* @param $params Array an array with the request parameters
*/
protected function setupExternalResponse( $module, $params ) {
- // Ignore mustBePosted() for internal calls
- if ( $module->mustBePosted() && !$this->getRequest()->wasPosted() ) {
- $this->dieUsageMsg( array( 'mustbeposted', $this->mAction ) );
+ if ( !$this->getRequest()->wasPosted() && $module->mustBePosted() ) {
+ // Module requires POST. GET request might still be allowed
+ // if $wgDebugApi is true, otherwise fail.
+ $this->dieUsageMsgOrDebug( array( 'mustbeposted', $this->mAction ) );
}
// See if custom printer is used
* @param $isError bool
*/
protected function printResult( $isError ) {
+ global $wgDebugAPI;
+ if( $wgDebugAPI !== false ) {
+ $this->getResult()->setWarning( 'SECURITY WARNING: $wgDebugAPI is enabled' );
+ }
+
$this->getResult()->cleanUpUTF8();
$printer = $this->mPrinter;
$printer->profileIn();