Message formatting methods have a side effect on how string conversion
will work, which is a security problem waiting to happen:
$msg = new Message( 'foo' );
echo $msg; // parsed
echo $msg->plain();
echo $msg; // not parsed
This change logs Message -> string transformations which are
affected by a prior call in this way. The behavior will be removed
in a later patch (possibly replaced by something more explicit
if it turns out that something depends on it).
Bug: T146416
Change-Id: Id51cf6a5a937bc41a914f317e980ef42e4d385fb
* @return string
*/
public function __toString() {
+ if ( $this->format !== 'parse' ) {
+ $ex = new LogicException( __METHOD__ . ' using implicit format: ' . $this->format );
+ \MediaWiki\Logger\LoggerFactory::getInstance( 'message-format' )->warning(
+ $ex->getMessage(), [ 'exception' => $ex, 'format' => $this->format, 'key' => $this->key ] );
+ }
+
// PHP doesn't allow __toString to throw exceptions and will
// trigger a fatal error if it does. So, catch any exceptions.