This patch only adds and removes suppressions, which must be done in the
same patch as the version bump.
Bug: T298571
Change-Id: I4044d4d9ce82b3dae7ba0af85bf04f22cb1dd347
Added support for an easy to configure multi-tenant ("wiki farm") mode:
Settings for each site can be placed in a directory specified by
$wgWikiFarmSettingsDirectory. Site detection is controlled by
$wgWikiFarmSiteDetector and defaults to the requested host name.
Instructions for manual testing: https://etherpad.wikimedia.org/p/T221535
Bug: T221535
Change-Id: I7581921b7d99ba1fe7e25523fde691d76b67a99c
Make phan stricter about null types by setting null_casts_as_any_type to
false (the default in mediawiki-phan-config)
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T242536
Bug: T301991
Change-Id: I0f295382b96fb3be8037a01c10487d9d591e7e01
The functions returning null or the class property is set explict null
Found by phan strict checks
Change-Id: I4a271093fb6526564d8083a08249c64cb21f2453
The $class in getInfoBox cannot default to false, because there is no
check for false. It just ends in an implode(). The empty string is also
the default for the called self::infoBox
Found by phan strict checks
Change-Id: I04586c7dc0b32b9eaf01b86a6789b30931d606fb
Taint-check really doesn't like assigning things from $GLOBALS this way,
because it knows that stuff inside $GLOBALS can be tainted (e.g.
$GLOBALS['_GET'], $GLOBALS['_POST']), and since it cannot determine
which key is used in the assignment, it assumes that it's tainted.
As such, the new code patch generates the default values in a separate
method, whose return value is annotated as safe, so taintedness from
$GLOBALS doesn't get into $this->settings.
Also annotate getAcceptLanguage() as untainted, since the raw values
from the HTTP header are matched against a list of known codes.
Change-Id: Ifc44d3703d505962e3b07db7613b5bbf5e448320
This new version of the auto subscription code works with Wikimedia's
Mailman 3 installation. It follows the existing approach of sending a
POST request to the same URL that a web browser would, rather than
introducing a new API. I did add a check for the expected success
message, as well as two types of "duplicate request" failures I would
expect to occur fairly often.
No attempt is made to pass the user's language to Mailman 3, since its
web interface for list management (Postorius) does not seem to allow
selecting a language for anonymous requests. (While the Accept-Language
header does have an effect within Postorius, it does not seem to affect
the messages coming from Mailman Core, including confirmation emails.)
Because the WebInstaller and CliInstaller classes are not documented as
stable to extend (even though it is documented that packagers should
override them instead of altering the original files), the list of
supported language codes is removed without deprecation.
Bug: T281549
Change-Id: Ib4cf03597e9c9b8408c9ca076c2c7cc3cabb5cfc
The non-strict conditions in if/while are true/false without the check.
In some situation the true/false is removed, because it is known to be a
bool (by is_bool check or type hint)
Change-Id: I5ca4c4771af25d2e785e82732df204a73653886e
Taint check checks for possible security issues by tracking html
escaping and more by using phan.
This slows done the phan-job a bit and requires more ram
Keep the DoubleEscaped issues out to make reviewer easier
Adds suppression for false positives
Adds taint-annotation to help taint-check
Removes suppression for code phan now understand better by the tracking
of keys in taint-check
Fix some small issues by adding int cast or htmlspecialchars calls
Bug: T216348
Bug: T268920
Change-Id: I849ac4f120fd15b483e8939d4db45c98dc351259
getInfoBox() is still widely used in the installer itself and shouldn't have
been hard deprecated in the first place. There's also no proposed replacement
documented, unlike the other *Box functions that were deprecated at the
same time.
Also update HISTORY to reflect backing out this deprecation.
This follows up d6ed082b6d.
Bug: T232903
Bug: T257997
Change-Id: I2ea8d1fd49a87ce4eb0382744312c7ffaefa5f81
When starting a session when the detected protocol is HTTPS, use
cookie_secure=1 so that the session cookie has the secure attribute.
Without the secure attribute, a CSRF attack could be used to send
cookies over an insecure channel, leaking the session ID to an attacker
with network access.
Change-Id: I1a4b612425a16da1a7a8fd855f376a377b0b48d7
Also improve the description a bit and explain at a high level
how this code is used, and which classes back those entry points.
