Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/includes/api
History
Roan Kattouw 70824ccccc API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment.
2010-07-14 19:00:54 +00:00
..
ApiBase.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiBlock.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiDelete.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiDisabled.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiEditPage.php Remove 'minordefault' preference completely 2010-07-14 18:50:32 +00:00
ApiEmailUser.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiExpandTemplates.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFeedWatchlist.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatBase.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatDbg.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatJson.php Whitespace fix 2010-07-08 09:28:31 +00:00
ApiFormatPhp.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatRaw.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatTxt.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatWddx.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatXml.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatYaml.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiFormatYaml_spyc.php Fixed some doxygen warnings 2010-07-11 18:24:53 +00:00
ApiHelp.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiImport.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiLogin.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiLogout.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiMain.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiMove.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiOpenSearch.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiPageSet.php (bug 24296) Added converttitles parameter to convert titles to their canonical language variant. 2010-07-10 11:53:22 +00:00
ApiParamInfo.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiParse.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiPatrol.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiProtect.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiPurge.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQuery.php (bug 24296) Added converttitles parameter to convert titles to their canonical language variant. 2010-07-10 11:53:22 +00:00
ApiQueryAllCategories.php * (bug 23473) - Give description of properties on all modules 2010-06-23 19:36:26 +00:00
ApiQueryAllimages.php * (bug 23473) - Give description of properties on all modules 2010-06-23 19:36:26 +00:00
ApiQueryAllLinks.php Minor followup to r68482, fix the fail I introduced 2010-06-23 19:49:02 +00:00
ApiQueryAllmessages.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryAllpages.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryAllUsers.php Rem superfluous code, as per comments on r68338 2010-06-29 20:22:52 +00:00
ApiQueryBacklinks.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryBase.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryBlocks.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryCategories.php * (bug 23473) - Give description of properties on all modules 2010-06-23 19:36:26 +00:00
ApiQueryCategoryInfo.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryCategoryMembers.php * (bug 23473) - Give description of properties on all modules 2010-06-23 19:36:26 +00:00
ApiQueryDeletedrevs.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryDisabled.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryDuplicateFiles.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryExternalLinks.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryExtLinksUsage.php * (bug 23473) - Give description of properties on all modules 2010-06-23 19:36:26 +00:00
ApiQueryFilearchive.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryImageInfo.php Stylize API 2010-07-06 13:15:59 +00:00
ApiQueryImages.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryInfo.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryIWBacklinks.php Stylize API 2010-07-06 13:15:59 +00:00
ApiQueryIWLinks.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryLangLinks.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryLinks.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryLogEvents.php Stylize API 2010-07-06 13:15:59 +00:00
ApiQueryProtectedTitles.php * (bug 23473) - Give description of properties on all modules 2010-06-23 19:36:26 +00:00
ApiQueryRandom.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryRecentChanges.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryRevisions.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQuerySearch.php (bug 22339) Added srwhat=nearmatch to list=search to get a "go" result 2010-07-09 11:08:18 +00:00
ApiQuerySiteinfo.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiQueryTags.php * (bug 23473) - Give description of properties on all modules 2010-06-23 19:36:26 +00:00
ApiQueryUserContributions.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryUserInfo.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryUsers.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryWatchlist.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00
ApiQueryWatchlistRaw.php * (bug 23473) - Give description of properties on all modules 2010-06-23 19:36:26 +00:00
ApiResult.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiRollback.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiUnblock.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiUndelete.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiUpload.php Stylize API 2010-07-06 13:15:59 +00:00
ApiUserrights.php Correct the address of the FSF in some of the GPL headers 2010-06-21 13:13:32 +00:00
ApiWatch.php API: Make output containing private or user-specific data uncacheable for logged-in users by setting Vary: Cookie or Cache-Control: private, whichever is appropriate. Fixes instances in core and WMF-deployed extensions only. Without this change, the output of requests like ?action=query&list=recentchanges&rcprop=patrolled&smaxage=3600 would be cached in Squid and viewable for anyone using the same URL, even if they don't have patrol rights. Other, more serious exploits are also possible. Also avoid using $wgUser in one place, kill some unused global $wgUser; instances and tweak a comment. 2010-07-14 19:00:54 +00:00