Hope I did this in an ok fashion. svn merge --re-integrate was giving me issues
so I just essentially over-wrote my working copy with the version at img_metadata.
This treats metadata and similar properties to be deleted if the file is deleted, since they
are derived from the file, and i know examples of where the file was deleted to hide sensitive
data in exif. Does still show the file size if file is deleted, because that is what is done
in interface. Follows what ApiQueryLogEvents does and outputs userhidden="" if the user cannot
be displayed due to being hidden.
Due to this bug, all the secret oversight cabal info could be visible for images, so probably
should be merged into wmf stuff soon as possible.
Additionally, rename makeThumbParam back to getScale since that makes more sense now.
Also update the version number used in ForeignAPIRepo user-agent, since this is kind of significant change.
This adds a new parameter to the query=imageinfo (and query=stashimageinfo) that takes rendering
parameters other than width and height. This could be page for pdf's and DjVu, or thumbtime for ogg's, etc.
Syntax is &iiurlparam=param1=value1|param2=value2|... I'm not sure if that really fits with the normal way
of doing things in the api, but couldn't think of anything better since the parameters are arbitrary.
I also noticed that some of the pre-existing error codes in query=imageinfo seem to duplicate the module prefix. I'm
not sure what the deal with that is, but i did not follow that example in the new error codes i introduced.
Note: In order for this to work, both the foreign repo and the local wiki have to be running this code.
* Introduced a "cache mode" concept to simplify the header generation code, and to avoid odd results when conflicting cache header requests are received from submodules, or at least to formalise the handling of such cases.
* Made the cache mode private by default, so that code written in ignorance of caching tends to be safe. If different query modules are used in a single request, private caching is preferred over public caching.
* Removed the "must-revalidate" option from all CC headers, this is really specific to page views with a hacked squid in front, I don't think it's applicable here.
* Made the watchlist module private. This is really the definition of private data. There's nothing in the HTTP spec that says the URL for a CC:public request is private and can't be leaked. CC:private provides protection against unknown proxy behaviour.
* In ApiQueryAllmessages: avoid calling $wgLang->getCode() to check if it's necessary to make a new $wgLang when lang= is specified, since this is the only thing that unstubs $wgUser.
* Removed "FIXME: should this check $user instead of $wgUser?" Answer is no.
