max_value_length (d'oh)
|
||||
// according to some filter rules that may have been configured
|
||||
// for security reasons.
|
||||
$this->incompleteForm = true;
|
||||
} else {
|
||||
// If we receive the last parameter of the request, we can fairly
|
||||
|
|
|
|||
|
|
@ -881,9 +881,6 @@ class MainConfigSchema {
|
|||
*
|
||||
* Only enable this if job runners are set up for both the
|
||||
* 'AssembleUploadChunks' and 'PublishStashedFile' job types.
|
||||
*
|
||||
* @note If you use suhosin, this setting is incompatible with
|
||||
* suhosin.session.encrypt.
|
||||
*/
|
||||
public const EnableAsyncUploads = [
|
||||
'default' => false,
|
||||
|
|
|
|||
|
|
@ -619,8 +619,6 @@ class RequestContext implements IContextSource, MutableContext {
|
|||
* to an empty string unless session importing is *truly* needed. This
|
||||
* feature is somewhat deprecated.
|
||||
*
|
||||
* @note suhosin.session.encrypt may interfere with this method.
|
||||
*
|
||||
* @param array $params Result of RequestContext::exportSession()
|
||||
* @return ScopedCallback
|
||||
* @throws MWException
|
||||
|
|
|
|||
|
|
@ -150,7 +150,6 @@ abstract class Installer {
|
|||
'envCheckPath',
|
||||
'envCheckUploadsDirectory',
|
||||
'envCheckLibicu',
|
||||
'envCheckSuhosinMaxValueLength',
|
||||
'envCheck64Bit',
|
||||
];
|
||||
|
||||
|
|
@ -1092,23 +1091,6 @@ abstract class Installer {
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if suhosin.get.max_value_length is set, and if so generate
|
||||
* a warning because it is incompatible with ResourceLoader.
|
||||
* @return bool
|
||||
*/
|
||||
protected function envCheckSuhosinMaxValueLength() {
|
||||
$currentValue = ini_get( 'suhosin.get.max_value_length' );
|
||||
$minRequired = 2000;
|
||||
$recommended = 5000;
|
||||
if ( $currentValue > 0 && $currentValue < $minRequired ) {
|
||||
$this->showError( 'config-suhosin-max-value-length', $currentValue, $minRequired, $recommended );
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if we're running on 64 bit or not. 32 bit is becoming increasingly
|
||||
* hard to support, so let's at least warn people.
|
||||
|
|
|
|||
|
|
@ -74,7 +74,6 @@
|
|||
"config-using-uri": "Using server URL \"<nowiki>$1$2</nowiki>\".",
|
||||
"config-uploads-not-safe": "<strong>Warning:</strong> Your default directory for uploads <code>$1</code> is vulnerable to arbitrary scripts execution.\nAlthough MediaWiki checks all uploaded files for security threats, it is highly recommended to [https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:Security#Upload_security close this security vulnerability] before enabling uploads.",
|
||||
"config-no-cli-uploads-check": "<strong>Warning:</strong> Your default directory for uploads (<code>$1</code>) is not checked for vulnerability\nto arbitrary script execution during the CLI install.",
|
||||
"config-suhosin-max-value-length": "Suhosin is installed and limits the GET parameter <code>length</code> to $1 bytes.\nMediaWiki requires <code>suhosin.get.max_value_length</code> to be at least $2. Disable this setting, or increase this value to $3 in <code>php.ini</code>.",
|
||||
"config-using-32bit": "<strong>Warning:</strong> your system appears to be running with 32-bit integers. This is [https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:32-bit not advised].",
|
||||
"config-db-type": "Database type:",
|
||||
"config-db-host": "Database host:",
|
||||
|
|
|
|||
|
|
@ -98,7 +98,6 @@
|
|||
"config-using-uri": "Used as a part of environment check result. Parameters:\n* $1 - server name\n* $2 - script path",
|
||||
"config-uploads-not-safe": "Used as a part of environment check result. Parameters:\n* $1 - name of directory for images: <code>$IP/images/</code>",
|
||||
"config-no-cli-uploads-check": "CLI = [[w:Command-line interface|command-line interface]] (i.e. the installer runs as a command-line script, not using HTML interface via an internet browser)",
|
||||
"config-suhosin-max-value-length": "{{doc-important|Do not translate \"length\", \"suhosin.get.max_value_length\", and \"php.ini\".}}\nThis error message is shown when PHP configuration <code>suhosin.get.max_value_length</code> is not high enough.\n\n* $1 - The current value\n* $2 - The minimum required value\n* $3 - The recommended value",
|
||||
"config-using-32bit": "Warning message shown when installing on a 32-bit system.",
|
||||
"config-db-type": "Field label in the MediaWiki installer followed by possible database types.",
|
||||
"config-db-host": "Used as label.\n\nAlso used in {{msg-mw|Config-missing-db-host}}.",
|
||||
|
|
|
|||
Loading…
Reference in a new issue