Why:
* Naming conflicts may arise on autocreation.
* For example, when generating temporary user names, the config
wgAutoCreateTempUser['serialMapping']['type'] determines how
the unique, numerical part of the name is generated, and naming
conflicts may arise when changing types.
* Specifically we encountered the case of changing the
$wgAutoCreateTempUser['serialMapping']['type'] from 'scramble'
to 'plain-numeric'.
* In general conflict could be avoided in 'plain-numeric' mode if
the highest number used in an existing username is known, by
adding an offset.
What:
* Handle an 'offset' config option in PlainNumericSerialMapping to
allow avoiding conflicts.
Bug: T353545
Change-Id: Id2f9a5b5cc808ce859b93b597cf7ea0efcd9e269
Two messages were added to wgRawHtmlMessages instead of just
fixing the way they were parsed so they can't contain raw
HTML. This fixes that.
In order to avoid breakage on-wiki for old customized messages
that took advantage of them being parsed as raw HTML, rename
the messages too. Also rename a few other messages from the
same set to stay consistent.
Note: These messages are suppressed in favour of Echo's messages
when Echo is enabled, and Echo is enabled on all Wikimedia wikis,
so the existing customized messages on Wikimedia wikis are basically
no-ops.
Bug: T353316
Change-Id: Ib0d1c79247fe091f2806b7c23ffb2fe22cc4df4a
Changes to the use statements done automatically via script
Addition of missing use statements and changes to docs done manually
Change-Id: I443aada1c18c8628b02671aa9fd6f441961e5c2e
So engines can easily parse the site name of MediaWiki pages, let’s
allow site config to provide an OpenGraph site_name property through
a <meta> tag.
Besides T142090 (about og:description)
Bug: T348203
Change-Id: I80cfb89ee7b49bb2d1c41d958f1a0f2c7b447f9f
It is more properly named `$isLinkConversionDisabled`, and since it is
a private property we can easily rename it. The configuration option
still holds onto the old name, though.
Followup-To: I8949f88866ae6bb343edc5febc34c1f5cae83831
Change-Id: Iab4984511e684681dc4b171671b450880f1f470d
This was introduced but never really used outside of core[1]. The only
place that used it in core was MainStash setting which under the hood
will use CACHE_DB (SqlBagOStuff).
This patch removes the "db-replicated" key in $wgObjectCaches without
deprecation because it was never really used in the first place and
had a replacement already when it got released, see: T352481.
[1] https://codesearch.wmcloud.org/search/?q=ReplicatedBagOStuff&files=&excludeFiles=&repos=
Bug: T352481
Change-Id: I8e19ee262a64b00742bb9203b2a2610ec0cc39fa
Following up Id9539a28f0f143539334002c3:
* Don't run the script twice.
* Wrap the decoded dump in an array with key "data".
* The default assignment for DJVU_DUMP and DJVU_TXT had the effect of
running the scripts anyway if the configuration variables are null.
Don't do that.
* If both $wgDjvuDump and $wgDjvuTxt are null, don't run the shellbox
script.
* Centralise shell location configuration.
* Factor out call to convertDumpToJSON().
* Instead of txt_exit_code, just use existence of the file to
communicate success. This avoids a deprecation warning if
txt_exit_code was not received, due to passing null to trim.
* Check for the existence of the result files instead of just trying to
use them.
* Check the exit status of the overall script.
* Confirm that the BoxedCommand branch is functional and works in CLI
mode by using it in DjvuTest.
* Change the service name from "media" to "djvu". Existing examples are
"pagedtiffhandler" and "pdfhandler", i.e. named after the extension,
there is no other core caller. I think it should be more fine-grained
than "media". The name was possibly a conflation with the
ProductionServices array key.
Also:
* Check the exit status of djvudump and don't use the output file if it
is non-zero.
* Check the return value of convertDumpToJSON().
* Don't use isset() unless error suppression is intended.
Bug: T352515
Change-Id: If41a2baada2e4e2462518c1f437af458feb29632
This change was first introduced in Ic4e3dff and then reverted because
of a regression on CLI. So for now forward-port the code from that patch
and put it under a feature flag we can remove once we've debugged
the current issue.
Bug: T289228
Bug: T352515
Change-Id: Id9539a28f0f143539334002c356026b0d185450b
Pages that are fast to render can be omitted from the parser cache
to preserve disk space and cache write operations.
The threshold is configurable per namespace, so the tradeoff can
be evaluated based on different access patterns. For example, pages
that are accessed rarely, like file description pages on commons,
may have a high threshold configured, while pages that are read
frequently, like wikipedia articles, may be configured to be always
cached, using a 0 threshold.
Filtering is based on a time profile recorded in the ParserOutput.
A generic mechanism for capturing the timing profile is implemented
in the ContentHandler base class. Subclasses may implement a more
rigorous capture mechanism.
Bug: T346765
Change-Id: I38a6f3ef064f98f3ad6a7c60856b0248a94fe9ac
Support migration stages when reading and writing blocks.
I tried to set it up for an easy next stage, in which support for the
old schema is removed. I tried to avoid factoring out of shared code
between the two schemas, so that the old schema cases can simply be
deleted without the need to revert unnecessary abstractions.
However, I added HideUserUtils to factor out ipb_deleted queries. Code
review showed that this was already quite complex, with multiple
approaches to the problem, so it benefits from refactoring even without
the schema abstraction.
HideUserUtils is a service rather than a standalone class to support
unit tests, since unit tests do not allow global config access. When
the migration stage config is removed, it will be a service with no
constructor parameters -- an unnecessary abstraction which should
ideally be resolved at that time.
When interpreting result rows, it is possible to share code by using
field aliases. But when constructing WHERE conditions, the actual field
names need to be used, so the migration is more intrusive in
ApiQueryBlocks and SpecialBlockList, where complex conditions are used.
Bug: T346293
Bug: T51504
Bug: T349883
Change-Id: I408acf7a57b0100fe18c455fc13141277a598925
Why:
To inform temporary users about their account expiring
10 days before it is effectively expired.
What:
- Add optional int `notifyBeforeExpirationDays` to $wgAutoCreateTempUser,
for setting how many days before account expiration should users be notified
- Add AutoCreateTempUser config to the tempUserBanner script to use
config values for the popup alerting text logic
- Set the popup default state to open when temp user needs to be notified
- Disable the auto-close option for the popup so users need to
explictly dismiss it.
Bug: T344694
Change-Id: I530e911733c9822d6308ce92fafd425e50942d43
mcrouter-primary-dc was added in 9c14bb5 (I9bc589ec57f4c6), follow
the reverts and reapply too for more context as a way to store tokens
across all servers that run the application, and later purged afterward.
This patch introduces a MediaWiki wrapper service for interfacing
with mcrouter-primary-dc instead of accessing the setting directly
via operations config. This service will be configured by a setting
through $wgMicroStashType.
Testing plan
============
We can begin to directly use this patch as a way to test core rate
limiter via WRStatsFactory. So if that works accurately with this
patch without breaking CI, then that's good news.
In this patch also, MainConfigNames::StatsCacheType setting has been
removed in favor of MicroStashType via a wrapper service. NOTE that
there is already a config patch to take care of the switch and the
former will be removed (on cleanup later).
Bug: T336004
Depends-On: I96f6f7c0240a46e43a785dbd3c0a5a524d4eabc3
Change-Id: I08ebea5e8a601f161fcd678068cecb77f8e15c7c
This config has been set to false in production since 2018 (Ie4ea1dc0d3927).
