This opens up a hole for administrators to load images from external resources,
potentially leaking user's private information to external servers (IP address,
User-Agent, etc.).
Change-Id: Ie780637b292493e664e4d54671a5bb81046106f4
Partial blocks logic will be used in multiple places. This
classes will group block restriction functionality to avoid
code duplication
Bug: T202036
Change-Id: I675316dddf272fd0d6172ecad3882160752bf780
The hooks that used to be called by this class will be removed in
I24d6fa963. The only reason to keep this class around is that
someone might have added it to $wgAuthManagerConfig so removing
it would trigger class lookup failures, so make sure any use
of the class triggers a deprecation warning.
Change-Id: I9755288eda7461ecf3dcd35de2081fbb3eb04ae3
These were introduced in MW 1.17 and are always true in production.
They were useful to allow folks to defer title conversion, but it's
been a long time now. We don't need to make this optional any more.
Change-Id: I65dcfe80dc3e1dfeb4d63924a8928655e012a20c
Add BCP 47 codes to $wgDummyLanguageCodes to ensure that
Language::factory() will return a valid MediaWiki-internal code if
given a BCP 47 alias. We will want to make $wgDummyLanguageCodes a
private property of LanguageCode eventually, but let's start with
removing it from user configuration.
Setting $wgDummyLanguageCodes in LocalSettings.php has been deprecated
since 1.29. Hard deprecate adding entries to $wgDummyLanguageCodes so
that we can eventually remove manual overrides from user
configuration.
This is a follow-up to 48ab87d0a3,
which described the various categories of codes, and
21ead7a98d, which added the correct
BCP 47 mappings.
Bug: T207433
Change-Id: I9f6dda3360f79ab65f6392f44c98926588d851c8
This header supports Squid in forward-proxy mode using HTTP/1.0
HTTP headers. It is not used in production.
Change-Id: I99646c9c5519bd55b3d4988306e379f89d413bdc
With this change, MediaWiki will no longer have a 'JavaScript-powered'
wikitext toolbar, and instead sysadmins will be required to choose one
(or more) of the several extensions available for this purpose if they
need the functionality. For over half a decade MediaWiki's tarball has
included the 2010-era replacement for this feature, WikiEditor. We are
now working on replacing even that, with the 2013-era visual editor, a
mode of which is the forthcoming 2017-era wikitext editor, and several
more specialised editors like CodeEditor.
Beyond this, the core editor toolbar is ancient, un-loved, and is used
only exceptionally rarely, mostly by accident. It is unhelpful to give
implicitly this as the primary editor for MediaWiki just because we've
not removed it from core when it is not a very good experience for any
kind of user, and has not received the attention that users deserve to
be worth retaining in core.
The old core preference, which was intended to govern whether this old
toolbar should be shown, has since mutated into whether the to run the
EditPageBeforeEditToolbar hook. The hook is used by several extensions
to provide toolbars in lieu of the core one. This preference has been,
in practice, a very confusing preference for MediaWiki users, who have
to interact with quite similar preferences to toggle their real editor
which sit next to this one on the preferences page. Consequently, this
preference is also removed.
The code could be made into an extension for those (very few) users of
MediaWiki who might want to keep on using it. However, the author will
offer their services but not their encouragement in said undertaking.
Bug: T30856
Bug: T32795
Change-Id: I2b05f0ca25873ad8e0b33a5e4938bef52c4e9347
No longer used anywhere(?); we'd rather not have to explain the temporary
variable in the MediaWiki 1.32.0 release notes if we can instead just not ship
it.
Bug: T192620
Change-Id: Icfb82f228512ed45f1a27ce3e565fbc5fc09f39c
The `Key` header was a draft IETF specification which expired without
becoming a standard. It does not appear to be in active use anywhere.
Change-Id: I3924a1b5ff428b107573d2827c40e4af8adaaeb1
When this was originally written, the plan was to read both the old and
new fields during the transition period, while stopping writes to them
midway through. It turns out that the WHERE conditions to do read-both
correctly are generally not handled well by the database and working
around that would require a lot of complicated code (see what's being
removed from ApiQueryUserContribs here, for example).
We can simplify things greatly by instead having it write both fields
during the transition period, reading from the old for the first part
and the new for the second part, as is being done for MCR.
Bug: T204669
Change-Id: I4764c1c7883dc1003cb12729455c8107319f70b1
Depends-On: I845f6ae462f2539ebd35cbb5f2ca8b5714e2c1fb
Depends-On: I88b31b977543fdbdf69f8c1158e77e448df94e11
Pages with many revisions experience transaction size exceptions,
due to archiving revisions. Use the job queue to split the work
into batches and avoid exceptions.
Bug: T198176
Change-Id: Ie800fb5a46be837ac91b24b9402ee90b0355d6cd
wgStructuredChangeFiltersShowPreference, wgStructuredChangeFiltersShowWatchlistPreference,
and wgStructuredChangeFiltersOnWatchlist were introduced for progressive rollout
of the RCFilters app on RC and WL.
These variables and their related conditional code is no longer needed.
Bug: T196033
Change-Id: Id3799fefd21cd9bea0e089a5e12576ee9ea1085e
This has been soft-deprecated since MW 1.26; this hard-deprecation
sets the stage for future removal of this old cruft.
