From a22fbfc60f36f5f7ee10d5ae6fe347340c2ee67c Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Sat, 3 Dec 2011 09:20:55 +0100 Subject: Update to MediaWiki 1.17.1 --- includes/Wiki.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'includes/Wiki.php') diff --git a/includes/Wiki.php b/includes/Wiki.php index b2cb1eb0..4c3af0f7 100644 --- a/includes/Wiki.php +++ b/includes/Wiki.php @@ -149,10 +149,21 @@ class MediaWiki { * @return boolean true if successful */ function preliminaryChecks( &$title, &$output ) { + global $wgTitle; // If the user is not logged in, the Namespace:title of the article must be in // the Read array in order for the user to see it. (We have to check here to // catch special pages etc. We check again in Article::view()) if( !is_null( $title ) && !$title->userCanRead() ) { + // Bug 32276: allowing the skin to generate output with $wgTitle + // set to the input title would allow anonymous users to + // determine whether a page exists, potentially leaking private data. In fact, the + // curid and oldid request parameters would allow page titles to be enumerated even + // when they are not guessable. So we reset the title to Special:Badtitle before the + // permissions error is displayed. + $badtitle = SpecialPage::getTitleFor( 'Badtitle' ); + $output->setTitle( $badtitle ); + $wgTitle = $badtitle; + $output->loginToUse(); $this->finalCleanup( $output ); $output->disable(); -- cgit v1.2.3-54-g00ecf