This doesn't provide much benefit and its impact yet to be proven and
it's blocking removal of ILoadBalancer::getAnyOpenConnection()
That removal makes $dbwSerial unconditionally false which turned the
whole method into a one-liner and since it was used only once,
we just replaced that.
Bug: T325389
Depends-On: I24f33a15d214d49bfb6c6013e7fd64c7d0eb0086
Change-Id: I19043e775fce9f7ddded128cb2c9395b46dd19a3
Why:
Temporary accounts (introduced as part of IP Masking)
are supposed to expire 1 year after their registration.
Automatic account expiration can be done via a maintenance
script, which would be periodically executed via cron / systemd.
Make it possible for extensions to provide their own logic
for generating a list of temporary accounts to invalidate.
This is used in CentralAuth to base registration timestamp
on the global registration timestamp.
The default behavior is "temporary accounts do not expire",
given the feature requires a maintenance script to run
periodically, which will not be the case on third party
instances.
What:
* Add `expireAfterDays` to $wgAutoCreateTempUser, controlling
how many days temporary accounts have.
* Add UserSelectQueryBuilder::whereRegisteredTimestamp(),
filtering accounts based on user_registration.
* Add ExpireTemporaryAccounts maintenance script, which is
@stable to extend.
Bug: T344695
Change-Id: If17bf84ee6620c8eb784b7d835682ad5e7afdfcc
Add $wgEnableMultiBlocks and $wgBlockTargetMigrationStage vars that will
allow for multi-stage migration.
Bug: T346671
Change-Id: Id356445605870abf279f056490040cb2b5921d7a
* qualify class names where needed
* one @see per line
* @see to class constants instead of $wg... variables
* add missing docs for GrantPermissionGroups
Change-Id: Iead0593b227e704ebcf8217608bb2bde82f78c45
In https://phabricator.wikimedia.org/rMW3617c982c9db793515818e1468fa827ae5880358,
the "cookie redirect check" was removed but the setting that controlled
this set was not removed alongside.
Also, double checking that this setting is not configured in production
via our prod configs and always defaults to false is the case today.
Bug: T349791
Change-Id: Ia2a57b57c4c0a9848798f469181738646e0f8dc8
Add a config var named `$wgEditRecoveryExpiry`
(default 2592000s, 30d) instead of hard coding 30d.
Bug: T348593
Change-Id: I67ca48ef9265a102665e0b89b09b0273d3e69a04
The "purge" permission was defined in $wgGroupPermissions, but not
checked in ActionPurge, SpecialPurge, or ApiPurge (until I9fee34f5b4).
The permission check for 'purge' was apparently lost in 2016 (see
I5749ff470d99). Ever since, we have been applying rate limits to
purging, but no permission checks.
Because of this, 'purge' should be declare to be an implicit right,
just like its sibling 'linkpurge'.
Note that the 'purge' permission was not granted to anon users per
default, yet RESTbase has Mocha tests that rely on being able to purge
pages without having to log in. Currently, CI tests for RESTbase are
broken because I9fee34f5b4 inadvertent restored permission checks for
'purge'.
Bug: T291316
Followup-To: I9fee34f5b44e947a00f1aaf2d28202d009e2caec
Change-Id: Iaceea6186a2216ae98118cb70a69ea20882fd982
This creates a new language code, 'x-xss', which is enabled using the
setting $wgUseXssLanguage (similar to how $wgUsePigLatinVariant enables
the 'en-x-piglatin' language code, and likewise defaults to false; will
be enabled in development settings soon).
In this language code, all messages become “malicious”, trying to run
some alert() JavaScript; if any alert() actually fires in the browser,
the message was not escaped properly. ($wgRawHtmlMessages are exempt,
since they’re already known to be “unsafe” and require more rights to
edit on-wiki.) Messages that are not escaped properly are generally a
minor security issue; they effectively let a user with 'editinterface'
right (such as a sysop, on many wikis) run arbitrary JS, without needing
the 'editsitejs' right (normally restricted to interface admins).
Developers can use this language code to more easily check their code
for escaping issues / cross-site scripting vulnerabilities.
Bug: T340201
Change-Id: Ia9a1cf712b139fea5da72046e37035e6de39d8d5
Disabled by default in WMF production, and currently enabled on
www.mediawiki.org and other group0 wikis.
To gain exposure through WMF CI and to provides its value immediately
to local development, enable it in MW core also.
If issues come up prior to 1.41.0, we can switch this back off,
and instead enable it in DevelopmentSettings.php to limit it to CI
and local dev.
Bug: T47514
Change-Id: I0cb58631b465bbd32ce70f9daae039d420d6bb3d
The use of Article::getRedirectHeaderHtml() has been discouraged for a
while, since WikitextContentHandler can (should) be used to insert the
redirect header. Further, since I20db09619999919bfeda997d79561d21e3bf8718
the header should be added as an extension data property instead of
directly concatenated to the HTML. Regardless, this functionality
logically should live in LinkRenderer.
Change-Id: I4d0de0e72473ae039dca420a2733bc746d8c2951
ParserOutput::addOutputHook() has been deprecated since 1.38, and without
any calls to ::addOutputHook() the associated ::getOutputHooks() and
$wgParserOutputHooks configuration do nothing.
Bug: T292321
Bug: T305161
Change-Id: Ib770c680d5e0697980e7e36a323ec56ba1d806b8
Why:
Temporary accounts introduced as part of IP Masking are supposed
to expire 1 year after their registration. Accounts can have
multiple registration timestamps when in a wiki-farm setup,
depending on which wiki we consult.
To implement the account expiration logic, we need to know the global
(first) registration timestamp.
Similar to CentralIdLookup, a concept of a registration date
provider is introduced. Unlike IDs, users can have multiple
kinds of registration dates (Wikimedia recognizes local and global,
but third parties can have different needs). For that reason,
any number of registration providers can be registered at any
given time; caller determines which one is requested. The default
is `local`, which is the only provider that is guaranteed to exist.
What:
* Add UserRegistrationLookup
* Add UserRegistrationProviders config variable
Bug: T344694
Change-Id: If9fa12a392064dd504590a861a175e3604a34fab
In order to check all existing rate limits through Authority, the limit
keys must function as user rights. However, we do not want them to be
"normal" permissions, since they cannot sensibly be revoked, and they
should not clutter the user interface.
To solve this, we introduce the concept of "implicit rights", which are
always granted, but limitable.
Change-Id: I0ea6f29130da1d68d022d47d9221fe878bc9beae
This setting can be used to optimize externallinks queries for certain
domains that have many entries in the externallinks table, but also big
“gaps” where the table contains no entries for that domain. By putting
those gaps (whose el_id values would usually have been obtained on the
analytics databases) into the configuration, we can have MediaWiki tell
the database to skip those ranges of the table instead of scanning
through them. (This is only relevant for domains that have enough
entries that the database chooses to scan the table in primary key order
rather than using the el_to_domain_index_to_path index and filesorting.)
Bug: T341000
Change-Id: Iec4fe01aaa595fbaf3b427b7baa68a9d7209b117
Follows-up 7c2c016e46 (I086e275148). This separates the link from
the response such that when it gets copied elsewhere, hosted elsewhere,
saved offline, proxied, archived, or otherwise served from a different
place or with different content; the header is most likely naturally
not copied along.