Bug: T198214
Depends-On: Idf246d05d116f63a73105b50a1929a7721fbe7b9
Change-Id: I2e7d990da1da378eb6e828d4b3c0f5a41791dd92
$wgDBTableOptions is overridden in the installer-generated
LocalSettings.php, and is always set to binary now that the installer UI
option has been removed. However, the value from DefaultSettings.php is
used when the installer installs an extension, since in this case
DatabaseUpdater is called without reading the generated
LocalSettings.php.
Binary is almost certainly the right answer since many extensions can't
even be installed without this option, they hit a key length error.
Change-Id: I87df736a4d9e49c9535d55bd556e636500ca203f
This changes the user name to "User unknown" when constructing a RevisionRecord
from a database row that has an empty ar_user_text resp rev_user_text field.
This may cause "User unknown" to be written to the database, if the
RevisionRecord is used as the basis for a new revision that is being created,
particularly during undeletion. Since "Unknown user" is listed in
$wgReservedUsernames, this should never lead to conflicts with actual user
names.
It is assumed that empty ar_user_text and rev_user_text fields will be
fixed during migration to the new actor based database schema.
Bug: T195692
Change-Id: I506c513b019778d83741e47f0d11093f5ab67a54
This is a re-submit of the config change at the heart of I15989adae2b5
which got reverted in I5426b5efd0 dues to T204065.
Bug: T198561
Change-Id: I7a85d0c4d8288df061841c9144d895af1318dc45
This patch exists to see if CI passes with
$wgMultiContentRevisionSchemaMigrationStage set to
SCHEMA_COMPAT_WRITE_BOTH | SCHEMA_COMPAT_READ_NEW.
NOTE: verify that $wgMultiContentRevisionSchemaMigrationStage
is explicitly set toSCHEMA_COMPAT_WRITE_BOTH | SCHEMA_COMPAT_READ_OLD
in production config (T197816) before merging this.
Bug: T198561
Depends-On: Ib718868d2c768b6ea851355eef047bc0e6593495
Change-Id: I15989adae2b5916577d164c50d7da88774e49324
Title::getRootText() uses the text form (spaces) of the title, while
$wgRawHtmlMessages was specifying them in dbkey form (underscores).
And add tests while we're at it. Which spotted that the existing
code didn't work. Whoops. Fixed.
Change-Id: I05eea553c588e0f99f862e07ad15386507ed0728
When enabling $wgResourceLoaderEnableJSProfiler, mw.loader gets instrumented
with the following timing values for each of the modules loaded on the page:
* 'total' - This measures the time spent in mw.loader#execute(), and
represents the initialisation of the module's implementation, including
the registration of messages, templates, and the execution of the 'script'
closure received from load.php.
* 'script' – This measures only the subset of time spent in the internal
runScript() function, and represents just the execution of the module's
JavaScript code as received through mw.loader.implement() from load.php.
For user scripts and site scripts, this measures the call to domEval
(formerly known as "globalEval").
* 'execute' - This measures the self time of mw.loader#execute(), which is
effectively `total - script`.
To view the report, enable the feature, then run `mw.inspect( 'time' )` from
the browser console, which will render a table with the initialisation
overhead from each module used on the page.
Bug: T133646
Change-Id: I68d1193b62c93c97cf09b7d344c896afb437c5ac
Since SDC doesn't actually require the edit form to handle multi-slot
editing, updating EditPage with its normal undo handling is being put
off for later. But in the mean time we still want some sort of "undo" to
work, hence this mcrundo that doesn't allow for editing.
Bug: T200216
Change-Id: I1f11d8ed141cb11576d2df883856d03e8f64bd38
Depends-On: Iedd9bf6c057e8b396a575bab700b15bd38b32cc9
This was removed from MediaWiki in 1.23 already, but was still
lingering in DefaultSettings.
Follow-up to: I578341430f53bef6d02b8ad78c1c1f2e6b96c064.
Previous, reverted attempt: acda2cc90a.
Bug: T97709
Change-Id: I94a0c7c20f78c31149685c4443564be240ddad50
Not used since 2011 (MediaWiki 1.18).
In an early version of ResourceLoader, we ran JSMinPlus syntax
validation on-demand on all served JavaScript content. This
was identified as cause of slowdown and high memory use, and
generally not considered as useful in production.
The reason it was there originally was not for the purpose of
validating static files, but for user-generated content.
So in MediaWiki 1.18, the behaviour of wgResourceLoaderValidateJS
was changed to only apply to user-generated content, and the
rest was disabled behind wgResourceLoaderValidateStaticJS, which
we then never use. Not even in development, given that we now
have superior experience through ESLint, even within IDEs where
supported.
Follows-up 49d3d18033 (r91914).
Change-Id: Ie25109a4fb23ee93fed0db4af5db4b11fe9ffe7f
* Move $wgEnableProfileInfo to DefaultSettings.php
* The configuration variable to enable the entry point was added
together with the entry point itself in 9af3c09e5c (r9846).
* Change references to StartProfiler.php to refer to LocalSettings.php,
given the former is deprecated since 1.31 (I4e8dd9558132).
Change-Id: I7ca5f2deace8645f06bebd915630c1de05c84bc5
