CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107205
Change subject: Add editmyoptions right to a new grant
..
Add editmyoptions right to a new grant
Bug: 59981
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107279
Change subject: SECURITY: Don't normalize U+FF3C to \
..
SECURITY: Don't normalize U+FF3C to \
Bug: 58088
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107276
Change subject: SECURITY: Fix RevDel log entry information leaks
..
SECURITY: Fix RevDel log entry information leaks
DELETED_ACTION is
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107277
Change subject: SECURITY: Return error on invalid XML for SVGs
..
SECURITY: Return error on invalid XML for SVGs
Return an error from
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107280
Change subject: SECURITY: Disallow stylesheets in svg
..
SECURITY: Disallow stylesheets in svg
Bug: 57550
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107278
Change subject: SECURITY: Disallow -o-link in styles
..
SECURITY: Disallow -o-link in styles
Opera will execute javascript from -o-link css
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107294
Change subject: SECURITY: Return error on invalid XML for SVGs
..
SECURITY: Return error on invalid XML for SVGs
Return an error from
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107296
Change subject: SECURITY: Don't normalize U+FF3C to \
..
SECURITY: Don't normalize U+FF3C to \
Bug: 58088
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107293
Change subject: SECURITY: Fix RevDel log entry information leaks
..
SECURITY: Fix RevDel log entry information leaks
DELETED_ACTION is
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107297
Change subject: SECURITY: Disallow stylesheets in svg
..
SECURITY: Disallow stylesheets in svg
Bug: 57550
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107295
Change subject: SECURITY: Disallow -o-link in styles
..
SECURITY: Disallow -o-link in styles
Opera will execute javascript from -o-link css
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107298
Change subject: Update Releasenotes and version number for 1.21.4
..
Update Releasenotes and version number for 1.21.4
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107304
Change subject: Update Releasenotes and version number for 1.19.10
..
Update Releasenotes and version number for 1.19.10
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107320
Change subject: SECURITY: Don't normalize U+FF3C to \
..
SECURITY: Don't normalize U+FF3C to \
Bug: 58088
Change-Id:
CSteipp has submitted this change and it was merged.
Change subject: Update Release Notes
..
Update Release Notes
Change-Id: Icc4757e167bce1c466ba3f39be65b5d2eba4482b
---
M RELEASE-NOTES-1.22
1 file changed, 5 insertions(+), 0
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107321
Change subject: Update Release Notes
..
Update Release Notes
Change-Id: Icc4757e167bce1c466ba3f39be65b5d2eba4482b
---
M RELEASE-NOTES-1.22
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107326
Change subject: SECURITY: Return error on invalid XML for SVGs
..
SECURITY: Return error on invalid XML for SVGs
Return an error from
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107327
Change subject: SECURITY: Fix RevDel log entry information leaks
..
SECURITY: Fix RevDel log entry information leaks
DELETED_ACTION is
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107325
Change subject: SECURITY: Disallow -o-link in styles
..
SECURITY: Disallow -o-link in styles
Opera will execute javascript from -o-link css
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107324
Change subject: SECURITY: Don't normalize U+FF3C to \
..
SECURITY: Don't normalize U+FF3C to \
Bug: 58088
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107329
Change subject: Fix Lua stack overflow
..
Fix Lua stack overflow
When passing many arguments or returning many values from PHP→Lua,
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107331
Change subject: Update changelog
..
Update changelog
Change-Id: Ic63a34e99e6ffd4c4a7a3aaa7954760e0437dc81
---
M debian/changelog
1 file
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107330
Change subject: Handle invalid keys in Lua-to-PHP calls for LuaSandbox
..
Handle invalid keys in Lua-to-PHP calls for LuaSandbox
PHP can't
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107334
Change subject: SECURITY: Prevent XSS by 'data-videopayload'
..
SECURITY: Prevent XSS by 'data-videopayload'
The Javascript in TMH produced
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107336
Change subject: SECURITY: Don't return username from AutoLogin
..
SECURITY: Don't return username from AutoLogin
A malicious website can
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/107991
Change subject: (WIP) Make it possible to revert back to 1.19
..
(WIP) Make it possible to revert back to 1.19
If the database was update
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/174439
Change subject: Correct returnto on Special:UserLogout
..
Correct returnto on Special:UserLogout
If you clicked the login link while on
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/175596
Change subject: API: Work around wfMangleFlashPolicy()
..
API: Work around wfMangleFlashPolicy()
The things wfMangleFlashPolicy() does to
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/175598
Change subject: Make calling wfMangleFlashPolicy configurable
..
Make calling wfMangleFlashPolicy configurable
Add $wgMangleFlashPolicy so
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/177152
Change subject: Assert lengths aren't negative
..
Assert lengths aren't negative
Change-Id: I8041f3135e2101bed015b9a6b01fde4ef8ffd681
---
M
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/174289
Change subject: Make calling wfMangleFlashPolicy configurable
..
Make calling wfMangleFlashPolicy configurable
Add $wgMangleFlashPolicy so
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/178285
Change subject: Use truncated sha256 for token hmac
..
Use truncated sha256 for token hmac
Although md5 is considered safe for hmac,
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/178715
Change subject: Make CheckUser its own role
..
Make CheckUser its own role
Split checkuser out from accountinfo.
Change-Id:
CSteipp has uploaded a new change for review.
Change subject: Add Global Rules
..
Add Global Rules
* Update rules list view to show global rules toggle, global rules
* Update rule processing to get global rules from memcache,
CSteipp has uploaded a new change for review.
Change subject: (bug 24437) Add nofollow to image link
..
