diff options
Diffstat (limited to 'includes/DefaultSettings.php')
-rw-r--r-- | includes/DefaultSettings.php | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 61fec6e1..7498a021 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -75,7 +75,7 @@ $wgConfigRegistry = array( * MediaWiki version number * @since 1.2 */ -$wgVersion = '1.26.2'; +$wgVersion = '1.26.3'; /** * Name of the site. It must be changed in LocalSettings.php @@ -4188,7 +4188,13 @@ $wgDebugTidy = false; $wgRawHtml = false; /** - * Set a default target for external links, e.g. _blank to pop up a new window + * Set a default target for external links, e.g. _blank to pop up a new window. + * + * This will also set the "noreferrer" and "noopener" link rel to prevent the + * attack described at https://mathiasbynens.github.io/rel-noopener/ . + * Some older browsers may not support these link attributes, hence + * setting $wgExternalLinkTarget to _blank may represent a security risk + * to some of your users. */ $wgExternalLinkTarget = false; @@ -4438,9 +4444,9 @@ $wgPasswordConfig = array( ), 'pbkdf2' => array( 'class' => 'Pbkdf2Password', - 'algo' => 'sha256', - 'cost' => '10000', - 'length' => '128', + 'algo' => 'sha512', + 'cost' => '30000', + 'length' => '64', ), ); |