From: Aaron Schulz Date: Sat, 1 Mar 2014 05:32:08 +0000 (-0800) Subject: Avoid API error/header leakage from jobs API X-Git-Tag: 1.31.0-rc.0~16775 X-Git-Url: http://git.cyclocoop.org/%22%20.%20generer_url_ecrire%28%22statistiques_visites%22%2C%22%22%29%20.%20%22?a=commitdiff_plain;h=df2f5dc7a6609f77ed20dcd27dd8be4e73b607f7;p=lhc%2Fweb%2Fwiklou.git Avoid API error/header leakage from jobs API * Also cleaned up some HTTP headers while at it bug: 62092 Change-Id: Ia2c1643e47aae53916c107c901cca654dc438a16 --- diff --git a/includes/Wiki.php b/includes/Wiki.php index 0f6a0b89f0..5c67e5f8e6 100644 --- a/includes/Wiki.php +++ b/includes/Wiki.php @@ -643,14 +643,8 @@ class MediaWiki { 'tasks' => 'jobs', 'maxjobs' => $n, 'sigexpiry' => time() + 5 ); $query['signature'] = ApiRunJobs::getQuerySignature( $query ); - // Slow job running method in case of API or socket functions being disabled - $fallback = function() use ( $query ) { - $api = new ApiMain( new FauxRequest( $query, true ) ); - $api->execute(); - }; - if ( !$wgEnableAPI ) { - $fallback(); + ApiRunJobs::executeJobs( $n ); // slow fallback return; } @@ -666,7 +660,7 @@ class MediaWiki { wfRestoreWarnings(); if ( !$sock ) { wfDebugLog( 'runJobs', "Failed to start cron API (socket error $errno): $errstr\n" ); - $fallback(); + ApiRunJobs::executeJobs( $n ); // slow fallback return; } @@ -684,7 +678,7 @@ class MediaWiki { // Do not wait for the response (the script should handle client aborts). // Make sure that we don't close before that script reaches ignore_user_abort(). $status = fgets( $sock ); - if ( !preg_match( '#^HTTP/\d\.\d 204 #', $status ) ) { + if ( !preg_match( '#^HTTP/\d\.\d 202 #', $status ) ) { wfDebugLog( 'runJobs', "Failed to start cron API: received '$status'\n" ); } } diff --git a/includes/api/ApiRunJobs.php b/includes/api/ApiRunJobs.php index 425c0a3d5a..e16dc5d298 100644 --- a/includes/api/ApiRunJobs.php +++ b/includes/api/ApiRunJobs.php @@ -51,21 +51,21 @@ class ApiRunJobs extends ApiBase { } if ( !$verified || $params['sigexpiry'] < time() ) { - $this->dieUsage( 'Invalid or stale signature provided', 'bad_signature', 401 ); + $this->dieUsage( 'Invalid or stale signature provided', 'bad_signature', 400 ); } // Client will usually disconnect before checking the response, // but it needs to know when it is safe to disconnect. Until this // reaches ignore_user_abort(), it is not safe as the jobs won't run. ignore_user_abort( true ); // jobs may take a bit of time - header( "HTTP/1.0 204 No Content" ); + header( "HTTP/1.0 202 Accepted" ); ob_flush(); flush(); // Once the client receives this response, it can disconnect // Do all of the specified tasks... if ( in_array( 'jobs', $params['tasks'] ) ) { - $this->executeJobs( $params ); + self::executeJobs( $params['maxjobs'] ); } } @@ -83,11 +83,13 @@ class ApiRunJobs extends ApiBase { /** * Run jobs from the job queue * - * @param array $params Request parameters + * @note: also called from Wiki.php + * + * @param integer $maxJobs Maximum number of jobs to run * @return void */ - protected function executeJobs( array $params ) { - $n = $params['maxjobs']; // number of jobs to run + public static function executeJobs( $maxJobs ) { + $n = $maxJobs; // number of jobs to run if ( $n < 1 ) { return; }