From: Aryeh Gregor Date: Mon, 6 Nov 2006 04:38:50 +0000 (+0000) Subject: (bug 98) Prohibit corner-case where it might be possible to create a page beginning... X-Git-Tag: 1.31.0-rc.0~55274 X-Git-Url: http://git.cyclocoop.org/%7B%7B%20url_for%28%27admin_vote_add%27%29%20%7D%7D?a=commitdiff_plain;h=6980857435816ff050b9bcb5691df5a22bc02610;p=lhc%2Fweb%2Fwiklou.git (bug 98) Prohibit corner-case where it might be possible to create a page beginning with a forward slash. Patch by Werdna. --- diff --git a/RELEASE-NOTES b/RELEASE-NOTES index f5f17fb6de..fd7d96aaeb 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -146,6 +146,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN * Allow case-sensitive URLs to be used for uploading from URLs. * (bug 1109) Correct fix for compressed 304 responses when additional output buffers have been installed within the compression handler +* (bug 98) Prohibit corner-case where it might be possible to create a page + beginning with a forward slash. == Languages updated == diff --git a/includes/Title.php b/includes/Title.php index b81b63176b..55bda5c9fc 100644 --- a/includes/Title.php +++ b/includes/Title.php @@ -1551,6 +1551,16 @@ class Title { return false; } + /** + * Pages whose titles start with / can confuse webservers + * and proxies. They can be unreachable with the pretty + * URLs. Forbid them explicitly. + */ + if ( strpos( $r, '/') === 0 ) + { + return false; + } + # We shouldn't need to query the DB for the size. #$maxSize = $dbr->textFieldSize( 'page', 'page_title' ); if ( strlen( $r ) > 255 ) { @@ -2298,7 +2308,7 @@ class Title { * @deprecated use DependencyWrapper */ function getRelatedCache( $memc, $key, $expiry, $callback, $params = array() ) { - return DependencyWrapper::getValueFromCache( $memc, $key, $expiry, $callback, + return DependencyWrapper::getValueFromCache( $memc, $key, $expiry, $callback, $params, new TitleDependency( $this ) ); }