Aaron Schulz has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/363753 )
Change subject: Avoid high edit stash TTLs when a user signature was used ...................................................................... Avoid high edit stash TTLs when a user signature was used This adds a new ParserOuput user-signature tracking flag. Bug: T84843 Change-Id: I77de05849c15e17ee2b9b31b34172f4b6a49a38e --- M includes/api/ApiStashEdit.php M includes/parser/Parser.php 2 files changed, 17 insertions(+), 6 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/53/363753/1 diff --git a/includes/api/ApiStashEdit.php b/includes/api/ApiStashEdit.php index c7a00c6..d03fca8 100644 --- a/includes/api/ApiStashEdit.php +++ b/includes/api/ApiStashEdit.php @@ -44,6 +44,7 @@ const PRESUME_FRESH_TTL_SEC = 30; const MAX_CACHE_TTL = 300; // 5 minutes + const MAX_SIGNATURE_TTL = 60; public function execute() { $user = $this->getUser(); @@ -391,6 +392,12 @@ // Put an upper limit on the TTL for sanity to avoid extreme template/file staleness. $since = time() - wfTimestamp( TS_UNIX, $parserOutput->getTimestamp() ); $ttl = min( $parserOutput->getCacheExpiry() - $since, self::MAX_CACHE_TTL ); + + // Avoid extremely stale user signature timestamps (T84843) + if ( $parserOutput->getFlag( 'user-signature' ) ) { + $ttl = min( $ttl, self::MAX_SIGNATURE_TTL ); + } + if ( $ttl <= 0 ) { return [ null, 0, 'no_ttl' ]; } diff --git a/includes/parser/Parser.php b/includes/parser/Parser.php index 9ea65e0..4a78ff8 100644 --- a/includes/parser/Parser.php +++ b/includes/parser/Parser.php @@ -4502,12 +4502,16 @@ # which may corrupt this parser instance via its wfMessage()->text() call- # Signatures - $sigText = $this->getUserSig( $user ); - $text = strtr( $text, [ - '~~~~~' => $d, - '~~~~' => "$sigText $d", - '~~~' => $sigText - ] ); + if ( strpos( $text, '~~~' ) !== false ) { + $sigText = $this->getUserSig( $user ); + $text = strtr( $text, [ + '~~~~~' => $d, + '~~~~' => "$sigText $d", + '~~~' => $sigText + ] ); + # The main two signature forms used above are time-sensitive + $this->mOutput->setFlag( 'user-signature' ); + } # Context links ("pipe tricks"): [[|name]] and [[name (context)|]] $tc = '[' . Title::legalChars() . ']'; -- To view, visit https://gerrit.wikimedia.org/r/363753 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I77de05849c15e17ee2b9b31b34172f4b6a49a38e Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Aaron Schulz <asch...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits