jenkins-bot has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/355757 )
Change subject: Return 400 on invalid CSP reports
......................................................................
Return 400 on invalid CSP reports
Not really a server error since there's nothing we can do about invalid
user-provided data.
Bug: T166229
Change-Id: I87a7be32ae7e80c112be556bc13db19f11e614ca
---
M includes/api/ApiCSPReport.php
1 file changed, 2 insertions(+), 2 deletions(-)
Approvals:
Brian Wolff: Looks good to me, approved
jenkins-bot: Verified
Anomie: Looks good to me, but someone else must approve
diff --git a/includes/api/ApiCSPReport.php b/includes/api/ApiCSPReport.php
index 4139019..3a78c13 100644
--- a/includes/api/ApiCSPReport.php
+++ b/includes/api/ApiCSPReport.php
@@ -186,9 +186,9 @@
'method' => $method,
'user-agent' => $this->getRequest()->getHeader(
'user-agent' )
] );
- // 500 so it shows up in browser's developer console.
+ // Return 400 on error for user agents to display, e.g. to the
console.
$this->dieWithError(
- [ 'apierror-csp-report', wfEscapeWikiText( $code ) ],
'cspreport-' . $code, [], 500
+ [ 'apierror-csp-report', wfEscapeWikiText( $code ) ],
'cspreport-' . $code, [], 400
);
}
--
To view, visit https://gerrit.wikimedia.org/r/355757
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I87a7be32ae7e80c112be556bc13db19f11e614ca
Gerrit-PatchSet: 3
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Filippo Giunchedi <fgiunch...@wikimedia.org>
Gerrit-Reviewer: Anomie <bjor...@wikimedia.org>
Gerrit-Reviewer: Brian Wolff <bawolff...@gmail.com>
Gerrit-Reviewer: Filippo Giunchedi <fgiunch...@wikimedia.org>
Gerrit-Reviewer: Legoktm <lego...@member.fsf.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
