summaryrefslogtreecommitdiff
path: root/includes/specials
diff options
context:
space:
mode:
Diffstat (limited to 'includes/specials')
-rw-r--r--includes/specials/SpecialAllpages.php1
-rw-r--r--includes/specials/SpecialCategories.php1
-rw-r--r--includes/specials/SpecialContributions.php10
-rw-r--r--includes/specials/SpecialLinkSearch.php4
-rw-r--r--includes/specials/SpecialSearch.php1
-rw-r--r--includes/specials/SpecialSpecialpages.php1
-rw-r--r--includes/specials/SpecialUpload.php38
-rw-r--r--includes/specials/SpecialVersion.php1
8 files changed, 37 insertions, 20 deletions
diff --git a/includes/specials/SpecialAllpages.php b/includes/specials/SpecialAllpages.php
index a36cdca7..19816dcd 100644
--- a/includes/specials/SpecialAllpages.php
+++ b/includes/specials/SpecialAllpages.php
@@ -40,6 +40,7 @@ class SpecialAllpages extends IncludableSpecialPage {
$this->setHeaders();
$this->outputHeader();
+ $wgOut->allowClickjacking();
# GET values
$from = $wgRequest->getVal( 'from', null );
diff --git a/includes/specials/SpecialCategories.php b/includes/specials/SpecialCategories.php
index a649eafd..eb49fdbc 100644
--- a/includes/specials/SpecialCategories.php
+++ b/includes/specials/SpecialCategories.php
@@ -12,6 +12,7 @@ function wfSpecialCategories( $par=null ) {
} else {
$from = $par;
}
+ $wgOut->allowClickjacking();
$cap = new CategoryPager( $from );
$cap->doQuery();
$wgOut->addHTML(
diff --git a/includes/specials/SpecialContributions.php b/includes/specials/SpecialContributions.php
index 392f4332..b5d6107a 100644
--- a/includes/specials/SpecialContributions.php
+++ b/includes/specials/SpecialContributions.php
@@ -107,6 +107,7 @@ class SpecialContributions extends SpecialPage {
'<p>' . $pager->getNavigationBar() . '</p>'
);
}
+ $wgOut->preventClickjacking( $pager->getPreventClickjacking() );
# Show the appropriate "footer" message - WHOIS tools, etc.
@@ -428,6 +429,7 @@ class ContribsPager extends ReverseChronologicalPager {
public $mDefaultDirection = true;
var $messages, $target;
var $namespace = '', $mDb;
+ var $preventClickjacking = false;
function __construct( $target, $namespace = false, $year = false, $month = false, $tagFilter = false ) {
parent::__construct();
@@ -565,6 +567,7 @@ class ContribsPager extends ReverseChronologicalPager {
if( !$row->page_is_new && $page->quickUserCan( 'rollback' )
&& $page->quickUserCan( 'edit' ) )
{
+ $this->preventClickjacking();
$topmarktext .= ' '.$sk->generateRollback( $rev );
}
}
@@ -671,4 +674,11 @@ class ContribsPager extends ReverseChronologicalPager {
return $this->mDb;
}
+ protected function preventClickjacking() {
+ $this->preventClickjacking = true;
+ }
+
+ public function getPreventClickjacking() {
+ return $this->preventClickjacking;
+ }
}
diff --git a/includes/specials/SpecialLinkSearch.php b/includes/specials/SpecialLinkSearch.php
index 5913f4b4..70b2257a 100644
--- a/includes/specials/SpecialLinkSearch.php
+++ b/includes/specials/SpecialLinkSearch.php
@@ -44,8 +44,10 @@ function wfSpecialLinkSearch( $par ) {
$protocol = '';
}
- $self = Title::makeTitle( NS_SPECIAL, 'Linksearch' );
+ $wgOut->allowClickjacking();
+ $self = Title::makeTitle( NS_SPECIAL, 'Linksearch' );
+
$wgOut->addWikiMsg( 'linksearch-text', '<nowiki>' . $wgLang->commaList( $wgUrlProtocols ) . '</nowiki>' );
$s = Xml::openElement( 'form', array( 'id' => 'mw-linksearch-form', 'method' => 'get', 'action' => $GLOBALS['wgScript'] ) ) .
