1 files changed, 10 insertions, 0 deletions

diff --git a/includes/specials/SpecialUserlogout.php b/includes/specials/SpecialUserlogout.php
index 3d497bd7..e23df612 100644
--- a/includes/specials/SpecialUserlogout.php
+++ b/includes/specials/SpecialUserlogout.php
@@ -10,6 +10,16 @@
 function wfSpecialUserlogout() {
 	global $wgUser, $wgOut;
 
+	/**
+	 * Some satellite ISPs use broken precaching schemes that log people out straight after
+	 * they're logged in (bug 17790). Luckily, there's a way to detect such requests.
+	 */
+	if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], '&' ) !== false ) {
+		wfDebug( "Special:Userlogout request {$_SERVER['REQUEST_URI']} looks suspicious, denying.\n" );
+		wfHttpError( 400, wfMsg( 'loginerror' ), wfMsg( 'suspicious-userlogout' ) );
+		return;
+	}
+	
 	$oldName = $wgUser->getName();
 	$wgUser->logout();
 	$wgOut->setRobotPolicy( 'noindex,nofollow' );