=== New features in 1.20 ===
* Added TitleIsKnown hook which gets called when determining if a page exists.
+* (bug 32341) Add upload by URL domain limitation.
=== Bug fixes in 1.20 ===
* (bug 30245) Use the correct way to construct a log page title.
* This feature is experimental and broken as of r81612.
*/
$wgAllowAsyncCopyUploads = false;
+/**
+ * A list of domains copy uploads can come from
+ */
+$wgCopyUploadsDomains = array();
/**
* Max size for uploads, in bytes. If not set to an array, applies to all
'nouploadmodule' => array( 'code' => 'nouploadmodule', 'info' => 'No upload module set' ),
'uploaddisabled' => array( 'code' => 'uploaddisabled', 'info' => 'Uploads are not enabled. Make sure $wgEnableUploads is set to true in LocalSettings.php and the PHP ini setting file_uploads is true' ),
'copyuploaddisabled' => array( 'code' => 'copyuploaddisabled', 'info' => 'Uploads by URL is not enabled. Make sure $wgAllowCopyUploads is set to true in LocalSettings.php.' ),
+ 'copyuploadbaddomain' => array( 'code' => 'copyuploadbaddomain', 'info' => 'Uploads by URL are not allowed from this domain.' ),
'filename-tooshort' => array( 'code' => 'filename-tooshort', 'info' => 'The filename is too short' ),
'filename-toolong' => array( 'code' => 'filename-toolong', 'info' => 'The filename is too long' ),
$this->dieUsageMsg( 'copyuploaddisabled' );
}
+ if ( !UploadFromUrl::isAllowedHost( $this->mParams['url'] ) ) {
+ $this->dieUsageMsg( 'copyuploadbaddomain' );
+ }
+
$async = false;
if ( $this->mParams['asyncdownload'] ) {
$this->checkAsyncDownloadEnabled();
return $wgAllowCopyUploads && parent::isEnabled();
}
+ /**
+ * Checks whether the URL is for an allowed host
+ *
+ * @param $url string
+ * @return bool
+ */
+ public static function isAllowedHost( $url ) {
+ global $wgCopyUploadsDomains;
+ if ( !count( $wgCopyUploadsDomains ) ) {
+ return true;
+ }
+ $valid = false;
+ $parsedUrl = wfParseUrl( $url );
+ foreach( $wgCopyUploadsDomains as $domain ) {
+ if ( $parsedUrl['host'] === $domain ) {
+ $valid = true;
+ break;
+ }
+ }
+ return $valid;
+ }
+
/**
* Entry point for API upload
*
return Status::newFatal( 'http-invalid-url' );
}
+ if( !self::isAllowedHost( $this->mUrl ) ) {
+ return Status::newFatal( 'upload-copy-upload-invalid-domain' );
+ }
if ( !$this->mAsync ) {
return $this->reallyFetchFile();
}
'upload-too-many-redirects' => 'The URL contained too many redirects',
'upload-unknown-size' => 'Unknown size',
'upload-http-error' => 'An HTTP error occured: $1',
+'upload-copy-upload-invalid-domain' => 'Copy uploads are not available from this domain.',
# File backend
'backend-fail-stream' => 'Could not stream file $1.',
'upload-too-many-redirects',
'upload-unknown-size',
'upload-http-error',
+ 'upload-copy-upload-invalid-domain',
),
'filebackend-errors' => array(