Xml::hidden( 'title', $self->getPrefixedDbKey() ) .
diff --git a/includes/specials/SpecialSearch.php b/includes/specials/SpecialSearch.php
index da054e02..40b28236 100644
--- a/includes/specials/SpecialSearch.php
+++ b/includes/specials/SpecialSearch.php
@@ -364,6 +364,7 @@ class SpecialSearch {
$wgOut->setRobotPolicy( 'noindex,nofollow' );
// add javascript specific to special:search
$wgOut->addScriptFile( 'search.js' );
+ $wgOut->allowClickjacking();
}
/**
diff --git a/includes/specials/SpecialSpecialpages.php b/includes/specials/SpecialSpecialpages.php
index 84ab689a..8e97f9b7 100644
--- a/includes/specials/SpecialSpecialpages.php
+++ b/includes/specials/SpecialSpecialpages.php
@@ -13,6 +13,7 @@ function wfSpecialSpecialpages() {
$wgMessageCache->loadAllMessages();
$wgOut->setRobotPolicy( 'noindex,nofollow' ); # Is this really needed?
+ $wgOut->allowClickjacking();
$sk = $wgUser->getSkin();
$pages = SpecialPage::getUsablePages();
diff --git a/includes/specials/SpecialUpload.php b/includes/specials/SpecialUpload.php
index 9569945d..68ee8efc 100644
--- a/includes/specials/SpecialUpload.php
+++ b/includes/specials/SpecialUpload.php
@@ -23,30 +23,30 @@ class SpecialUpload extends SpecialPage {
}
/** Misc variables **/
- protected $mRequest; // The WebRequest or FauxRequest this form is supposed to handle
- protected $mSourceType;
- protected $mUpload;
- protected $mLocalFile;
- protected $mUploadClicked;
+ public $mRequest; // The WebRequest or FauxRequest this form is supposed to handle
+ public $mSourceType;
+ public $mUpload;
+ public $mLocalFile;
+ public $mUploadClicked;
/** User input variables from the "description" section **/
- public $mDesiredDestName; // The requested target file name
- protected $mComment;
- protected $mLicense;
-
+ public $mDesiredDestName; // The requested target file name
+ public $mComment;
+ public $mLicense;
+
/** User input variables from the root section **/
- protected $mIgnoreWarning;
- protected $mWatchThis;
- protected $mCopyrightStatus;
- protected $mCopyrightSource;
+ public $mIgnoreWarning;
+ public $mWatchThis;
+ public $mCopyrightStatus;
+ public $mCopyrightSource;
/** Hidden variables **/
- protected $mDestWarningAck;
- protected $mForReUpload; // The user followed an "overwrite this file" link
- protected $mCancelUpload; // The user clicked "Cancel and return to upload form" button
- protected $mTokenOk;
- protected $mUploadSuccessful = false; // Subclasses can use this to determine whether a file was uploaded
-
+ public $mDestWarningAck;
+ public $mForReUpload; // The user followed an "overwrite this file" link
+ public $mCancelUpload; // The user clicked "Cancel and return to upload form" button
+ public $mTokenOk;
+ public $mUploadSuccessful = false; // Subclasses can use this to determine whether a file was uploaded
+
/** Text injection points for hooks not using HTMLForm **/
public $uploadFormTextTop;
public $uploadFormTextAfterSummary;
diff --git a/includes/specials/SpecialVersion.php b/includes/specials/SpecialVersion.php
index 7da6023e..ebc50bab 100644
--- a/includes/specials/SpecialVersion.php
+++ b/includes/specials/SpecialVersion.php
@@ -32,6 +32,7 @@ class SpecialVersion extends SpecialPage {
$this->setHeaders();
$this->outputHeader();
+ $wgOut->allowClickjacking();
$wgOut->addHTML( Xml::openElement( 'div',
array( 'dir' => $wgContLang->getDir() ) ) );