This is based on upstream experience by the jQuery Team where e.g.
distributions of jQuery, or concatenations, etc would lead to
confusing errors or inability to see any source in the devtools.
In the Wikimedia community we two similar use cases:
1. people sometimes copy load.php responses to a wiki page, e.g.
as a way to "distribute" a ResoureLoader-built gadget or to
fork/debug some core code.
2. the Internet Archive stores copies of our responses, but doesn't
proactively download source map links.
For example, archiving
https://people.wikimedia.org/~krinkle/wikimedia-minify-2.5.0-test-sourcemap/combine.html
results in:
> … /~krinkle/wikimedia-minify-2.5.0-test-sourcemap/combine.html
> … /~krinkle/wikimedia-minify-2.5.0-test-sourcemap/combine.min.js
> Archived at
> http://web.archive.org/web/20230905211332/https://people.wikimedia.org/~krinkle/wikimedia-minify-2.5.0-test-sourcemap/combine.html
Bug: T47514
Change-Id: I3e85c2afb107ce1185651ab038379e4abe87a445
Already dropped from production
Also dropping FixExtLinksProtocolRelative as it's not useful anymore and
it has been run in previous releases so it's not worth fixing.
Bug: T312666
Change-Id: I1dd6e704b34e685ada6e316da11243d10827d769
This moves the core part of wfGetPrivilegedGroups() out of Wikimedia
config and makes it possible to move functionality built on it into
core.
Bug: T208477
Change-Id: I6536ef2909caeed047447e8b6a25831d6f00d827
Building blocks of CP don't really need to depend on LBF. Even the
config value for CP stash type is also different. But it's being passed
around along the rest of LB/LBF config and possibly down to the DB
object.
This is making the code much harder to understand, adds more coupling
than it needs to, and it's making pieces that don't need to rely on LFB
(like load.php) actually depend on LBF just to disable CP.
This clean up also helps improving DI of LB/LBF and building of DB
objects down the road.
Bug: T275713
Change-Id: Ic27269a1f1190ee7a03c6a422ada7ff293c3cab1
In the debugger of Firefox and Chrome, without any special debug mode,
you will be able to see the original unminified JavaScript source, and
to set breakpoints in it and step through it.
Main visible changes:
* Add a config variable controlling the generation of source map links,
off by default for now.
* For script responses, move errors to the bottom of the response. This
avoids disturbing the source map.
* mw.loader.impl() calls will have less whitespace in debug mode,
because minification is no longer done as a post-processing step on
these calls.
Details:
* Use an index map when multiple responses are requested. This requires
an update to the minify library.
* Add a boolean "sourcemap" query parameter which causes load.php to
deliver source map output instead of regular minified content.
* Bundle sources into the source map and use two kinds of fake URL if a
real debug URL is not available. "Open in new tab" on a fake URL is
not functional.
* In the source map mode, respond with 404 if the version is mismatched
or if the content type is unimplemented.
* Fix createLoaderURL() so that $extraQuery is not ignored when there
are conflicting context parameters, so that we can successfully
override the version. The source map version should match the
delivered content, not the requested version.
* Since minification with source map tracking can't use filter(),
add a new cache for module source maps and minification. Add hit rate
stats.
Also:
* Fix unnecessary array_map() in getCombinedVersion()
Bug: T47514
Change-Id: I086e275148fdcac89f67a2fa0466d0dc063a17af
Mark as deprecated now that it's false by default and deployed as such,
so that we can remove all the dead paths in a future version.
Bug: T314318
Change-Id: If514d058cc92408c67ffb7625e47f224bb510838
Move parts of implementation code comments into something that is
discoverable and understable to a general audience of MW core and skin
developers (not hidden in code mostly seen by maintainers
and contributors to ResourceLoader internals).
Most notably, that the system is turned off by default (and how to
turn it on), that it is limited to requests by unregistered users,
and that the class must follow a certain pattern.
$wgResourceLoaderClientPreferences is removed as part of this.
This is not considered a breaking change as the feature is now
automatically on in the skins needs it (via skin.json), and previously
it was marked experimental and off by default.
Skins are naturally required to have knowledge of this system, as they
need to call into it to persist classes for feature toggles. By removing
the need to also enable it at the site-level we get a few benefits:
1) make skins like Vector easier to correctly install and configure.
2) ease maintenance for skin devs by removing the need to manually
export and check $wgResourceLoaderClientPreferences before calling
mw.user.clientPrefs or otherwise hinting in UI or docs that the
feature persists when it might not be turned on on a given MW site
or WMF wiki.
3) ease browser testing in CI.
Bug: T344069
Depends-On: If9b83dd559cda2dac315afcb65a4761b9e97f319
Change-Id: Ib0b5ee29ec7accb7b291830d2ab6566fe4f4c0c5
The global variable AjaxUploadDestCheck is deprecated and unused since
6c4ac7ddc5 included in MediaWiki 1.38.
Bug: T291375
Change-Id: Ie406adb97bf323cc54041aca2b0204db8b4da859
Instead of replacing isRegistered with isNamed
in the watchlist component, (re)assign the watchlist
rights (`editmywatchlist` and `viewmywatchlist`) to
the `user` group, instead of `*`. This should hide
watchlist-related interface from temp accounts, as
those are not a member of the `user` group.
isRegistered() is kept in watchlist, as technically,
any user with an ID could have a watchlist (it is now
a matter of rights / product decision, rather than
technological reasons).
This patch partially reverts
Ib935fc04387100f25cafd75c632ac5ae7114d5d5.
This is an alternative to Ifeedbbfb520ec26680134279bd44fec98754d897.
What is left is to change the "User registration"
filters to match expectations for temp. accounts
(to be done in a follow-up patch; see T343322).
Bug: T341976
Change-Id: I1ccda3878a658d4251429ae65ebee04c09d81243
The "nonce" CSP feature has been never been properly tested and is not
on track to be enabled at WMF or in MW by default. The use of
nonce-protected eval is not particularly meaningful. It is trivially
bypassed by mw.loader.implement, mw.loader.store, or importScript();
all of which allow any code to be executed directly, or to be stored
and loaded from a first-party origin.
The "nonce" feature is not required for the T208188 roadmap, and with
change I51b8535b2b21a3 there is now also a (small) performance reason
to keep this disabled long-term.
Until and unless there is a plan for enabling this particular aspect
of CSP, we might as well remove it so that we don't waste time our
time building abstraction layers and satisfying dependency injection
through many years for something that might never be used.
Note that this does not remove CSP support from ResourceLoader, and
does not take away from the future of enabling CSP in MediaWiki to
e.g. strictly block third-party scripts, or to require domains to
opt-in by site config or user pref (T208188).
Change-Id: I5a176c41a06a484a11e64bdacdc42b40811fe72e
Introduce a Telemetry singleton for propagating `tracestate` and
`traceheaders` during a MW web request. This class allows for easier
testing and mocking.
In the future we might use this as a wrapper for OpenTelemetry.
Bug: T320559
Change-Id: I3e5e54afa21f8c099877b3765c769f2d2f8f5d61
In https://gerrit.wikimedia.org/r/c/mediawiki/core/+/745386 and
https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/ASODV6622T4YUAY3JO5ZVBL3B5ZQDX2U/
a compelling case is made that we can drop $wgLegalTitleChars as a
configuration option. Extension::TitleBlacklist or, in the near
future, Extension:AbuseFilter can be used to restrict the character
set for those who still have that need.
