From 6380cadedc572056c16179a402de4a92b3300212 Mon Sep 17 00:00:00 2001
From: Aryeh Gregor <ayg@aryeh.name>
Date: Mon, 6 Aug 2018 19:54:04 +0300
Subject: [PATCH] Do not return invalid hash from ApiStashEdit

If we were rate-limited, we don't store a new hash, so we shouldn't
return a new one.  If we received a hash from the client, however, that
should still be valid, so we can return it.

Change-Id: Ifc37ae044172b8838fee15d539b076a0d0f02f22
---
 includes/api/ApiStashEdit.php | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/includes/api/ApiStashEdit.php b/includes/api/ApiStashEdit.php
index bf956dcbec..e8318c2d3e 100644
--- a/includes/api/ApiStashEdit.php
+++ b/includes/api/ApiStashEdit.php
@@ -151,14 +151,13 @@ class ApiStashEdit extends ApiBase {
 		$stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
 		$stats->increment( "editstash.cache_stores.$status" );
 
-		$this->getResult()->addValue(
-			null,
-			$this->getModuleName(),
-			[
-				'status' => $status,
-				'texthash' => $textHash
-			]
-		);
+		$ret = [ 'status' => $status ];
+		// If we were rate-limited, we still return the pre-existing valid hash if one was passed
+		if ( $status !== 'ratelimited' || $params['stashedtexthash'] !== null ) {
+			$ret['texthash'] = $textHash;
+		}
+
+		$this->getResult()->addValue( null, $this->getModuleName(), $ret );
 	}
 
 	/**
-- 
2.20.1