dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 93ba0cc) | patch
SECURITY: Do not directly redirect to interwikis, but use splash page
authorBrian Wolff <bawolff+wn@gmail.com>
Sun, 7 Feb 2016 13:07:20 +0000 (08:07 -0500)
committerChad Horohoe <chadh@wikimedia.org>
Thu, 6 Apr 2017 20:42:38 +0000 (13:42 -0700)
commit14beae88b5d8d71f291befa2839c1c72d02ede20
treedc9437e395fe596f16dd3cc0cad19e86b2bad708tree | snapshot
parent93ba0cc7354e24dc9a9e470eb5628d8b41864024commit | diff
SECURITY: Do not directly redirect to interwikis, but use splash page

Directly redirecting based on a url paramter might potentially
be used in a phishing attack to confuse users.

Bug: T109140
Bug: T122209
Change-Id: I6c604439320fa876719933cc7f3a3ff04fb1a6ad
16 files changed:
RELEASE-NOTES-1.29 diff | blob | history
autoload.php diff | blob | history
includes/OutputPage.php diff | blob | history
includes/Title.php diff | blob | history
includes/specialpage/RedirectSpecialPage.php diff | blob | history
includes/specialpage/SpecialPageFactory.php diff | blob | history
includes/specials/SpecialChangeCredentials.php diff | blob | history
includes/specials/SpecialChangeEmail.php diff | blob | history
includes/specials/SpecialGoToInterwiki.php [new file with mode: 0644] blob
includes/specials/SpecialPageLanguage.php diff | blob | history
includes/specials/SpecialPreferences.php diff | blob | history
includes/specials/SpecialSearch.php diff | blob | history
includes/specials/helpers/LoginHelper.php diff | blob | history
languages/i18n/en.json diff | blob | history
languages/i18n/qqq.json diff | blob | history
languages/messages/MessagesEn.php diff | blob | history
Wiklou, le Wiki du Wiklou