From 420a1726413a3c218f1fbe3e3567e8640d0f11a3 Mon Sep 17 00:00:00 2001 From: "Mark A. Hershberger" Date: Sun, 18 Dec 2011 01:32:11 +0000 Subject: [PATCH] w/s --- includes/Wiki.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/includes/Wiki.php b/includes/Wiki.php index cc29e344b9..996302e231 100644 --- a/includes/Wiki.php +++ b/includes/Wiki.php @@ -163,14 +163,14 @@ class MediaWiki { // We will check again in Article::view(). $permErrors = $title->getUserPermissionsErrors( 'read', $user ); if ( count( $permErrors ) ) { - // Bug 32276: allowing the skin to generate output with $wgTitle or - // $this->context->title set to the input title would allow anonymous users to - // determine whether a page exists, potentially leaking private data. In fact, the - // curid and oldid request parameters would allow page titles to be enumerated even - // when they are not guessable. So we reset the title to Special:Badtitle before the + // Bug 32276: allowing the skin to generate output with $wgTitle or + // $this->context->title set to the input title would allow anonymous users to + // determine whether a page exists, potentially leaking private data. In fact, the + // curid and oldid request parameters would allow page titles to be enumerated even + // when they are not guessable. So we reset the title to Special:Badtitle before the // permissions error is displayed. // - // The skin mostly uses $this->context->getTitle() these days, but some extensions + // The skin mostly uses $this->context->getTitle() these days, but some extensions // still use $wgTitle. $badTitle = SpecialPage::getTitleFor( 'Badtitle' ); -- 2.20.1