* (bug 24985) Use $wgTmpDirectory as the default temp directory so that people
who don't have access to /tmp can specify an alternative.
* (bug 27283) SqlBagOStuff breaks PostgreSQL transactions
+* (bug 35727) mw.Api ajax() should put token parameter last.
=== API changes in 1.20 ===
* (bug 34316) Add ability to retrieve maximum upload size from MediaWiki API.
* @return {jqXHR}
*/
ajax: function( parameters, ajaxOptions ) {
+ var token;
parameters = $.extend( {}, this.defaults.parameters, parameters );
ajaxOptions = $.extend( {}, this.defaults.ajax, ajaxOptions );
+ // Ensure that token parameter is last (per [[mw:API:Edit#Token]]).
+ if ( parameters.token ) {
+ token = parameters.token;
+ delete parameters.token;
+ }
// Some deployed MediaWiki >= 1.17 forbid periods in URLs, due to an IE XSS bug
// So let's escape them here. See bug #28235
// This works because jQuery accepts data as a query string or as an Object
ajaxOptions.data = $.param( parameters ).replace( /\./g, '%2E' );
-
+ // If we extracted a token parameter, add it back in.
+ if ( token ) {
+ ajaxOptions.data += '&token=' + encodeURIComponent( token );
+ }
ajaxOptions.error = function( xhr, textStatus, exception ) {
ajaxOptions.err( 'http', {
xhr: xhr,
dépôts / lhc / web / wiklou.git / commitdiff