- /**
- * Returns true if the PATH_INFO ends with an extension other than a script
- * extension. This could confuse IE for scripts that send arbitrary data which
- * is not HTML but may be detected as such.
- *
- * Various past attempts to use the URL to make this check have generally
- * run up against the fact that CGI does not provide a standard method to
- * determine the URL. PATH_INFO may be mangled (e.g. if cgi.fix_pathinfo=0),
- * but only by prefixing it with the script name and maybe some other stuff,
- * the extension is not mangled. So this should be a reasonably portable
- * way to perform this security check.
- *
- * Also checks for anything that looks like a file extension at the end of
- * QUERY_STRING, since IE 6 and earlier will use this to get the file type
- * if there was no dot before the question mark (bug 28235).
- *
- * @deprecated Use checkUrlExtension().
- *
- * @param $extWhitelist array
- *
- * @return bool
- */
- public function isPathInfoBad( $extWhitelist = array() ) {
- wfDeprecated( __METHOD__, '1.17' );
- global $wgScriptExtension;
- $extWhitelist[] = ltrim( $wgScriptExtension, '.' );
- return IEUrlExtension::areServerVarsBad( $_SERVER, $extWhitelist );
- }
-