From 2ed7bdc46d5022a92a0a53d2ac73d661ae57bd77 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Gerg=C5=91=20Tisza?= Date: Wed, 1 Aug 2018 00:19:40 +0200 Subject: [PATCH] Require editsitecss/editsitejs for editing raw messages Bug: T45646 Change-Id: Ib16db04e499ad28216ee08b8cccccf3f141e2bad --- RELEASE-NOTES-1.32 | 2 ++ docs/extension.schema.v1.json | 7 ++++++ docs/extension.schema.v2.json | 7 ++++++ includes/DefaultSettings.php | 16 ++++++++++++++ includes/Title.php | 23 ++++++++++++++++++++ includes/registration/ExtensionProcessor.php | 1 + 6 files changed, 56 insertions(+) diff --git a/RELEASE-NOTES-1.32 b/RELEASE-NOTES-1.32 index ec8c022af1..1deca12eeb 100644 --- a/RELEASE-NOTES-1.32 +++ b/RELEASE-NOTES-1.32 @@ -40,6 +40,8 @@ production. * The $wgPasswordSenderName setting, ignored since 1.23 by MediaWiki and almost all extensions, is no longer set at all. Instead, you can modify the system message `emailsender`. +* A new configuration setting, $wgRawHtmlMessages, is added, for listing + messages which are displayed as raw HTML. === New features in 1.32 === * (T112474) Generalized the ResourceLoader mechanism for overriding modules diff --git a/docs/extension.schema.v1.json b/docs/extension.schema.v1.json index c9a887dd9c..0ff169c3c2 100644 --- a/docs/extension.schema.v1.json +++ b/docs/extension.schema.v1.json @@ -668,6 +668,13 @@ "type": "string" } }, + "RawHtmlMessages": { + "type": "array", + "description": "Messages which are rendered as raw HTML", + "items": { + "type": "string" + } + }, "callback": { "type": [ "array", diff --git a/docs/extension.schema.v2.json b/docs/extension.schema.v2.json index 24212a9a54..7de5ed5f9a 100644 --- a/docs/extension.schema.v2.json +++ b/docs/extension.schema.v2.json @@ -690,6 +690,13 @@ "type": "string" } }, + "RawHtmlMessages": { + "type": "array", + "description": "Messages which are rendered as raw HTML", + "items": { + "type": "string" + } + }, "callback": { "type": [ "array", diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 9b0899d96b..ea368bc6b5 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -8845,6 +8845,22 @@ $wgCSPHeader = false; */ $wgCSPReportOnlyHeader = false; +/** + * List of messages which might contain raw HTML. + * Extensions should add their messages here. The list is used for access control: + * changing messages listed here will require editsitecss and editsitejs rights. + * + * @since 1.32 + * @var string[] + */ +$wgRawHtmlMessages = [ + 'copyright', + 'history_copyright', + 'googlesearch', + 'feedback-terms', + 'feedback-termsofuse', +]; + /** * Mapping of event channels (or channel categories) to EventRelayer configuration. * diff --git a/includes/Title.php b/includes/Title.php index c919b18856..96176f6203 100644 --- a/includes/Title.php +++ b/includes/Title.php @@ -1480,6 +1480,22 @@ class Title implements LinkTarget { ); } + /** + * Is this a message which can contain raw HTML? + * + * @return bool + * @since 1.32 + */ + public function isRawHtmlMessage() { + global $wgRawHtmlMessages; + + if ( $this->inNamespace( NS_MEDIAWIKI ) ) { + return false; + } + $message = lcfirst( $this->getRootText() ); + return in_array( $message, $wgRawHtmlMessages, true ); + } + /** * Is this a talk page of some sort? * @@ -2392,6 +2408,13 @@ class Title implements LinkTarget { $error = [ 'sitejsonprotected', $action ]; } elseif ( $this->isSiteJsConfigPage() && !$user->isAllowed( 'editsitejs' ) ) { $error = [ 'sitejsprotected', $action ]; + } elseif ( $this->isRawHtmlMessage() ) { + // Raw HTML can be used to deploy CSS or JS so require rights for both. + if ( !$user->isAllowed( 'editsitejs' ) ) { + $error = [ 'sitejsprotected', $action ]; + } elseif ( !$user->isAllowed( 'editsitecss' ) ) { + $error = [ 'sitecssprotected', $action ]; + } } if ( $error ) { diff --git a/includes/registration/ExtensionProcessor.php b/includes/registration/ExtensionProcessor.php index bf617792a9..eb56e1365e 100644 --- a/includes/registration/ExtensionProcessor.php +++ b/includes/registration/ExtensionProcessor.php @@ -45,6 +45,7 @@ class ExtensionProcessor implements Processor { 'MediaHandlers', 'PasswordPolicy', 'RateLimits', + 'RawHtmlMessages', 'RecentChangesFlags', 'RemoveCredentialsBlacklist', 'RemoveGroups', -- 2.20.1