Merge branch 'archwiki'

Conflicts:
	extensions/FluxBBAuthPlugin.php
	extensions/SyntaxHighlight_GeSHi/README
	extensions/SyntaxHighlight_GeSHi/SyntaxHighlight_GeSHi.class.php
	extensions/SyntaxHighlight_GeSHi/SyntaxHighlight_GeSHi.i18n.php
	extensions/SyntaxHighlight_GeSHi/SyntaxHighlight_GeSHi.php
	extensions/SyntaxHighlight_GeSHi/geshi/docs/CHANGES
	extensions/SyntaxHighlight_GeSHi/geshi/docs/THANKS
	extensions/SyntaxHighlight_GeSHi/geshi/docs/TODO
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/AbstractClass.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/AbstractClass_logo.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/AbstractMethod.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/AbstractPrivateClass.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/AbstractPrivateClass_logo.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/AbstractPrivateMethod.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Class.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Class_logo.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Constant.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Constructor.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Destructor.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Function.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Global.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/I.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Index.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Interface.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Interface_logo.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/L.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Lminus.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Lplus.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Method.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Page.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Page_logo.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/PrivateClass.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/PrivateClass_logo.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/PrivateMethod.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/PrivateVariable.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/StaticMethod.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/StaticVariable.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/T.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Tminus.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Tplus.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/Variable.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/blank.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/class_folder.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/file.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/folder.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/function_folder.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/next_button.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/next_button_disabled.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/package.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/package_folder.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/previous_button.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/previous_button_disabled.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/private_class_logo.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/tutorial.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/tutorial_folder.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/api/media/images/up_button.png
	extensions/SyntaxHighlight_GeSHi/geshi/docs/geshi-doc.html
	extensions/SyntaxHighlight_GeSHi/geshi/docs/geshi-doc.txt
	extensions/SyntaxHighlight_GeSHi/geshi/geshi.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/4cs.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/6502acme.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/6502kickass.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/6502tasm.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/68000devpac.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/abap.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/actionscript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/actionscript3.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/ada.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/algol68.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/apache.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/applescript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/apt_sources.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/asm.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/asp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/autoconf.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/autohotkey.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/autoit.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/avisynth.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/awk.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/bascomavr.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/bash.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/basic4gl.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/bf.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/bibtex.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/blitzbasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/bnf.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/boo.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/c.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/c_loadrunner.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/c_mac.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/caddcl.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cadlisp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cfdg.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cfm.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/chaiscript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cil.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/clojure.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cmake.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cobol.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/coffeescript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cpp-qt.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cpp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/csharp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/css.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/cuesheet.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/d.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/dcs.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/delphi.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/diff.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/div.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/dos.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/dot.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/e.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/ecmascript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/eiffel.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/email.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/epc.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/erlang.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/euphoria.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/f1.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/falcon.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/fo.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/fortran.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/freebasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/fsharp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/gambas.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/gdb.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/genero.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/genie.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/gettext.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/glsl.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/gml.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/gnuplot.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/go.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/groovy.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/gwbasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/haskell.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/hicest.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/hq9plus.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/html4strict.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/html5.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/icon.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/idl.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/ini.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/inno.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/intercal.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/io.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/j.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/java.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/java5.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/javascript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/jquery.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/kixtart.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/klonec.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/klonecpp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/latex.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/lb.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/lisp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/llvm.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/locobasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/logtalk.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/lolcode.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/lotusformulas.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/lotusscript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/lscript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/lsl2.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/lua.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/m68k.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/magiksf.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/make.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/mapbasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/matlab.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/mirc.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/mmix.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/modula2.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/modula3.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/mpasm.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/mxml.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/mysql.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/newlisp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/nsis.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/oberon2.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/objc.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/objeck.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/ocaml-brief.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/ocaml.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/oobas.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/oracle11.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/oracle8.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/oxygene.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/oz.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/pascal.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/pcre.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/per.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/perl.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/perl6.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/pf.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/php-brief.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/php.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/pic16.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/pike.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/pixelbender.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/pli.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/plsql.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/postgresql.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/povray.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/powerbuilder.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/powershell.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/proftpd.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/progress.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/prolog.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/properties.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/providex.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/purebasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/pycon.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/python.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/q.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/qbasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/rails.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/rebol.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/reg.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/robots.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/rpmspec.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/rsplus.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/ruby.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/sas.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/scala.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/scheme.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/scilab.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/sdlbasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/smalltalk.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/smarty.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/sql.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/systemverilog.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/tcl.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/teraterm.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/text.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/thinbasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/tsql.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/typoscript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/unicon.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/uscript.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/vala.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/vb.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/vbnet.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/verilog.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/vhdl.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/vim.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/visualfoxpro.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/visualprolog.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/whitespace.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/whois.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/winbatch.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/xbasic.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/xml.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/xorg_conf.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/xpp.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/yaml.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/z80.php
	extensions/SyntaxHighlight_GeSHi/geshi/geshi/zxbasic.php

1 files changed, 61 insertions, 10 deletions

diff --git a/includes/upload/UploadFromUrl.php b/includes/upload/UploadFromUrl.php
index 927c3cd9..0201d5f4 100644
--- a/includes/upload/UploadFromUrl.php
+++ b/includes/upload/UploadFromUrl.php
@@ -34,6 +34,8 @@ class UploadFromUrl extends UploadBase {
 
 	protected $mTempPath, $mTmpHandle;
 
