diff options
| author | Pierre Schmitz <pierre@archlinux.de> | 2011-01-04 12:24:29 +0100 |
|---|---|---|
| committer | Pierre Schmitz <pierre@archlinux.de> | 2011-01-04 12:24:29 +0100 |
| commit | 8f93926e1bc6e96fc11b4d0d201025022d471de7 (patch) | |
| tree | 7e13841de0a7d33faf5481d44ca7471ce639193a /includes/specials | |
| parent | fe786bf329367b2d2663ea7f2474ceaeeace6180 (diff) | |
update to MediaWiki 1.16.1
Diffstat (limited to 'includes/specials')
| -rw-r--r-- | includes/specials/SpecialAllpages.php | 1 | ||||
| -rw-r--r-- | includes/specials/SpecialCategories.php | 1 | ||||
| -rw-r--r-- | includes/specials/SpecialContributions.php | 10 | ||||
| -rw-r--r-- | includes/specials/SpecialLinkSearch.php | 4 | ||||
| -rw-r--r-- | includes/specials/SpecialSearch.php | 1 | ||||
| -rw-r--r-- | includes/specials/SpecialSpecialpages.php | 1 | ||||
| -rw-r--r-- | includes/specials/SpecialUpload.php | 38 | ||||
| -rw-r--r-- | includes/specials/SpecialVersion.php | 1 |
8 files changed, 37 insertions, 20 deletions
diff --git a/includes/specials/SpecialAllpages.php b/includes/specials/SpecialAllpages.php index a36cdca7..19816dcd 100644 --- a/includes/specials/SpecialAllpages.php +++ b/includes/specials/SpecialAllpages.php @@ -40,6 +40,7 @@ class SpecialAllpages extends IncludableSpecialPage { $this->setHeaders(); $this->outputHeader(); + $wgOut->allowClickjacking(); # GET values $from = $wgRequest->getVal( 'from', null ); diff --git a/includes/specials/SpecialCategories.php b/includes/specials/SpecialCategories.php index a649eafd..eb49fdbc 100644 --- a/includes/specials/SpecialCategories.php +++ b/includes/specials/SpecialCategories.php @@ -12,6 +12,7 @@ function wfSpecialCategories( $par=null ) { } else { $from = $par; } + $wgOut->allowClickjacking(); $cap = new CategoryPager( $from ); $cap->doQuery(); $wgOut->addHTML( diff --git a/includes/specials/SpecialContributions.php b/includes/specials/SpecialContributions.php index 392f4332..b5d6107a 100644 --- a/includes/specials/SpecialContributions.php +++ b/includes/specials/SpecialContributions.php @@ -107,6 +107,7 @@ class SpecialContributions extends SpecialPage { '<p>' . $pager->getNavigationBar() . '</p>' ); } + $wgOut->preventClickjacking( $pager->getPreventClickjacking() ); # Show the appropriate "footer" message - WHOIS tools, etc. @@ -428,6 +429,7 @@ class ContribsPager extends ReverseChronologicalPager { public $mDefaultDirection = true; var $messages, $target; var $namespace = '', $mDb; + var $preventClickjacking = false; function __construct( $target, $namespace = false, $year = false, $month = false, $tagFilter = false ) { parent::__construct(); @@ -565,6 +567,7 @@ class ContribsPager extends ReverseChronologicalPager { if( !$row->page_is_new && $page->quickUserCan( 'rollback' ) && $page->quickUserCan( 'edit' ) ) { + $this->preventClickjacking(); $topmarktext .= ' '.$sk->generateRollback( $rev ); } } @@ -671,4 +674,11 @@ class ContribsPager extends ReverseChronologicalPager { return $this->mDb; } + protected function preventClickjacking() { + $this->preventClickjacking = true; + } + + public function getPreventClickjacking() { + return $this->preventClickjacking; + } } diff --git a/includes/specials/SpecialLinkSearch.php b/includes/specials/SpecialLinkSearch.php index 5913f4b4..70b2257a 100644 --- a/includes/specials/SpecialLinkSearch.php +++ b/includes/specials/SpecialLinkSearch.php @@ -44,8 +44,10 @@ function wfSpecialLinkSearch( $par ) { $protocol = ''; } - $self = Title::makeTitle( NS_SPECIAL, 'Linksearch' ); + $wgOut->allowClickjacking(); + $self = Title::makeTitle( NS_SPECIAL, 