Change-Id: Ia69531858e714d0b43a29a7d5b6dcc5c7edd8240
Since MW 1.31 there are messageBox, warningBox, errorBox and successBox
available which should be used instead.
These are simple wrappers around Html::messageBox and related methods
which should be used directly instead. Internal usage has been migrated
as of a9252abb1c, but these public methods remain for now. Once
removed we can also removed the internal Html::infoBox() method.
Bug: T232903
Change-Id: I2756c88987754c4e3f84d98c531d8396098cd7fe
Adding optional $className parameter to provide additional
styling options.
Optional parameter $heading was introduced for MobileFrontend. Therefore
leaving inconsistent parameter order is necessary for the time being.
Bug: T232903
Change-Id: I5857b2c58a47a83156c32f086a73fe2bd48ab0c8
Pass the url to the Copying page as a message parameter instead.
This results in identical text and styling. Not even "external link"
vs plain link styling difference, because that doesn't exist in the
installer stylesheet.
The message is renamed in this commit because it is a breaking
change (due to <doclink> being removed, and due to $2 being
required).
Bug: T227297
Change-Id: I73efd9ecb193523a7e384a7a40c768d32b2361b8
This method is very specific to the installer and is only used in one
place, in WebInstaller, and should probably be moved there.
For now, make its documentation less confusing, more correct, and
mark it as `@internal`, this is not a supported public interface.
Bug: T227297
Change-Id: I8902fe34b80c5152bfd37e9c24427ad48b5f4167
Changes in the behavior:
* The expanding/collapsing now works even with disabled JavaScript.
* There is no FOUC on loading anymore.
* The animation on show/hide is absent.
Change-Id: I1b88d8e2cdbb1c969670a7a8637dba10bf447330
HHVM does not support variadic arguments with type hints. This is
mostly not a big problem, because we can just drop the type hint, but
for some reason PHPUnit adds a type hint of "array" when it creates
mocks, so a class with a variadic method can't be mocked (at least in
some cases). As such, I left alone all the classes that seem like
someone might like to mock them, like Title and User. If anyone wants
to mock them in the future, they'll have to switch back to
func_get_args(). Some of the changes are definitely safe, like
functions and test classes.
In most cases, func_get_args() (and/or func_get_arg(), func_num_args() )
were only present because the code was written before we required PHP
5.6, and writing them as variadic functions is strictly superior. In
some cases I left them alone, aside from HHVM compatibility:
* Forwarding all arguments to another function. It's useful to keep
func_get_args() here where we want to keep the list of expected
arguments and their meanings in the function signature line for
documentation purposes, but don't want to copy-paste a long line of
argument names.
* Handling deprecated calling conventions.
* One or two miscellaneous cases where we're basically using the
arguments individually but want to use them as an array as well for
some reason.
Change-Id: I066ec95a7beb7c0665146195a08e7cce1222c788
global $wgParser was deprecated in 1.32 and services are used
instead to get the parser object via MediaWikiServices. Making
this replacement as we're avoiding globals.
Change-Id: I967a52c481bfcc83552053a03e88acb038810828
If we're going to call `OutputPage::addWikiTextAs*` or
`OutputPage::parseAs*` to parse the message, we don't need to
pre-expand `{{...}}` markup before passing it to the parser.
Follow up to I2f68f73365df876e6f9d017e4e3ddea39c4a1284.
Bug: T206574
Change-Id: I0ee493207ea80c1caba7e60a31714805dc54c64e
This fixes 26 of the phan-taint-check warnings on MW core. Some
are outright fixed, others are false positives that were suppressed.
This really only covers some of the easy ones. There are still
314 warnings to go.
Change-Id: I30463bc3a09fd4324d190de8533f51784764dd3a
Unicode escape sequences cannot be used in single quoted strings,
in which they are treated as literal text.
Follows-up 125cbd8c01.
Change-Id: Ife53a613a801b8bb96542b42fd3d2bb3dccaf629
Directly use the UTF-8 encoding of the 'NO-BREAK SPACE' (U+00A0) instead of
the HTML/XML entities   or   or .
With the UTF-8 character the generated HTML is shorter and better to read.
Also change the special value for the label in HTMLForm from   to
U+00A0 but also support   for backward compability.
Bug: T154300
Change-Id: I882599ac1120789bb4e524c4394870680caca4f4