Similarly, it doesn't seem compelling to make IllegalFileChars
configurable; probably most libraries don't even realize that the
set of legal title characters after a `File:` prefix is different
from the set of legal title characters, and of those that actually
implement this, probably no one is actually respecting a reconfigured
value for $wgIllegalFileChars, because it's not even exported in
siteinfo.
A patch to remove the configurability will land later (probably based
on I70b60ca548e36c676da90553ad8684507096bb28) but for now let's just
announce our intention to fix the set of legal title/file characters
for all wikis and let that ride out into the world in our next
release.
Bug: T297340
Change-Id: If48257ff6e800451b992ed0748abc878fa5e16d3
This adds the core parts of the feature with only the minimum
possible functionality: saving while editing; restoring
when an edit form is re-opened; and deleting (on saving etc.).
Bug: T341844
Change-Id: Ie556a7c981c68e8fe98deba8bf7995bf6c27ecd3
* Add an API-only user preference for diff type
* Retain query parameter stickiness but fix it so that the diff-type
from user preferences does not leak into the query string. So the
no-JS control continues to work. If a no-JS user has the inline
preference set, respect it on the initial load, but add an explicit
diff-type=table to the query string of the table link so that the
preference can be overridden.
* Get the diff type from the initial state of the no-JS button. Infuse
the widget to access the active property using the OOUI public API.
* For a logged-in user, when the JS toggle is clicked, fetch the new
diff body and update the user preference.
* For an anonymous user, when the JS toggle is clicked, update the
prev/next links to include the correct diff-type query parameter.
Bug: T336713
Change-Id: Ie409d79ac8222dfa6ec8fd170b76be088be80b3a
It was so close already, it seemed like an effort was being made.
Unfortuately it is not possible to use @phpcs-require-sorted-array
since it breaks ReflectionClassConstant::getDocComment().
Change-Id: I296bb333a49adc973f65b094b727edf7f6143ba1
These two messages were marked as RawHtmlMessages, but didn't have
any raw HTML, and so it was unnecessary to mark them as such. Instead
make sure they are parsed properly where they are used to avoid any
potential XSS exploits.
There is an override for one of these messages in WikimediaMessages,
and that override used to use raw HTML in order to get target="_blank"
on a link. This adds that functionality to this part of the code
instead, allowing that message to be parsed as normal wikitext
instead.
Bug: T204470
Depends-On: I075bc904a40b3ea224fa44f9627814e3f9cab051
Change-Id: I67922005288cf3fe2da43d92d49de54f88e98926
Since the default for wgParserEnableLegacyMediaDOM is now `false`, this
config will also be set to `false` and wikis can enable it while it's
still necessary.
The plan will be to gradually roll this change out, as was done for
wgParserEnableLegacyMediaDOM, to develop a migration path for templates
and extensions that mimic the legacy media output.
We can start on officewiki.
Bug: T318433
Change-Id: I70e537b2beb99de9a41e7dc66a0d60a508009887
As a first pass, inject various services into the job as this is
now supported by JobFactory.
The second pass will have to survey callers of fixRedirects() and
pass in various services that would be used in the static method.
Also, we need to do same for getFinalDestination() which needs a
DBLoadBalancerFactory service.
Bug: T265942
Change-Id: If61a32b6ce32dc934533603a0e99414ab5771909
Add a switch that allows toggling between inline and two-column format
when Wikidiff2 is installed.
Inline toggle should also support no-JS toggling
The legend should toggle when switching from table to inline after the
first load.
Introduced a temporary feature flag to show this inline toggle so that
we can merge and easily continue the improvements. It will be removed
when ready for production.
Bug: T336712
Bug: T330229
Change-Id: Ie6a48e495f2bb299d8b984e7c40363d534c7915b
This was a temporary flag to allow setting the migration stage for a
comment migration with a temp table.
Since the rev_comment_id migration is done, this is no longer needed.
Dropping the compatibility code for temp tables will be done in
follow-ups.
Bug: T299954
Change-Id: I290a74f27b05cd7e062dda78766911ffe3053d08
- [x] Add Wikimedia Icons to project
- [x] Fetch Interwiki icons if they exist
- [x] Fallback to previous functionality for icons not available in OOUI
- [x] Create config to override icons
Bug: T315269
Change-Id: I5d904e467a978847bbc9af65fdba1ef729068993
Add wgSVGNativeRendering to allow clientside rendering of SVG files
Default is false. When enabled with true, will serve ALL SVG files
as is to the browser.
When set to the string 'partial' it will conditionally serve SVG
files based on criteria. Currently it will force PNG rasterization
for translated SVGs and for SVGs over wgSVGNativeRenderingSizeLimit
wgSVGNativeRenderingSizeLimit is a byte size limit to avoid larger
SVG files (potentially much bigger than a PNG) from being served
directly to browser.
Native SVG rendering does not provide PNG fallback. SVG support in
browsers has evolved far enough that this should rarely be a problem.
Bug: T208578
Change-Id: I9647fdd72f868c821eb20f67b239826f23655a1c
To implement source maps, we want FileModule::getScript() to return
an array with path information, but that would break subclasses of
FileModule which concatenate to the return value of parent::getScript().
So allow scripts to be generated by a callback, eliminating the need for
concatenation in subclasses.
* Factor out most of the loop body of expandPackageFiles() into
expandFileInfo(). Add 'name' to the return value. Ensure 'filePath'
is always a FilePath object since we need that to safely return it
to ResourceLoader later. Document the return value.
* Make sure the base path is always set in FilePath objects returned by
expandFileInfo().
* Factor out the loop body of the final stage of file info expansion
into readFileInfo(). Retain filePath, do not unset it.
* Assert that $fileInfo['content'] is definitely set.
* Convert array_map() in getDefinitionSummary() to a loop.
* Migrate LanguageDataModule.
Bug: T47514
Change-Id: I97d61b5793159cea365740e0563f7b733e0f16de
The UA sniffs that overrode the feature tests are no longer needed.
* MSIE 10: Fine, rejected by feature checks.
* UC Mini "Speed Mode": Redundant, the version that this sniff
matched is pre-ES6. Current versions of UC Mini don't appear to
support enabling "Speed Mode" on random websites nor does it offer
it for Wikipedia specifically.
Details at https://phabricator.wikimedia.org/T178356#8740573.
* Google Web Light: Redundant, shutdown as of 2022.
Any references or extensions that still reach the proxy, get
redirected to our online URLs
https://googleweblight.com/?lite_url=https://en.m.wikipedia.org/wiki/Bananahttps://phabricator.wikimedia.org/T152602https://en.wikipedia.org/wiki/Google_Web_Light
* MeeGo: Redundant, discontinued and presumed rejected.
Either way, unsupported.
* Opera Mini: Fine, rejected by checks.
Details at https://phabricator.wikimedia.org/T178356#8740573.
* Ovi Browser: Redundant, discontinued and presumed rejected.
Either way, unsupported.
* Google Glass: Improve UX (since 2013, T58008).
* NetFront: Redundant. Old versions are presumed rejected.
Current versions are Chromium-based and presumed fine.
The exclusion was not UX based, but due to jQuery explicitly not
supporting it in 2013. This is no longer the case, so we can let
the feature test lead the way here.
* PlayStation: Redundant, same story as NetFront.
The version that matched the sniff is presumed rejected.
Current versions probably fine, but even not, don't match
our sniff so are already enabled today.
