For other endpoints this was already fixed, as all MWExceptionRenderer
logic checks headers_sent() before outputting headers.
For the MW_API condition, it was calling wfHttpError(), which in
turn unconditionally tried to send headers.
Fix this by removing use of wfHttpError(), and instead re-use the
existing logic for a minimal http error page. Do this by removing
the early condition and instead let if fall into the general
render methods, and then treat MW_API as a non-OutputPage scenario.
Bug: T225657
Change-Id: I38bbf8007078c290a2576ef177b789fab1d2059f
PHP 7.0 makes many error conditions throw instances of the new Error class
which does not extend the known Exception.
The Throwable interface provides a concise and type-safe way of handling
either, e.g. for logging purposes, but HHVM did not support it, requiring
tedious fallback checks.
This commit replaces occurrences of Exception in code paths equally
covered by Throwable, like Exception|Throwable parameter and return types
(also nullable), instanceof guards, duplicated `catch` blocks, as well as
related comments and documentation blocks, with the exception of $previous
parameter descriptions consistent with the manual at
https://www.php.net/manual/en/exception.construct.php
Proper type declarations have been added or reinstated where possible.
Change-Id: I5d3920d3cc66936a350314e2f19c4f6faeffd7c0
Set appropriate headers and flush the output as needed to avoid blocking
the client on post-send updates for the stock apache2 server scenario.
Several cases have bits of header logic to avoid delay:
a) basic GET/POST requests that succeed (e.g. HTTP 2XX)
b) requests that fail with errors (e.g. HTTP 500)
c) If-Modified-Since requests (e.g. HTTP 304)
d) HEAD requests
This last two still block on deferred updates, so schedulePostSendJobs()
does not trigger on them as a form of mitigation. Slow deferred updates
should only trigger on POST anyway (inline and redirect responses are
OK), so this should not be much of a problem.
Deprecate triggerJobs() and implement post-send job runs as a deferred.
This makes it easy to check for the existence of post-send updates by
calling DeferredUpdates::pendingUpdatesCount() after the pre-send stage.
Also, avoid running jobs on requests that had exceptions. Relatedly,
remove $mode option from restInPeace() and doPostOutputShutdown()
Only one caller was using the non-default options.
Bug: T206283
Change-Id: I2dd2b71f1ced0f4ef8b16ff41ffb23bb5b4c7028
HHVM does not support variadic arguments with type hints. This is
mostly not a big problem, because we can just drop the type hint, but
for some reason PHPUnit adds a type hint of "array" when it creates
mocks, so a class with a variadic method can't be mocked (at least in
some cases). As such, I left alone all the classes that seem like
someone might like to mock them, like Title and User. If anyone wants
to mock them in the future, they'll have to switch back to
func_get_args(). Some of the changes are definitely safe, like
functions and test classes.
In most cases, func_get_args() (and/or func_get_arg(), func_num_args() )
were only present because the code was written before we required PHP
5.6, and writing them as variadic functions is strictly superior. In
some cases I left them alone, aside from HHVM compatibility:
* Forwarding all arguments to another function. It's useful to keep
func_get_args() here where we want to keep the list of expected
arguments and their meanings in the function signature line for
documentation purposes, but don't want to copy-paste a long line of
argument names.
* Handling deprecated calling conventions.
* One or two miscellaneous cases where we're basically using the
arguments individually but want to use them as an array as well for
some reason.
Change-Id: I066ec95a7beb7c0665146195a08e7cce1222c788
When a wiki is down, it is not necessarily useful to be able to
search the web. Additionally, there is general consensus that
the hard-coded Google search form should be removed.
Bug: T208871
Change-Id: I5bcae848de1144d4fc1116c475b2e2ab1ccc3f7d
These methods aren't identical, so consolidation isn't
immediately obvious, and creating dependencies is problematic
in error handling code given there is a lot of pressure on this
code to not by itself cause additional errors.
This means that maybe it's best to keep these inlined without
duplication, but at the very least we then need to remember
to keep these in sync. This duplication has been around for
a while now, but documentation can never come too late...
Change-Id: I60160f61c13c8e115d839acce222f110e30bc2f2
Previously an ugly {{SITENAME}} would show up for exceptions
that happened in the middle of processing a message
Change-Id: I4e3b675673dc3b74f89e4325f6a0a8b44162f478
Clarify and simplify exception output by deprecating
$wgShowSQLErrors and wgShowDBErrorBacktrace.
$wgShowExceptionDetails will now control most related output.
$wgShowHostnames will now solely control output of
MWExceptionRenderer::reportOutageHTML.
Bug: T165768
Change-Id: Idead2c11c499463dfa6293c3d4b33be3bde92e1a
This message contains the request url, which is semi-user controlled.
Most browsers percent escape < and > so its probably not exploitable
(curl is an exception here), but nonetheless its not good.
Bug: T178451
Change-Id: I19358471ddf1b28377aad8e0fb54797c817bb6f6
Also add a period at the end of the sentence.
This changes the HTML comment from
<!-- Set $wgShowExceptionDetails = true; at the bottom
of LocalSettings.php to show detailed debugging
information
-->
to
<!-- Set $wgShowExceptionDetails = true; at the bottom
of LocalSettings.php to show detailed debugging
information. -->
This is a follow-up to 842b7a1769 (T162315).
Change-Id: I45ff4f856ad1c0dc72066fce7771077ff4663785
Skip deprecation period because it is very unlikely that anyone used this:
it does not appear anywhere on gerrit/git, no nontrivial google hits,
the documentation has been flat out wrong for 9 years and no one
noticed it, and the whole feature is fairly useless as you need to declare
it separately for every single exception class you expect.
Change-Id: I85844a238d3135d05eeba10331149624b04bafe2
* Actually use MWExceptionRenderer::AS_RAW. Use this after
an error is thrown while trying to pretty render the original
error. This is how this case was originally handled before.
* Do not show the google form or file cache in CLI mode.
Change-Id: I130499753efbf8b4d6d254ea36bacb2473952c1b
* Make the error message itself be dumb/raw.
* Make the exception exposer show the same GUI message.
* Remove overzelous wgLang check in MWExceptionRenderer.
Change-Id: Ifffff3b3cc785ea3080e4975efe33b3c2cf304d6
* This handles the work of showing exceptions so that
MWException does not have too.
* Simplify the DBError classes to regular Exception
classes. Lots of pointless prettification has been
removed, but DBConnectionError still gets the usual
special treatment of a fallback page and Google form.
* Remove hacky file cache fallback code that probably
did not work.
* Make MWExceptionHandler::report() wrap
MWExceptionExposer::output().
* Make MWException::runHooks() wrap
MWExceptionExposer::runHooks().
Change-Id: I5dfdc84e94ddac65417226cf7c84513ebb9f9faa