'Linksearch' ); + $wgOut->addWikiMsg( 'linksearch-text', '<nowiki>' . $wgLang->commaList( $wgUrlProtocols ) . '</nowiki>' ); $s = Xml::openElement( 'form', array( 'id' => 'mw-linksearch-form', 'method' => 'get', 'action' => $GLOBALS['wgScript'] ) ) . Xml::hidden( 'title', $self->getPrefixedDbKey() ) . diff --git a/includes/specials/SpecialSearch.php b/includes/specials/SpecialSearch.php index da054e02..40b28236 100644 --- a/includes/specials/SpecialSearch.php +++ b/includes/specials/SpecialSearch.php @@ -364,6 +364,7 @@ class SpecialSearch { $wgOut->setRobotPolicy( 'noindex,nofollow' ); // add javascript specific to special:search $wgOut->addScriptFile( 'search.js' ); + $wgOut->allowClickjacking(); } /** diff --git a/includes/specials/SpecialSpecialpages.php b/includes/specials/SpecialSpecialpages.php index 84ab689a..8e97f9b7 100644 --- a/includes/specials/SpecialSpecialpages.php +++ b/includes/specials/SpecialSpecialpages.php @@ -13,6 +13,7 @@ function wfSpecialSpecialpages() { $wgMessageCache->loadAllMessages(); $wgOut->setRobotPolicy( 'noindex,nofollow' ); # Is this really needed? + $wgOut->allowClickjacking(); $sk = $wgUser->getSkin(); $pages = SpecialPage::getUsablePages(); diff --git a/includes/specials/SpecialUpload.php b/includes/specials/SpecialUpload.php index 9569945d..68ee8efc 100644 --- a/includes/specials/SpecialUpload.php +++ b/includes/specials/SpecialUpload.php @@ -23,30 +23,30 @@ class SpecialUpload extends SpecialPage { } /** Misc variables **/ - protected $mRequest; // The WebRequest or FauxRequest this form is supposed to handle - protected $mSourceType; - protected $mUpload; - protected $mLocalFile; - protected $mUploadClicked; + public $mRequest; // The WebRequest or FauxRequest this form is supposed to handle + public $mSourceType; + public $mUpload; + public $mLocalFile; + public $mUploadClicked; /** User input variables from the "description" section **/ - public $mDesiredDestName; // The requested target file name - protected $mComment; - protected $mLicense; - + public $mDesiredDestName; // The requested target file name + public $mComment; + public $mLicense; + /** User input variables from the root section **/ - protected $mIgnoreWarning; - protected $mWatchThis; - protected $mCopyrightStatus; - protected $mCopyrightSource; + public $mIgnoreWarning; + public $mWatchThis; + public $mCopyrightStatus; + public $mCopyrightSource; /** Hidden variables **/ - protected $mDestWarningAck; - protected $mForReUpload; // The user followed an "overwrite this file" link - protected $mCancelUpload; // The user clicked "Cancel and return to upload form" button - protected $mTokenOk; - protected $mUploadSuccessful = false; // Subclasses can use this to determine whether a file was uploaded - + public $mDestWarningAck; + public $mForReUpload; // The user followed an "overwrite this file" link + public $mCancelUpload; // The user clicked "Cancel and return to upload form" button + public $mTokenOk; + public $mUploadSuccessful = false; // Subclasses can use this to determine whether a file was uploaded + /** Text injection points for hooks not using HTMLForm **/ public $uploadFormTextTop; public $uploadFormTextAfterSummary; diff --git a/includes/specials/SpecialVersion.php b/includes/specials/SpecialVersion.php index 7da6023e..ebc50bab 100644 --- a/includes/specials/SpecialVersion.php +++ b/includes/specials/SpecialVersion.php @@ -32,6 +32,7 @@ class SpecialVersion extends SpecialPage { $this->setHeaders(); $this->outputHeader(); + $wgOut->allowClickjacking(); $wgOut->addHTML( Xml::openElement( 'div', array( 'dir' => $wgContLang->getDir() ) ) ); |