+	protected static $allowedUrls = array();
+
 	/**
 	 * Checks if the user is allowed to use the upload-by-URL feature. If the
 	 * user is not allowed, return the name of the user right as a string. If
@@ -61,6 +63,8 @@ class UploadFromUrl extends UploadBase {
 
 	/**
 	 * Checks whether the URL is for an allowed host
+	 * The domains in the whitelist can include wildcard characters (*) in place
+	 * of any of the domain levels, e.g. '*.flickr.com' or 'upload.*.gov.uk'.
 	 *
 	 * @param $url string
 	 * @return bool
@@ -75,16 +79,49 @@ class UploadFromUrl extends UploadBase {
 			return false;
 		}
 		$valid = false;
-		foreach( $wgCopyUploadsDomains as $domain ) {
+		foreach ( $wgCopyUploadsDomains as $domain ) {
+			// See if the domain for the upload matches this whitelisted domain
+			$whitelistedDomainPieces = explode( '.', $domain );
+			$uploadDomainPieces = explode( '.', $parsedUrl['host'] );
+			if ( count( $whitelistedDomainPieces ) === count( $uploadDomainPieces ) ) {
+				$valid = true;
+				// See if all the pieces match or not (excluding wildcards)
+				foreach ( $whitelistedDomainPieces as $index => $piece ) {
+					if ( $piece !== '*' && $piece !== $uploadDomainPieces[$index] ) {
+						$valid = false;
+					}
+				}
+				if ( $valid ) {
+					// We found a match, so quit comparing against the list
+					break;
+				}
+			}
+			/* Non-wildcard test
 			if ( $parsedUrl['host'] === $domain ) {
 				$valid = true;
 				break;
 			}
+			*/
 		}
 		return $valid;
 	}
 
 	/**
+	 * Checks whether the URL is not allowed.
+	 *
+	 * @param $url string
+	 * @return bool
+	 */
+	public static function isAllowedUrl( $url ) {
+		if ( !isset( self::$allowedUrls[$url] ) ) {
+			$allowed = true;
+			wfRunHooks( 'IsUploadAllowedFromUrl', array( $url, &$allowed ) );
+			self::$allowedUrls[$url] = $allowed;
+		}
+		return self::$allowedUrls[$url];
+	}
+
+	/**
 	 * Entry point for API upload
 	 *
 	 * @param $name string
@@ -140,21 +177,30 @@ class UploadFromUrl extends UploadBase {
 	/**
 	 * @return string
 	 */
-	public function getSourceType() { return 'url'; }
+	public function getSourceType() {
+		return 'url';
+	}
 
 	/**
+	 * Download the file (if not async)
+	 *
+	 * @param Array $httpOptions Array of options for MWHttpRequest. Ignored if async.
+	 *   This could be used to override the timeout on the http request.
 	 * @return Status
 	 */
-	public function fetchFile() {
+	public function fetchFile( $httpOptions = array() ) {
 		if ( !Http::isValidURI( $this->mUrl ) ) {
 			return Status::newFatal( 'http-invalid-url' );
 		}
 
-		if( !self::isAllowedHost( $this->mUrl ) ) {
+		if ( !self::isAllowedHost( $this->mUrl ) ) {
 			return Status::newFatal( 'upload-copy-upload-invalid-domain' );
 		}
+		if ( !self::isAllowedUrl( $this->mUrl ) ) {
+			return Status::newFatal( 'upload-copy-upload-invalid-url' );
+		}
 		if ( !$this->mAsync ) {
-			return $this->reallyFetchFile();
+			return $this->reallyFetchFile( $httpOptions );
 		}
 		return Status::newGood();
 	}
@@ -191,9 +237,12 @@ class UploadFromUrl extends UploadBase {
 	/**
 	 * Download the file, save it to the temporary file and update the file
 	 * size and set $mRemoveTempFile to true.
+	 *
+	 * @param Array $httpOptions Array of options for MWHttpRequest
 	 * @return Status
 	 */
-	protected function reallyFetchFile() {
+	protected function reallyFetchFile( $httpOptions = array() ) {
+		global $wgCopyUploadProxy, $wgCopyUploadTimeout;
 		if ( $this->mTempPath === false ) {
 			return Status::newFatal( 'tmp-create-error' );
 		}
@@ -207,13 +256,15 @@ class UploadFromUrl extends UploadBase {
 		$this->mRemoveTempFile = true;
 		$this->mFileSize = 0;
 
-		$options = array(
-			'followRedirects' => true
+		$options = $httpOptions + array(
+			'followRedirects' => true,
 		);
-		global $wgCopyUploadProxy;
 		if ( $wgCopyUploadProxy !== false ) {
 			$options['proxy'] = $wgCopyUploadProxy;
 		}
+		if ( $wgCopyUploadTimeout && !isset( $options['timeout'] ) ) {
+			$options['timeout'] = $wgCopyUploadTimeout;
+		}
 		$req = MWHttpRequest::factory( $this->mUrl, $options );
 		$req->setCallback( array( $this, 'saveTempFileChunk' ) );
 		$status = $req->execute();
@@ -312,7 +363,7 @@ class UploadFromUrl extends UploadBase {
 			'sessionKey' => $sessionKey,
 		) );
 		$job->initializeSessionData();
-		$job->insert();
+		JobQueueGroup::singleton()->push( $job );
 		return $sessionKey;
 	}