In some languages, the 'rclinks' message ends
with '...<br />$3.' where $3 is a list of links.
When $3 is empty, we end up with a lonely period
on a new line.
This change removes $3 and adds it on the page
on its own. Unfortunately, it requires fixing all
the messages. Not sure if it's the proper way to
do this.
Bug: T162844
Change-Id: If17f056c135b2e51747a5a1c8aeaba785cf18ff2
There were two messages that said "This page was last modified etc.".
They are now "This page was last edited". The word "modify" is used
elsewhere in MediaWiki messages for things other than editing a page,
like uploaded files, databases, and configuration, whereas actual
pages are edited and not modified.
Change-Id: I79b68bbec35f7747cd2a27c1a29e154139e3ab76
This patch introduces a new special page named AutoblockList.
Its design is reused from Special:BlockList.
Bug: T146414
Change-Id: I811d23c98be749d8df36700b07a295355691af77
The log comment on undelete contains a hint about the count of restored
files and/or revisions.
Move this text out of the comment to allow longer comments. Also makes
this information readable inside the api.
This is only for new log entries. Old entries will still show the hint
from the comment and no data in the api.
Change-Id: I9e30eb1271656bb81259a408210e9a282e949c57
If the page exists, it only checks edit rights, otherwise it
checks both edit and create rights.
This would only matter on wikis that have a non-default rights
configuration where there are users with undelete rights but a
restriction level enabled that prevents them from creating/editing
pages (or they otherwise aren't allowed to edit/create)
It should be noted that the error messages aren't used in the
normal UI currently, but they could be in the future, and
extensions could potentially be using them (The backend functions
return them, but the UI functions in Special:Undelete ignore
them)
Bug: T108138
Change-Id: I164b80534cf89e0afca264e9de07431484af8508
Only allow ENTITY declarations inside the doctype internal
subset. Do not allow parameter entities, recursive entity
references are entity values longer than 255 bytes, or
external entity references. Filter external doctype subset
to only allow the standard svg doctypes.
Recursive entities that are simple aliases are allowed
because people appear to use them on commons. Declaring
xmlns:xlink to have a #FIXED value to the xlink namespace
is allowed because GraphViz apparently does that so its
somewhat common.
This prevents someone bypassing filter by using default
attribute values in internal dtd subset. No browser loads
the external dtd subset that I could find, but whitelist
just to be safe anyways.
Issue reported by Cassiogomes11.
Bug: T151735
Change-Id: I7cb4690f759ad97e70e06e560978b6207d84c446
Directly redirecting based on a url paramter might potentially
be used in a phishing attack to confuse users.
Bug: T109140
Bug: T122209
Change-Id: I6c604439320fa876719933cc7f3a3ff04fb1a6ad
Remove vagueness by adding documentation for this, as translators had
problems with the terms "put back" and "bring forward". Also fix minor
lack of precision in those messages.
Bug: T157587
Change-Id: Idef412556ce54820eb65cce0b53dec09f5d95f9e
System messages may take parameters from untrusted sources. This
may include taking parameters from urls given by unauthenticated
users even if the wiki is a read-only wiki. Allowing <html> tags
in such a context seems like an accident waiting to happen.
Bug: T156184
Change-Id: I661f482986d319cf41da1d3e7b20a0f028a42e90