Bug: T178356
Change-Id: Ib6263ce3ffd11af5e501de8857f3e48a248c6210
This is an initial quick-and-dirty implementation. The
ParsoidParser class will eventually inherit from \Parser,
but this is an initial placeholder to unblock other Parsoid
read views work.
Currently Parsoid does not fully implement all the ParserOutput
metadata set by the legacy parser, but we're working on it.
This patch also addresses T300325 by ensuring the the Page HTML
APIs use ParserOutput::getRawText(), which will return the entire
Parsoid HTML document without post-processing. This is what
the Parsoid team refers to as "edit mode" HTML. The
ParserOutput::getText() method returns only the <body> contents
of the HTML, and applies several transformations, including
inserting Table of Contents and style deduplication; this is
the "read views" flavor of the Parsoid HTML.
We need to be careful of the interaction of the `useParsoid` flag with
the ParserCacheMetadata. Effectively `useParsoid` should *always* be
marked as "used" or else the ParserCache will assume its value doesn't
matter and will serve legacy content for parsoid requests and
vice-versa. T330677 is a follow up to address this more thoroughly by
splitting the parser cache in ParserOutputAccess; the stop gap in this
patch is fragile and, because it doesn't fork the ParserCacheMetadata
cache, may corrupt the ParserCacheMetadata in the case when Parsoid
and the legacy parser consult different sets of options to render a
page.
Bug: T300191
Bug: T330677
Bug: T300325
Change-Id: Ica09a4284c00d7917f8b6249e946232b2fb38011
The 7% increase in css shipped is because of styles added for the
content-media feature, without dropping content-thumbnail. This is
noted in T297984#8525146
Getting rid of content-thumbnail won't be possible until templates and
extensions that mimic the parser output have been migrated, which is
being worked on in T318433.
Bug: T314318
Bug: T297984
Bug: T318433
Depends-On: Ib54b49d546423dd1b4416c82585bbb686950b29c
Change-Id: Ic587b1b9b8d22f3aef38e8823613815faaa09d9d
Split concepts of "match pattern" and "reserved pattern". Add config
"reservedPattern" which specifies a username pattern to be denied for
creation, but unlike matchPattern, it does not immediately flag all
accounts with such names as temp accounts. This can be used before
migration or after rollback to safely prevent creation of conflicting
accounts.
* Add TempUserConfig::isTempName(), which does what isReservedName()
previously did, i.e. determines if a name is a temp username.
* Make TempUserConfig::isReservedName() return true if the name matches
either the match pattern or the reserved pattern.
* UserNameUtils::isTemp() continues to determine whether a username is
actually a temp username.
* Add UserNameUtils::isTempReserved() as a proxy for
TempUserConfig::isReservedName()
Bug: T307064
Change-Id: I26755731fad89530a06824181106cd7b4e077d9e
* Use IConnectionProvider
* Inject services into the job
* Use JobSpecification to avoid unnecessary service construction
Bug: T27482
Change-Id: I75ac8c53b874742a3a54526692767d0f549e5259
We always wrap the local cluster cache, and there are no subclasses
of WANObjectCache. It was never documented or recommended how these
would be used. It is a left-over from the original 2015 Multi-DC plan
in which WANObjectCache would work differently. See task for details.
Note that this requires no configuration changes, even in the
theoretical case of these variables being used, as the only
option is to use the main cache, and that's also the default.
* Update WAN overrides to override the underlying main cache
instead.
* Fix EditPageTest which was previously implicitly using a 'hash'
as main cache but also relying on wan cache to be 'none'.
The part that it actually needs is the 'none'. When WAN cache is
enabled, testUpdateNoMinor fails due to an edit conflict because
one of the edits it makes is made with a current timestamp whereas
it expects to simulate wpEdittime in the year 2012 which, when
caching is enabled, is ignored and becomes the current time instead.
I don't understand exactly why, but I'm going to conserve that
behaviour for now.
* Fix TemplateCategoriesTest, which was failing due to an unexpected
cache hit:
> [objectcache] fetchOrRegenerate(…:page:10:…): volatile hit
This could be solved in a more realistic way by splitting the test,
or by explicitly resetting services half-way the test to clear
WikiPageFactory, PageStore and WANCache process state.
For now, keep the prior behaviour of no cache in this test.
Bug: T305093
Bug: T329680
Depends-On: If890622eed0d0f8b4bd73d36ba1815a3d760ea05
Depends-On: Ie1def75208822bdf19bb2cfd7e6edf32c2000e6b
Depends-On: I35cce61dc3ee90dcee3dd6f0b36f84133be029ed
Change-Id: I53781a8c06ebb2583f6ca83dd91bbfe8a5c88b13
This supported mostly IE 6 and 7 as well as some very old Safari
versions against sniffing. Browsers later implemented
X-Content-Type-Options: nosniff which should protect against this
problem.
Bug: T309787
Change-Id: Iea61bd82033551008eb1832fe899ea28ccb23385
Copy the Renameuser extension into core, with minimal code changes. The
hook handlers are inlined into Article, SpecialLog and
SpecialContributions.
Bug: T27482
Change-Id: I314021f4138773df6aaf2753b33ab8283cd16974
This changes the name of the rate limits to match the name of the
corresponding permission:
1) "emailuser" is now "sendemail".
2) "changetag" is now "changetags".
This is done in preparation for merging rate limit checks into Authority.
Backwards compatibility is retained, but the old keys trigger a settings
warning which will be shown by the updater.
Bug: T310476
Change-Id: I59163c88a3f9237ee4592f4b51e3f56359f73fc0
Special:Log allows to have the type, the user or type + user as subpage,
link to this page to show logs from me.
- Special:MyLog redirects to Special:Log/<me>
- Special:MyLog/create redirects to Special:Log/create/<me>
This does not show logs against me (like blocks)
Bug: T327565
Change-Id: Id624cb84d8bbac87d2f820c7c283d4c13866bff5
Follows-up If5476e69dd6d6. There is no need to provide the current
path to this class as this not only easy to look up, but in most text
editors it is faster to open the file without a path than with,
e.g. by clicking on the class name in IDEs, or in simpler editors
by simply copying the word "LBFactoryMulti" and using quick open to
view the first matching file with that in its name.
We don't do this elsewhere either, and actually adds confusion on
doc.wikimedia.org where it's not clear how to folllow the instruction.
Change-Id: Iade0dafe2ad0e924d5c8a9fda76065bc806517c5
Fix documentation related to ExtraInterlanguageLinkPrefixes
configuration: it should be a list, not a map, and described usage
better.
In ApiQuerySiteInfo, third-party clients (like Parsoid) need to know
whether a given language link core corresponds to a deprecated
language code or a "real" one; the API was also missing information
regarding which language code an "extra language link" prefix
corresponds to (given by InterlanguageLinkCodeMap in the
configuration).
Finally, add the corresponding bcp47 codes for these interlanguage
links, so third-party clients don't need to know details of mediawiki
internal and deprecated language codes.
Change-Id: I82465261bc66f0b0cd30d361c299f08066494762
Minor clean up:
* Fix broken `@see` in MainConfigSchema.
* Add missing `@since`.
* Doc experimental nature, as per the Ic3b6eec1995393 msg.
* Doc anonymous scope, and mention general strategy for elsewhere.
* Dependency inject, to separate concerns and keep ClientHtml
decoupled from MediaWiki settings like wgCookiePrefix, which
otherwise break testing this class with only RL-specific config.
* Apply JS conventions. Made easier by using "JS" as the heredoc
identifier, which IDEs recognise as for highlighting.
* Move code together with the other documentElement.className
statement. This helps both with understanding the PHP side in terms
of related logic and how it interacts, as well as the frontend as
it literally brings <html script>, client-js, and clientpref all
next to each other.
HTML weight of default Main_Page on localhost, logged-out:
* vector : 23.21 kB / 140.48 kB
* vector-2022 : 24.17 kB / 146.43 kB +6.0 kB
* vector-2022 ClientPref=true before : 24.28 kB / 146.70 kB +6.3 kB
* vector-2022 ClientPref=true after : 24.27 kB / 146.68 kB +6.2 kB
Given:
* $wgResourceLoaderClientPreferences = true;
Test plan:
1. View /wiki/Main_Page?useskin=vector-2022 while logged-out,
confirm the inline script is there, and
"vector-feature-limited-width-content" is set on <html class>,
layout width appears fixed.
2. Run mw.cookie.set('mwclientprefs', 'vector-feature-limited-width-content');
3. Refresh and confirm the class is changed at runtime and layout
width is fluid.
Use mw.cookie.set('mwclientprefs', null) to undo.
Bug: T321498
Change-Id: I07f471b815ffadfca9eb4f7bd228cb72dfd1ec9b
This allows the body classes of skins to be customized for anonymous
users. Enable using $wgResourceLoaderClientPreferences = true;
* Only classes of the form <prefix>-(disabled|enabled)
can be toggled.
* For now no client side API is provided as this should not be
considered stable.
* Storage mechanism is cookie, stored under "mwclientprefs"
* Preferences apply to all skins. This means setting a preference
in Vector 2022 would also lead to class manipulation in Minerva.
This is by design to allow for skin-agnostic preferences. Up to
caller to make sure the class being manipulated is limited to the
skin if required ie. don't use generic classes.
* Avoids try/catch and JSON parsing by storaging as a string
* Places inline script before body tag before first stylesheet to
avoid breaking the article's ability to parse the article
concurrently with stylesheet download.
Usage:
Given a document with classes
"client-js vector-feature-limited-width-enabled ext-feature-enabled"
Set:
document.cookie = 'mwclientprefs=vector-feature-limited-width'
Will result in toggling off the limited width.
Bug: T321498
Change-Id: Ic3b6eec19953932c697ab5bf48c33a4ac1841b07
* Allow for DI of config and PoolCounterConnectionManager.
* Manage the PoolCounterConnectionManager singleton without using
a global/static field.
* Allow for test overrides (in ParserOutputAccessTest) without needing
to bring all of ObjectFactory and 'factory' and thus exposing class
constructors to stable interface (except not really since the args
are hardcoded in practice).
Bug: T201223
Change-Id: I514fee20b388f04f9c85c5a1373845d621c65395
This patch introduces ParsoidParserCachePrewarm job
that is used to warm PC with parsoid outputs in order
to speed up page reads on large wikis.
Bug: T322427
Change-Id: Ib63a02d3cf5348b36f4f166ff6939f4d2e7fef6f
This was marked as deprecated to indicate that it shouldn't be used
to share arbitrary database tables between wikis. However, this has
never been officially supported and so doesn't actually warrant
deprecation.
The only use case for $wgSharedDB that MediaWiki supports (and even
encourages in documentation) is for global accounts shared between
wikis.
Recently, update.php started to block upgrades when a deprecated
setting is used, which has brought this otherwise-innocent deprecation
comment to light. Remove it as such since the feature for which it
exists isn't deprecated, and we don't have any other (supported and
documented) ways of sharing accounts between wikis.
In the future, we might rename this and turn it into a boolean so
that it is easier to understand and maintain, but that's for another
day.
Bug: T308536
Change-Id: I1598630f2ab2c9bd443a5f3e6fc0997ceb52c5b2
This patch introduces a configuration variable that allows one
to control the migration stage in production.
Bug: T299954
Change-Id: I36f1e3cd9fb0f25fd43f4dbb97f791da5eb1147b
This let migrateActors.php creating an actor id for it
(the script itself is already removed from 1.40 in c910301)
Bug: T223027
Change-Id: Id5c3b26bfdcd69391cf6f0d18423a5991ac8b887
Code moved as-is from the extension repo with minor changes:
* Adopt PSR-4 namespace.
* Keep backward-compatibility with "PoolCounter_Client"
in LocalSettings, from before the extension was namespaced recently.
* Document how `connect_timeout` actually works, and that it
was introduced in MW 1.28 (via extension).
* Add stable interface annotations.
Bug: T201223
Change-Id: Iadec5b4b5d2fc7e76509c9be0a8fa605d95c64a7
None are used in WMF-deployed extensions and have been hard deprecated
for multiple releases as well.
Change-Id: I62cfa22291f81295b4908192de8657a750c6716d
This branch fails to compile against PHP 7.4.3, our lowest supported
version, and will not be updated to support that or any newer version:
https://tideways.com/profiler/blog/releasing-new-tideways-xhprof-extension
In doing so, remove the Xhprof class. At this point, it doesn't do
anything other than calling either of two functions from whichever
extension is installed, which can just be done in ProfilerXhprof.
Change-Id: Iba1c16f47c68b36982f5d2dcda3bdf4dcb83501d
for LanguageConverter
"Static default variant" language code won't always be the same of
"language code with converter" when there's one of the variant form
specified as the "default variant language" instead of "mixed-form".
We would like to specify "sh-latn" instead of "mixed-script sh" as the
static default variant language for ShConverter.
The function "getMainCode" was not renamed for compatibility.
Bug: T268033
Change-Id: Ibd0fadf9ba1f740cf4aed06e11138549c9d6dc9f
This restores a rewritten version of
commit 78483caaaf.
- Special:Contribute the default entry point in the menu when enabled
- Otherwise it will link to Special:Contributions (default behaviour)
Depends-On: I65336cfd56e1f6b92c1b3bc83cb5d91bbca065bf
Bug: T319327
Change-Id: I67779b88c4904462f9d847b3edb08a65306b2bfb
* Inline mbUpperChar(), which is confusingly named and has a rambling
doc comment which duplicates the config documentation.
* Memoize the Config::get() call.
* Add a multibyte no-op case to avoid memory allocation.
* Remove "experimental" tag from the config.
It's around 2x faster for non-ASCII input.
Change-Id: Ie88784a20d8b0b6f6c0efee5c940e3a9a06f4bef
Introduced in 2017 with I7f14b9ca2533032 (2e5eb693) but remains
unused at WMF, and disabled by default.
Follows-up I62107789fa (9e49260fc9) which added reap to LinkCache
test cases in 2021.
Change-Id: I0654c29a671467dd6b366f462d1c09b90a273413
This only supports WRITE_BOTH for now, the rest will be implemented.
Tested locally, works fine.
Bug: T318606
Change-Id: I6f898aa89f7d36f3f8a4eb8c23706c64a90896b0
Equals signs have special meaning in wikitext, they're used in template
parameters and headings. Allowing them in usernames complicates things
as it's not possible to use them in wikitext without escaping them.
This only prevents usage in new accounts, so it doesn't stop the problem
entirely, but it stops it from getting worse.
