Avoid API error/header leakage from jobs API

* Also cleaned up some HTTP headers while at it

bug: 62092
Change-Id: Ia2c1643e47aae53916c107c901cca654dc438a16

diff --git a/includes/Wiki.php b/includes/Wiki.php
index 0f6a0b8..5c67e5f 100644 (file)
--- a/includes/Wiki.php
+++ b/includes/Wiki.php
@@ -643,14 +643,8 @@ class MediaWiki {
                        'tasks' => 'jobs', 'maxjobs' => $n, 'sigexpiry' => time() + 5 );
                $query['signature'] = ApiRunJobs::getQuerySignature( $query );
 
-               // Slow job running method in case of API or socket functions being disabled
-               $fallback = function() use ( $query ) {
-                       $api = new ApiMain( new FauxRequest( $query, true ) );
-                       $api->execute();
-               };
-
                if ( !$wgEnableAPI ) {
-                       $fallback();
+                       ApiRunJobs::executeJobs( $n ); // slow fallback
                        return;
                }
 
@@ -666,7 +660,7 @@ class MediaWiki {
                wfRestoreWarnings();
                if ( !$sock ) {
                        wfDebugLog( 'runJobs', "Failed to start cron API (socket error $errno): $errstr\n" );
-                       $fallback();
+                       ApiRunJobs::executeJobs( $n ); // slow fallback
                        return;
                }
 
@@ -684,7 +678,7 @@ class MediaWiki {
                        // Do not wait for the response (the script should handle client aborts).
                        // Make sure that we don't close before that script reaches ignore_user_abort().
                        $status = fgets( $sock );
-                       if ( !preg_match( '#^HTTP/\d\.\d 204 #', $status ) ) {
+                       if ( !preg_match( '#^HTTP/\d\.\d 202 #', $status ) ) {
                                wfDebugLog( 'runJobs', "Failed to start cron API: received '$status'\n" );
                        }
                }

diff --git a/includes/api/ApiRunJobs.php b/includes/api/ApiRunJobs.php
index 425c0a3..e16dc5d 100644 (file)
--- a/includes/api/ApiRunJobs.php
+++ b/includes/api/ApiRunJobs.php
@@ -51,21 +51,21 @@ class ApiRunJobs extends ApiBase {
                }
 
                if ( !$verified || $params['sigexpiry'] < time() ) {
-                       $this->dieUsage( 'Invalid or stale signature provided', 'bad_signature', 401 );
+                       $this->dieUsage( 'Invalid or stale signature provided', 'bad_signature', 400 );
                }
 
                // Client will usually disconnect before checking the response,
                // but it needs to know when it is safe to disconnect. Until this
                // reaches ignore_user_abort(), it is not safe as the jobs won't run.
                ignore_user_abort( true ); // jobs may take a bit of time
-               header( "HTTP/1.0 204 No Content" );
+               header( "HTTP/1.0 202 Accepted" );
                ob_flush();
         flush();
                // Once the client receives this response, it can disconnect
 
                // Do all of the specified tasks...
                if ( in_array( 'jobs', $params['tasks'] ) ) {
-                       $this->executeJobs( $params );
+                       self::executeJobs( $params['maxjobs'] );
                }
        }
 
@@ -83,11 +83,13 @@ class ApiRunJobs extends ApiBase {
        /**
         * Run jobs from the job queue
         *
-        * @param array $params Request parameters
+        * @note: also called from Wiki.php
+        *
+        * @param integer $maxJobs Maximum number of jobs to run
         * @return void
         */
-       protected function executeJobs( array $params ) {
-               $n = $params['maxjobs']; // number of jobs to run
+       public static function executeJobs( $maxJobs ) {
+               $n = $maxJobs; // number of jobs to run
                if ( $n < 1 ) {
                        return;
                }