Wikinaut has submitted this change and it was merged.
Change subject: (bug 44293) Fix URL generation when $wgServer is
protocol-relative.
......................................................................
(bug 44293) Fix URL generation when $wgServer is protocol-relative.
$wgServer can be protocol-relative, which causes invalid
URLs to be provided to OpenID providers and consumers.
This fixes the calls to Title::getFullURL to make sure
all URLs have a scheme.
bump to version 3.32
Change-Id: I087a6eeeec1ea2206968e0cabb83b62c4275d570
---
M CHANGES
M OpenID.php
M SpecialOpenID.body.php
M SpecialOpenIDIdentifier.body.php
M SpecialOpenIDServer.body.php
M SpecialOpenIDXRDS.body.php
6 files changed, 27 insertions(+), 21 deletions(-)
Approvals:
Wikinaut: Verified; Looks good to me, approved
jenkins-bot: Checked
diff --git a/CHANGES b/CHANGES
index b0cdc0b..2e7f25a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,7 @@
CHANGES
=======
+3.32 20130525 bug 44293 fix URL generation when $wgServer is
protocol-relative
3.311 20130514 bug 44849 retina icons: renewed OpenID logo; rescaled the other
large provider icons
3.31 20130508 removal of dead openid provider logos (Vox, Vidoop)
diff --git a/OpenID.php b/OpenID.php
index 7b7efdd..44682ce 100644
--- a/OpenID.php
+++ b/OpenID.php
@@ -29,7 +29,7 @@
exit( 1 );
}
-define( 'MEDIAWIKI_OPENID_VERSION', '3.311 20130514' );
+define( 'MEDIAWIKI_OPENID_VERSION', '3.32 20130525' );
$path = dirname( __FILE__ );
set_include_path( implode( PATH_SEPARATOR, array( $path ) ) . PATH_SEPARATOR .
get_include_path() );
diff --git a/SpecialOpenID.body.php b/SpecialOpenID.body.php
index 2a44f9c..ed7343e 100644
--- a/SpecialOpenID.body.php
+++ b/SpecialOpenID.body.php
@@ -122,7 +122,7 @@
# If it's got an iw, return that
if ( !is_null( $nt ) && !is_null( $nt->getInterwiki() )
&& strlen( $nt->getInterwiki() ) > 0 ) {
- return $nt->getFullUrl();
+ return $nt->getFullUrl( '', false, PROTO_CANONICAL );
} else {
return $openid_url;
}
@@ -201,9 +201,9 @@
* @return bool
*/
function isLocalUrl( $url ) {
- global $wgServer, $wgArticlePath;
+ global $wgCanonicalServer, $wgArticlePath;
- $pattern = $wgServer . $wgArticlePath;
+ $pattern = $wgCanonicalServer . $wgArticlePath;
$pattern = str_replace( '$1', '(.*)', $pattern );
$pattern = str_replace( '?', '\?', $pattern );
@@ -239,8 +239,8 @@
if ( !is_null( $wgOpenIDTrustRoot ) ) {
$trust_root = $wgOpenIDTrustRoot;
} else {
- global $wgScriptPath, $wgServer;
- $trust_root = $wgServer . $wgScriptPath;
+ global $wgScriptPath, $wgCanonicalServer;
+ $trust_root = $wgCanonicalServer . $wgScriptPath;
}
wfSuppressWarnings();
@@ -397,7 +397,6 @@
* @return string
*/
function scriptUrl( $par = false ) {
- global $wgServer, $wgScript;
if ( !is_object( $par ) ) {
$nt = $this->getTitle( $par );
@@ -405,12 +404,13 @@
$nt = $par;
}
- if ( !is_null( $nt ) ) {
- $dbkey = wfUrlencode( $nt->getPrefixedDBkey() );
- return "{$wgServer}{$wgScript}?title={$dbkey}";
- } else {
+ if ( $nt === null ) {
return '';
}
+
+ // adding a dummy parameter forces a canonical url which we need
+ return $nt->getFullURL( array( 'dummy' => 'x'), false,
PROTO_CANONICAL );
+
}
protected function setupSession() {
diff --git a/SpecialOpenIDIdentifier.body.php b/SpecialOpenIDIdentifier.body.php
index 92f59d2..261667f 100644
--- a/SpecialOpenIDIdentifier.body.php
+++ b/SpecialOpenIDIdentifier.body.php
@@ -71,7 +71,7 @@
&& !$wgOpenIDAllowServingOpenIDUserAccounts )
) {
$serverTitle = SpecialPage::getTitleFor(
'OpenIDServer' );
- $serverUrl = $serverTitle->getFullURL();
+ $serverUrl = $serverTitle->getFullURL( '',
false, PROTO_CANONICAL );