Bug: T254045
Change-Id: I07c0af2c5e44ff67fc0bc6c1ae1d4ce7255aa0cd
This allows config variables to be declared obsolete. Obsolete config
will be omitted from the schema, defaults, name constants, etc. The
purpose of keeping a declaration of obsolete config around is to allow
the updater to warn admins that they are using a config variable that no
longer has any effect, and provide them with a remedy.
The idea is that support for deprecated config can be removed after one
release per the stable interface policy, but the declaration of
obsolete config should be kept for as long as we support updates,
that is, at least two LTS releases.
See https://www.mediawiki.org/wiki/Topic:X4bh4nf3pe2ho5jj for
discussion.
Change-Id: Ia7a00742ea7a5311e820a6a43b11135a3f2a825f
This global variable was replaced by auto-discovery of parser test
files in extensions and is no longer needed (or used).
Change-Id: Ib616e60f36db32ffd8bc69c71a096f23c0a27910
This at least doubles the speed, which would allow the number of
iterations to be doubled and computation of the password hash to
complete in the same amount of time as before, or maybe even a
slight bit less.
The doubling in speed is due to an optimization[1] that so far has not
been accepted into PHP's hash extension.[2] In addition, OpenSSL has
optimized assembly-language hash function implementations for several
common CPU architectures. These provide a further, yet more slight,
performance improvement.
While OpenSSL's PKCS5_PBKDF2_HMAC() is not the fastest implementation
around, using it does not add a new library dependency. And although
better password hashing functions exist, PBKDF2 is still the default
in MediaWiki. For these reasons, I think this change makes sense.
[1]: https://github.com/openssl/openssl/commit/c10e3f0cffb3820d
[2]: https://github.com/php/php-src/issues/9604
Change-Id: I7b06590d4c42581f8749336f9c17777f973a506c
What was previously a REST API-only feature (the thumbnails
hook allowing for thumbnails for non-file pages via the
PageImages extension) is now also being adopted in the main
search page.
That hook will now be called with NS_FILE result thumbnails
pre-filled, which was not the case previously. PageImages
essentially duplicated NS_FILE thumbnail logic that was
already present in Special:Search, so that can (and will
in a follow-up patch) then be removed there. Special:Search
will then simply take whatever is produced from the provider
(which will include both NS_FILE thumbs - which it handled
already - as well as whatever else it receives from the hook),
as will the REST API (which already received both)
Since thumbnails can now come in for multiple namespaces &
having some of those results with & others without a thumbnail
can be quite jarring, it was decided that we'd display
placeholder images (for certain namespaces). This is now
controlled by $wgThumbnailNamespaces.
I also split up a few things in FullSearchResultWidget::
generateFileHtml for more clarity.
Meanwhile also updated mediawiki.special.search.styles.less
to use variables for known colors.
Also implemented a 'transform' (required for testing this
change properly) and 'getDisplayWidthHeight' (it became
needed after implementing transform) callback function for
mock Files, and updated some existing tests in response to
these changes.
And some more Rest test files have been updated to allow
passing around a HookContainer instead of only an array of
hooks (from which a new HookContainer would then be created)
to allow the same container to be used across all relevant
objects, who may have it injected as dependency.
Bug: T306883
Change-Id: I2a679b51758020d3e822da01a1bde1ae632b0b0a
This was introduced in 2015 with 8e3721a2b9 (Iadb34f24d8b, T89308)
as part of the Multi-DC initiative, with the plan being to use this
job when queueng jobs during a requests that are not guruanteed to
be routed to a primary DC (e.g. during a GET request).
Its use was removed as part of T181216, but the job was kept and has
seen numerous maintenance changes since. I propose we remove it as it
is no longer used in any Wikimedia Gerrit hosted code.
The expectation now is that JobQueue backends are responsible for
making sure new jobs can be accepted in any DC. At WMF this happens
by writing to local EventBus/Kafka and the internal streams converging
and mirroring in both directions.
The built-in JobQueueDB implementation is unlikely to be used in for
large wiki farms, but it too would support writes from secondary DCs
from post-send. I haven't tested JobQueueRedis, but it seems like that
could likely also be used in a way that writes locally and replicates
writes from secondary to primary.
Bug: T89308
Change-Id: Ia84d0e9ca047cd78ab8c0d0d055d4199d0e3e5b6
This policy was just the fall-back set in 2015 with the default length
of 1. As pointed out on MediaWiki-l, it is a bit short nowadays, so
raise it to 8 characters, which is what we use in Wikimedia production.
Change-Id: I4e0e57ed910a16804e015c9f1aaf48a5603bf95f
* CDB stands for "constant database" file, hence also changes references
to "constant" when likely intended to refer to CDB.
* Remove reference to non-existent docs/Configuration.md.
* Remove unused resetLocalCache() method. This was documented as
internal for testing only, but tests did not use it.
It was left behind in 2016 with I7d7424345d0ce3ce90 (025f15a208).
Bug: T315315
Change-Id: I61d9689160d9bf5715c4ff18009fbd16236d34e6
This reverts commit cfed8e7743.
Reason for revert: Will implement a hook rather than changing config at runtime
Change-Id: I5a941b871f9a6347744e800ea63cd82450ab6da3
This patch changes the Special:Preferences menu layout to display as a vertical menu. This function will only work for users with AMC enabled.
It also creates a variable (SpecialPreferencesUseMobileLayout) that changes when a user navigates to Special:Preferences on mobile and has AMC enabled.
Bug: T311717
Change-Id: Ia7a730cd7f009dbb921a810f27fae4a9ee66f793
When the deprecation of wikibits.js originally started, it contained
a ton of things [1] such as:
* user-agent utils, `clientPC` and `is_gecko`.
* addOnloadHook.
* importScript.
* appendCSS.
* stylepath and other config vars.
* tooltip, e.g. updateTooltipAccessKeys.
* portlet, addPortletLink.
* tablesorter, e.g. ts_makeSortable, ts_getInnerText
* searchsuggest.
* notify utils, e.g. jsMsg.
* spinner utils, e.g. injectSpinner.
* event utils, e.g. hookEvent.
* siblings scripts included: mwsuggest, sajax.
Except for two (addOnloadHook, and importScript), these have all found
new homes and been succesfully migrated and replaced over the years
with other platform APIs.
The $wgIncludeLegacyJavaScript variable hasn't been needed for a while
as what it gated no longer exits. Remove it and fold the two remaining
functions into mediawiki.base as defacto stable APIs.
* addOnloadHook: Not worth breaking imho. I've shortened the
implementation which saves a few bytes in WMF prod, and adds a few
bytes for CI/third-party where it was previously absent for new
wikis (thus reducing portability).
* importScript: Never deprecated in the first place as there is no
mw.loader equivalent to this. In order to achieve optimal cache
performance, and benefit from automatic purging after edits, one
must craft a very specificly encoded and ordered canonical
action=raw URL. This is not something end-users need to know about,
and is what imporScript exists for to abstract. Plus, it ensures
de-duplication. One day something like Gadgets 3.0 (T36958) might
take off, but for many years to come, importScript remains the best
and only supported and usable means within the platform to share
and load user scripts.
Tested with: `curl 'http://localhost:8080/w/load.php?modules=mediawiki.String%2Cbase%2Cuser%2Cutil&skin=vector' | gzip -9 | wc -c`.
Before: 9.53KB
After: 9.45KB
[1] https://gerrit.wikimedia.org/g/mediawiki/core/+/1.17.0/skins/common/wikibits.js
[2] https://www.mediawiki.org/wiki/ResourceLoader/Migration_guide_(users)
Change-Id: I10f17f68fea862d510d188b927f4a7b38be0e4a4
Instead of checking the result of uncondiional `['host']` access in
the foreach loop afterward, check the result of url parsing directly.
