Not really a server error since there's nothing we can do about invalid
user-provided data.
Bug: T166229
Change-Id: I87a7be32ae7e80c112be556bc13db19f11e614ca
Follows up Iaa85ac49.
This also ensures that the Skin correctly refers back to the constructed
OutputPage even when 'useskin' isn't specified.
Change-Id: I983e907c05acd753733e88904953f355e26f393d
Required for Idc41934eb89.
* If 'useskin' is set, run ParserOutput through OutputPage (with proper
Skin set up). Specifically call addParserOutputMetadata().
Then use OutputPage isntead of ParserOutput to retrieve that subset
of meta data. Such as modules, lang links and config vars.
* Deprecate 'effectivelanglinks' in favour of 'useskin'.
* Simplify 'headhtml' support and re-use this new code.
Change-Id: Iaa85ac49f6e0cbdf7f1bb0f50a8f7730d119f0a2
If someone strangely supplies 0 as an id, the tricky version confuses
that with null and winds up making the DB layer throw an exception. Just
do it more straightforwardly.
Bug: T165100
Change-Id: Id8376d419e7758c0bf92ad50dd7b7ac283a73101
If rvstartid/rvendid are used with revisions that have the same
timestamp, we should omit any revisions with the same timestamp but
out-of-range IDs.
Bug: T163532
Change-Id: I6ba5e0724945668dad55eec0d09cb7d3fe08e347
We tried something like this once before, but reverted it because it was
an unintended behavior change (see T98467). This time it's intended, we
need it for query optimization.
The behavior changes here are:
* rvstartid/rvendid is exactly equivalent to specifying rvstart/rvend
with the corresponding revisions' timestamps.
* If the revision for rvstartid/rvendid is not found in the database, an
error will be thrown.
This will pull timestamps from deleted revisions, i.e. the `archive`
table. While this is technically an information leak (that some revision
ID exists as a deleted revision and the time the revision was made),
it's minor and in line with the information revealed in Tool Labs thanks
to T51088.
Bug: T163532
Change-Id: Ida64a377c38b3553aa82ac754d80e8f898caf6c5
This will allow CSS to target just the parser output, without also
accidentally targeting the edit form, diff tables, and so on.
Bug: T37247
Change-Id: If4eb5bf71f94fa366ec4eddb6964e8f4df6b824a
Depends-On: I330c6aa4aaee045614b1801ed34bc9e03be69650
Depends-On: I52a518fa44e017841fe78474012cd69823e0a41d
This feature flag was added to comply with WMF's schema change policy.
It is no longer needed now that the feature is enabled on WMF sites.
External MW installations will run update.php or manually do DB updates
as required before upgrading MW.
Bug: T162517
Change-Id: I5b532d79fd1e8b178490cf2617499ae62967de2c
The hit count query was quite slow. Unfortunately, it seems that we do need
tagUsageStatistics() even when hitcounts are not requested, because it
might list additional tags that aren't listed by the list*Tags() functions.
I don't know if this can happen in practice, but all the code around tags
seems to operate as if it might.
Bug: T164552
Change-Id: Ifccf7f5ac7a1220ff67a68589398cbf30aefd3ad
It's a known bug in some versions of mysql (including WMF dbs) that it
won't do a loose index scan when a limit is applied. Given that number
of possible types is still very low, this shouldn't be a problem.
More info: https://bugs.mysql.com/bug.php?id=61517
Bug: T115825
Change-Id: I4c3b885ac05b793088a92e054a38a36b9d07c0d4
maxlag is the default mechanism most bots and libraries use in
determining when to back off due to wiki overload. However these days,
there are other things that should be considered when asking bots to
back off, one of those is job queue size.
For compatibility and simplicity of use, the number of jobs is converted
into something resembling seconds using a configurable factor. We also
output the total number of jobs in the API error output so more
sophisticated clients can do a more advanced back off.
Bug: T160003
Change-Id: Iedae2344a3d93202efbdd1bf807cef6165b6257a
If the page exists, it only checks edit rights, otherwise it
checks both edit and create rights.
This would only matter on wikis that have a non-default rights
configuration where there are users with undelete rights but a
restriction level enabled that prevents them from creating/editing
pages (or they otherwise aren't allowed to edit/create)
It should be noted that the error messages aren't used in the
normal UI currently, but they could be in the future, and
extensions could potentially be using them (The backend functions
return them, but the UI functions in Special:Undelete ignore
them)
Bug: T108138
Change-Id: I164b80534cf89e0afca264e9de07431484af8508
Stuff like passwords and CSRF tokens shouldn't be in the logs.
The fact of being sensitive is intentionally separated from the need to
be in the POST body because, for example, the wltoken parameter to
ApiQueryWatchlist needs to be in the query string to serve its purpose
but still shouldn't be logged.
Bug: T125177
Change-Id: I1d61f4dcf792d77401ee2e2988b1afcb2a2ad58f
This is the correct/canonical index name. For usages on mysql it will
map to the unprefixed version.
Bug: T154872
Change-Id: Ie2daf7b33428855ac59c85bf04a99a9bca7feba1
Links generated by the API are now aware of the user's preferred
language and will show documents in that language if available.
To test, log in to mediawiki.org and set your language preference to 'es',
then on an MediaWiki installation with this patch view the generated
expanded API help at `api.php?action=help&recursivesubmodules=1&modules=main`.
Each link to documentation on mediawiki.org should take you to its
translated /es subpage, if one exists.
Bug: T104518
Change-Id: I339a1f3ae1bce9d759cf251899d57c32b1def91e
Passing in the 'parsewarnings' property will return warnings related
to parsing content.
Bug: T92634
Change-Id: I7e54765ee9a24ffb78e7763f73a520151023baf6
This reverts most of commit c84ba4d864.
The changes made there are no longer needed, and nothing in Gerrit seems
to have started using them since they were added.
The added constants in WikiPage, WikiPage::getLastPurgeTimestamp(), and
Article::getLastPurgeTimestamp() are deprecated, useless, and unused,
but not removed yet since they snuck into 1.28 so we can't revert them
without a deprecation period. Sigh.
Bug: T145649
Change-Id: I526fd4e004bee84c831a4cee71e44e92ee73480b
Meanwhile, also change ApiQueryAllImages to search by
user ID instead of username. This is also how ContribsPages,
LogPager, ... work already.
This will use the new index on img_user. The old index is still
around, but is likely not going to be used in practice (users
have to logged in to upload)
Do not merge until I4db7bd0f917a428f40eb315246f89d49c7ae5b6a has
been deployed.
Bug: T125071
Bug: T121865
Change-Id: Ida22555f00530f393e739366fa9e79ecabf3c0eb