$wgOut->addLink( array( 'rel' =>
'openid.server', 'href' => $serverUrl ) );
$wgOut->addLink( array( 'rel' =>
'openid2.provider', 'href' => $serverUrl ) );
if ( $delegate ) {
@@ -80,7 +80,7 @@
$wgOut->addLink( array( 'rel' =>
'openid2.local_id', 'href' => $local_identity ) );
}
$rt = SpecialPage::getTitleFor( 'OpenIDXRDS',
$user->getName() );
- $xrdsUrl = $rt->getFullURL();
+ $xrdsUrl = $rt->getFullURL( '', false,
PROTO_CANONICAL );
$wgOut->addMeta( 'http:X-XRDS-Location',
$xrdsUrl );
header( 'X-XRDS-Location: ' . $xrdsUrl );
diff --git a/SpecialOpenIDServer.body.php b/SpecialOpenIDServer.body.php
index cff5265..5ccc771 100644
--- a/SpecialOpenIDServer.body.php
+++ b/SpecialOpenIDServer.body.php
@@ -84,7 +84,7 @@
) );
$rt = SpecialPage::getTitleFor( 'OpenIDXRDS',
$wgOpenIDIdentifierSelect );
- $xrdsUrl = $rt->getFullURL( '', false, PROTO_CURRENT );
+ $xrdsUrl = $rt->getFullURL( '', false, PROTO_CANONICAL
);
$out->addMeta( 'http:X-XRDS-Location', $xrdsUrl );
$this->getRequest()->response()->header(
'X-XRDS-Location: ' . $xrdsUrl );
@@ -229,7 +229,7 @@
function Url() {
$nt = SpecialPage::getTitleFor( 'OpenIDServer' );
if ( isset( $nt ) ) {
- return $nt->getFullURL();
+ return $nt->getFullURL( '', false, PROTO_CANONICAL );
} else {
return null;
}
@@ -270,7 +270,7 @@
$local_identity = str_replace( '{ID}', $user->getID(),
$wgOpenIDIdentifiersURL );
} else {
$local_identity = SpecialPage::getTitleFor(
'OpenIDIdentifier', $user->getID() );
- $local_identity = $local_identity->getFullURL();
+ $local_identity = $local_identity->getFullURL( '',
false, PROTO_CANONICAL );
}
return $local_identity;
@@ -354,7 +354,7 @@
);
$title = SpecialPage::getTitleFor( 'Userlogin'
);
- $url = $title->getFullURL( $query, false,
PROTO_CURRENT );
+ $url = $title->getFullURL( $query, false,
PROTO_CANONICAL );
$wgOut->redirect( $url );
return null;
}
@@ -913,6 +913,11 @@
# it must start with our server, case doesn't matter
+ // Remove the protocol if $wgServer is protocol-relative.
+ if ( substr( $wgServer, 0, 2 ) == '//' ) {
+ $url = substr( $url, strpos( $url, ':' ) + 1 );
+ }
+
if ( strpos( strtolower( $url ), strtolower( $wgServer ) ) !==
0 ) {
return null;
}
@@ -955,6 +960,6 @@
* @return String
*/
function serverUrl() {
- return $this->getTitle()->getFullURL( '', false, PROTO_CURRENT
);
+ return $this->getTitle()->getFullURL( '', false,
PROTO_CANONICAL );
}
}
diff --git a/SpecialOpenIDXRDS.body.php b/SpecialOpenIDXRDS.body.php
index 097f4d2..37da01d 100644
--- a/SpecialOpenIDXRDS.body.php
+++ b/SpecialOpenIDXRDS.body.php
@@ -80,14 +80,14 @@
if ( $user && $user->getID() != 0 ) {
$user_title = $user->getUserPage();
- $user_url = $user_title->getFullURL();
+ $user_url = $user_title->getFullURL( '', false,
PROTO_CANONICAL );
} else {
$user_url = "";
}
// Generate the OpenID server endpoint URL.
$server_title = SpecialPage::getTitleFor( 'OpenIDServer' );
- $server_url = $server_title->getFullURL();
+ $server_url = $server_title->getFullURL( '', false,
PROTO_CANONICAL );
// Define array of Yadis services to be included in
// the XRDS output.
@@ -137,4 +137,4 @@
)
);
}
-}
\ No newline at end of file
+}
--
To view, visit https://gerrit.wikimedia.org/r/45474
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I087a6eeeec1ea2206968e0cabb83b62c4275d570
Gerrit-PatchSet: 16
Gerrit-Project: mediawiki/extensions/OpenID
Gerrit-Branch: master
Gerrit-Owner: Parent5446 <[email protected]>
Gerrit-Reviewer: Jeroen De Dauw <[email protected]>
Gerrit-Reviewer: Parent5446 <[email protected]>
Gerrit-Reviewer: Ryan Lane <[email protected]>
Gerrit-Reviewer: Wikinaut <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