Also:
* Switch to plain parse_url(), we don't support exotic input here.
* Move parsing to loop, minor optimisation, and will often thus mean
we don't even need to parse or check the LocalRepo case, since the
feature is generally only enabled when a cross-domain ForeignRepo
exists.
* Improve docs.
* Remove experimental warning.
Bug: T317329
Change-Id: I6492f5142861513e4a7eb65fe4c14fa12c46977a
The merge of the addition of the new file e36a8af and the creation of
the first patch for removal in the old file b90d2dd overlaps by time and
the information is still there.
Follow-Up: I736cb74efc267fd2473a3267471735238217251c
Change-Id: I6de1e6874206d8a9c7b207b6322d77f6472d22f5
The day has gone. Still keeping the code as the schema changes are not
done in production but the data migration has been finished.
Bug: T299417
Change-Id: I906e069a63d1dae14924c72318b22b16244371d6
The authentication provider's testUserForCreation() method is for
checking whether a given user name is available. The current
user being IP-blocked has nothing to do with that username's
availability so stop checking that. (AuthManager will check it
via AuthManager::authorizeCreateAccount() elsewhere. Although
that method doesn't seem to be doing anything useful and could
probably just be replaced with a direct call to
PermissionManager, but that's left for a separate, less risky
patch.)
Special-case autocreation though, which doesn't use
the more appropiate AuthManager::authorizeCreateAccount() for
performance reasons so it does need an IP block check.
(At least I think it is for performance reasons. Maybe it's
just an unintentional omission, and that should be used instead?)
While we are at it, also fix a TODO in AuthManager where partial
blocks were taken into account for $wgBlockDisablesLogin, and
clarify in the config schema that they aren't, improve some
comments to make it more obvious why some things are/aren't
done in CheckBlocksSecondaryAuthenticationProvider, and make
the logic more similar to the one in testUserForCreation().
Functional changes:
* Partial blocks are ignored for authentication, account
creation and autocreation.
* On $wgBlockDisablesLogin wikis IP blocks won't prevent
login anymore.
* On $wgBlockDisablesLogin wikis, blocks will now prevent
account autocreation even if they are not configured to
prevent account creation. The assumption is that on such
wikis account creation is restricted via some means.
This probably isn't necessary as blocks should also prevent
the conditions needed for autocreation (e.g. log the user
out centrally), but can serve as defense in depth.
Along with the special-casing of autocreation, this means
on such wikis any IP block will prevent autocreation, which
is not great but seems not worth even more code complexity
to avoid.
* The action=query&list=users&usprop=cancreate API won't take
blocks into account anymore.
Bug: T306018
Bug: T208895
Change-Id: Ie94d61640301192b287275311f3452e606469d25
We’ve been using it in production for two months without issues as far
as I’m aware, so let’s start documenting it as a more permanent feature.
(After all, people querying the table, e.g. via Quarry, need to be aware
of it.)
Bug: T306589
Change-Id: I66d405b34f02c57a337d196124c0d5a4d3a3b20b
When $wgWatchlistExpiry = true and a user adds a page to their
watchlist, they are currently presented with a combo box where they can
pick a duration of permanent, 1 week, 1 month, 3 months, and 6 months.
This patch adds 1 year to the combo box, and raises the maximum age to 1
year. `api.php?action=watch&expiry=1 year` will now also work.
Bug: T313255
Change-Id: Ia84d6f99584ae23feea3831499d5baee2dd1a024
MediaWiki sets a large 'Cache-Control: s-maxage=' directive on page
views only if the request URL matches one of the normal CDN URL forms.
When MediaWiki is behind a CDN that re-orders query parameters on
request URLs, we want the CDN URL matching logic to be insensitive to
the order of query parameters. This change introduces a
'CdnMatchParameterOrder' configuration option that can be used to
control this behavior. It defaults to 'true', which preserves the
existing behavior (order-dependent matching).
Bug: T138093
Change-Id: I3c52ca47e095ba32511892853dac6c87a1cc2321
Remove Flash cross-domain policy mangling. Users who are somehow still
using Flash as a browser extension will be exposed to CSRF
vulnerabilities.
Deprecate the config since deprecation has some advantages in the new
config system over simple removal.
Bug: T279496
Change-Id: I2c0e85a430d7e6aaf8d5decd00cf1dade04cebe1
This ensures we don't show ToCs in vector-2022 for Javascript pages
which contain raw <h2> elements.
This version uses the same "canonical options" hack that is used for
language conversion tables. These should both be replaced by a
(not yet existing) mechanism in the future: T313455 is the
task for that.
Bug: T307691
Depends-On: I35e199cca40c0e4359ac493e5806dcf4ae49321c
Change-Id: Iba6a8b6c59bf91e3d06896f0a610c3c3e52e6564
Validating against the live schema on the WMF cluster exposed several
issues with the config schema. Mostly settings declared to be lists
which are actually associative arrays.
This also removes deprecation markers for some settings that are still
in active use, just discouraged or unstable.
Change-Id: I63e816edd1a561bda6063f8558ccce88c113df3f
This adds functionality to SettingsBuilder for collecting warnings to be
logged later, when the logging mechanism has been set up.
This also adds a validation step to update.php that aborts the update
if any warnings have been registered in SettingsBuilder, or the settings
fail to validate against the settings schema.
Change-Id: I387905289fb93591f79b96bf4c6cb5ec692b2aff
I don't recall why I added this. Possibly in a confused effort
to match /tests/phpunit, except /tests/phpunit/suites is not
where test cases live, they live under /tests/phpunit/* directly,
mostly /tests/phpunit/includes named after the source directory.
The correct equivalent to that is /tests/qunit/resources for JS.
While at it, also remove mention of this concept from various other
places where it doesn't add value. It's one more word/concept to
learn, process, understand, or translate mentally. They're just tests,
or for the one or two places where we care about how they are
internally transmitted, a "test module".
Bug: T250045
Change-Id: I5ea22e4965d190357aa69883f29f9049ee8ebf13
- schema change to allow tl_namespace and tl_title being empty
This is done by removing them from primary key. They don't need to be
nullable as they have default value.
- Make sure with WRITE_NEW, updater avoids writing to the old columns
Bug: T306674
Change-Id: I2b8a29043e952060e7a79b6a7a3d647d48cd16fb
The goal is to keep the actual default values for settings in the same
place as the setting is declared, and applied using the regular means
for loading the settings -- not in a separate piece of code that needs
to be loaded through some entirely different mechanism.
SetupDynamicConfig.php now contains a few categories of things:
* Post-processing of configuration settings, where already-set settings
are altered. This could be moved to MainConfigSchema too as a separate
set of methods.
* Processing of old aliases of settings (blacklist, slave) that are not
registered as settings anymore and therefore are not available to
MainConfigSchema. This could perhaps be moved to LocalSettings
processing somehow?
* Setting $wgUseEnotif, which is also not registered as a setting.
Easiest would be just to declare it as a setting and have it set
unconditionally.
* Setting the actual timezone to $wgLocaltimezone. This is not related
to configuration and should just be in Setup.php.
Bug: T305093
Change-Id: Ia5c23b52dbbfcb3d07ffcf5d3b7f2d7befba2a26
