adds a defense-in-depth feature to stop an attacker who has found a bug in
the parser allowing them to insert malicious attributes. Disabled by default,
you can configure this via $wgCSPHeader and $wgCSPReportOnlyHeader.
+* New configuration variable has been added: $wgCookieSetOnIpBlock.
+ This determines whether to set a cookie when an IP user is blocked. Doing so means
+ that a blocked user, even after moving to a new IP address, will still be blocked.
=== New features in 1.32 ===
* (T112474) Generalized the ResourceLoader mechanism for overriding modules
* Added 'ApiParseMakeOutputPage' hook.
* (T174313) Added checkbox on Special:ListUsers to display only users in
temporary user groups.
+* (T152462) A cookie can now be set when an IP user is blocked to track that user if
+ they move to a new IP address. This is disabled by default.
=== External library changes in 1.32 ===
* …
any HTMLForm object rather than PreferencesForm.
* The non namespaced TimestampException class, deprecated in 1.29, was removed.
Use Wikimedia\Timestamp\TimestampException instead.
+* The global functions codepointToUtf8, hexSequenceToUtf8, utf8ToHexSequence,
+ utf8ToCodepoint, and escapeSingleString (deprecated in 1.25) were removed.
+ The UtfNormal\Utils class from the utfnormal library should be used instead.
+* The deprecated UTF8_ and UNICODE_ constants were removed. The class constants
+ from the UtfNormal\Constants class from the utfnormal library should be used
=== Deprecations in 1.32 ===
* Use of a StartProfiler.php file is deprecated in favour of placing