In the off chance something called this, it would break all
sorts of code that expects that either query result functions
either succeed or throw an error.
Callers are not expected to have to check if the result of
a query is meaningful or false due to an error.
Change-Id: I0b4fe1403f55a399ffd40817ed12f857087d6f83
Callback code that happens to make use of $oldValue might not be able
to handle missing, new, or changed fields due to key version changes.
Overhaul testGetWithSetCallback_versions() to be cleaner and cover the
case of unversioned => versioned keys.
Change-Id: If108a73078c530c985d30bdadcbfa9ddd53dc2be
libcurl adds 'Content-Type: application/x-www-form-urlencoded'
to a POST request if the 'Content-Type' header is not set
manually. Because data in swift is updated via POST, the
Content-Type header must be set explicitly to stop a run of
refreshFileHeaders.php from changing the Content-Type of all
files in swift to application/x-www-form-urlencoded
Bug: T178849
Change-Id: I43c21bc1b73e37104cf07cd5f1c1557f472b9898
Use of microtime() is now just for baselines, and it is no longer
assumed to be increasing with each call. Such an assumption is
particuliarly bad on Windows.
I've done 100X run rounds with now failures on Windows.
Change-Id: Ica2a47982495bc95b10ca507414972744ea9507e
Introduces a FirejailCommand class, which can be used to add additional
restrictions to a command, for increased security. For now, firejail
containment needs to be enabled on a per-command basis.
The following restrictions are implemented:
* NO_ROOT - disallows any root access, including via setuid binaries
* SECCOMP - block dangerous syscalls with seccomp
* PRIVATE_DEV - create a private /dev
* NO_NETWORK - deny all network access
* NO_EXECVE - block the execve syscall
A convenient Shell::RESTRICT_DEFAULT is equivalent to NO_ROOT | SECCOMP
| PRIVATE_DEV, with the expectation that more restrictions may be added
to it in the future.
In addition, specific paths can be whitelisted with
Command::whitelistPaths(). Any file/directory that isn't whitelisted in
that top level directory (e.g. /srv) won't exist inside the firejail.
$wgShellRestrictionMethod can be set to false for no restriction system,
'firejail' to explicitly use it, or 'autodetect' to autodetect whatever
system is available. In the future the default should be changed to
autodetection once firejail is tested more.
Bug: T173370
Change-Id: Id74df0dbba40e1e7c07c4368aacffb6eb06a17c5
This simply involves passing it through to the set() call
Also added some related commons to adaptiveTTL() involving
usage of this option.
Change-Id: Id5833a5d4efb6cad2eb646832e5b0188e86e12fc
Only the class level doc comment is checked.
Adding @group Database to a method doc comment will do
nothing.
Change-Id: Ic0fff3636d6c44e7a27df8806c9712155ce81d8c
This class had the wrong name so has not been run since
it was written in 2012.
In If5b1fa39610dbe366649f79beda58f4ea6d58c8f I fixed the
name but the tests fail, so lets just remove it and rewrite
the tests.
Change-Id: Iccdcd4a4f72c8b1329d36ff2e8699ba6b23c9ae7
The format() method is a one-line wrapper around execute(), which
is the real method being tested here. Given the class doesn't
contain any other methods, increase the scope to the whole class.
Change-Id: I8b2c7736c6708c0915a9ce15fef0dc85c63621ea
* Messagebox is now private to Html class to discourage unconventional
usages
* Tests are added for all three helper methods added in
4e7021a231
Bug: T166915
Change-Id: I1c3e4131b2439c0f4fb94ad4e616a909b52d6b78
Adds two new ApiBase::getAllowedParams() keys:
PARAM_MAX_BYTES and PARAM_MAX_CHARS, to set a length
limit for a (string-like) parameter.
This makes it easy to document and enforce database
field length limits (where relying on the database
would either result in unfriendly error messages or
silent truncation, depending on DB settings) and
also exposes them in structured form so API clients
can verify the length without doing roundtrips.
Change-Id: I2e784972d7e11cad79fdef887bbcde297dbd9ce0
This is a first pass at Latin/Cyrillic translitertion for Crimean
Tatar (crh).
Includes transliteration tables, prefix/suffix mappings, regex
mappings, and exceptions lists for words and abbreviations.
Regularize CRH language name in messages/* files.
Fix "varient" typos in qqq.json.
Add unit tests for CRH transliteration.
Bug: T23582
Change-Id: I424703f99adf837f6217872b882d1ea26bfdd068
I4f24e7fbb683cb51f3fd8b250732bae9c7541ba2 releaved
a failing test "PageArchiveTest::testUndeleteRevisions"
that constructs a revision from an array only passing
in 'user_text' and no 'user' field.
After investigation this is quite an odd case that
probably shouldnt happen in production code.
The test cases in this patch test the current behaviour.
Bug: T180210
Change-Id: I7040a16ac6cb29b49f8e7bed1caee72cdd4c6a61
This is a partial revert of:
Idcfd15568489d9f03a7ba4460e96610d33bc4089
which removed these tests.
Bug: T180210
Change-Id: Ib0617ee0a7bd4391ed25415b44a8ed077a985eaa
When TreeBuilder requests reparenting of all child nodes of a given
element, we do this by removing the existing child nodes, and then
inserting the proposed new parent under the old parent. However, when a
p-wrap diversion is in place, the insertion of the new parent is
diverted into the p-wrap, and the p-wrap then becomes a child of the new
parent, causing a reference loop, and ultimately infinite recursion in
Serializer.
Instead, divert the entire reparent request to the p-wrap, so that the
new parent is a child of the p-wrap. This makes sense since the new
parent is always a formatting element. The only caller of
reparentChildren(), apart from proxies, is AAA step 17, which reparents
children under the formatting element cloned from the AFE list.
Left in some debug code for next time.
Bug: T178632
Change-Id: Id77d21d99748e94c064ef24c43ee0033de627b8e
Using a real HTML tokenizer fixes bugs when < or > appear in attribute
values. The old implementation used delimiterReplace(), which didn't
handle this case:
> print Sanitizer::stripAllTags( '<p data-foo="a<b>c">Hello</p>' );
c">Hello
We also can't use PHP's built-in strip_tags() because it doesn't handle
<?php and <? correctly:
> print strip_tags('1<span class="<?php">2</span>3');
1
> print strip_tags('1<span class="<?">2</span>3');
1
Bug: T179978
Change-Id: I53b98e6c877c00c03ff110914168b398559c9c3e
The result of this function depends on the $user and $context
parameters (e.g. it includes the username from the user, and
localisation messages the language from the context). However,
both of them would be ignored if the result was cached, even
if calling with a different $user or $context.
Rather than make this more complicated just remove the caching.
This is not a hot code path: this function is not called at all
on normal page views, it's called just once when viewing
preferences, and at most twice when saving them.
Change-Id: I92390120a16448383a25e9ba2dd35a434a2f21bf
Quoting PHPUnit docs:
The $index parameter for the at() matcher refers to the index,
starting at zero, in all method invocations for a given mock object.
Exercise caution when using this matcher as it can lead to brittle
tests which are too closely tied to specific implementation details.
Indeed these test cases would break horribly with unintuitive error
messages ("Mocked method does not exist") if anything in preferences
or API code called any additional methods on the mocked user. For
example, it relied on the caching in Preferences::getPreferences(),
which is being removed in I92390120a16448383a25e9ba2dd35a434a2f21bf.
I'm pretty sure all that matters here is that all the setOption()
calls with different arguments happen, so let's test just that.
Change-Id: I30a814151a006e5f147eebb918344049807b2b97