(bug 24437) Add nofollow to image link
Add a rel=nofollow attribute when an image has a link param
when generating the
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/100492
Change subject: Update CentralAuth to master for wmf5
..
Update CentralAuth to master for wmf5
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/100508
Change subject: Don't redirects anons to /createSession
..
Don't redirects anons to /createSession
/createSession is still a significant
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/100698
Change subject: Update CentralAuth to master
..
Update CentralAuth to master
Change-Id: I98a4ba0ea73e68b59fce88a1a717e5381ed8c8fc
---
M
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/100714
Change subject: Update CentralAuth to master
..
Update CentralAuth to master
Change-Id: I0cf21bfaead3843c4566de30182f0210c28abd60
---
M
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95538
Change subject: SECURITY: Improve css javascript detection
..
SECURITY: Improve css javascript detection
* Forbid vertical tabs
* Convert
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95540
Change subject: Update Releasenotes and version number for 1.19.9
..
Update Releasenotes and version number for 1.19.9
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95539
Change subject: SECURITY: Don't cache when a call could autocreate
..
SECURITY: Don't cache when a call could autocreate
Fixes for
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95543
Change subject: SECURITY: Don't cache when a call could autocreate
..
SECURITY: Don't cache when a call could autocreate
Fixes for
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95542
Change subject: SECURITY: Improve css javascript detection
..
SECURITY: Improve css javascript detection
* Forbid vertical tabs
* Convert
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95544
Change subject: Update Releasenotes and version number for 1.20.8
..
Update Releasenotes and version number for 1.20.8
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95545
Change subject: SECURITY: Improve css javascript detection
..
SECURITY: Improve css javascript detection
* Forbid vertical tabs
* Convert
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95547
Change subject: Update Releasenotes and version number for 1.21.3
..
Update Releasenotes and version number for 1.21.3
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95546
Change subject: SECURITY: Don't cache when a call could autocreate
..
SECURITY: Don't cache when a call could autocreate
Fixes for
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95551
Change subject: SECURITY: Don't show deleted usernames
..
SECURITY: Don't show deleted usernames
Remove the username and javascript links
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95557
Change subject: SECURITY: Improve css javascript detection
..
SECURITY: Improve css javascript detection
* Forbid vertical tabs
* Convert
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95558
Change subject: SECURITY: Don't cache when a call could autocreate
..
SECURITY: Don't cache when a call could autocreate
Fixes for
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/95701
Change subject: Include useoauth in UserIsEveryoneAllowed rights
..
Include useoauth in UserIsEveryoneAllowed rights
Return true for
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/96317
Change subject: Remove https redirect from CentralAutoLogin
..
Remove https redirect from CentralAutoLogin
Partial revert of
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/96402
Change subject: Update OAuth to master
..
Update OAuth to master
Change-Id: I34c61acc027cd74162cab4794f61ca92955a2968
---
M extensions/OAuth
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/96894
Change subject: Add site-wide privacy link
..
Add site-wide privacy link
Bug: 55704
Change-Id: I4f5888cb5b8c08b41742f68cf29149a939cb4fe0
---
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/96890
Change subject: Enable OAuth on all wikis
..
Enable OAuth on all wikis
Bug: 55679
Change-Id: I92f8d6176869ecd7d6ff4798f4786e570af49566
---
M
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/93121
Change subject: Improve user-facing error messages
..
Improve user-facing error messages
For error messages that will be seen by users, add
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/93521
Change subject: Remove redaction handling
..
Remove redaction handling
Since I3d570a6385f96a606e1af53c50faa03b9ebacd38, this is no longer
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/93859
Change subject: Add OAuth identify method
..
Add OAuth identify method
Allow OAuth Consumers to get a signed JWT about the user who
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/93860
Change subject: Fix SpecialPage name for api
..
Fix SpecialPage name for api
MWOAuthAPISetup::getOAuthAccessToken specifically excludes
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/93901
Change subject: Link rights to OAuth/grants instead of tooltips
..
Link rights to OAuth/grants instead of tooltips
Link each grant to the
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/93918
Change subject: More UX changes
..
More UX changes
Bug: 56014
Change-Id: I064964b8a8ceb857341b962e93f8405d3d195e02
---
M
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/94405
Change subject: Reuse more understandable message
..
Reuse more understandable message
Reuse the more understandable
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/94416
Change subject: Add hook to override message
..
Add hook to override message
Allow the site configuration (via hook) to override a message
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/94425
Change subject: Update i18n from TWN comments
..
Update i18n from TWN comments
Bug: 55680
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/94458
Change subject: Update Gender
..
Update Gender
Bug: 55680
Change-Id: I57ccd7d3bd1cd978a1ff005de09859c380753c1c
---
M
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/102592
Change subject: Add OAuth as a role
..
Add OAuth as a role
Install Extension:OAuth with needed permissions
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/91199
Change subject: Fix error message for recycled passwords
..
Fix error message for recycled passwords
Users are getting the generic Abort
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/91329
Change subject: Utility function to get central id from username
..
Utility function to get central id from username
Fixes TODO from gerrit
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/91331
Change subject: Implement OAuth hook to get userid from username
..
Implement OAuth hook to get userid from username
Implements hook from
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/91806
Change subject: Improve wiki selection
..
Improve wiki selection
* Except domain names in wiki form
* Add a dropdown for All wikis, Current
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/92037
Change subject: Password Expiration
..
Password Expiration
Add functionality to expire users' passwords:
* Adds column to the user table to
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/104666
Change subject: Central OAuth wiki for Labs (metawiki)
..
Central OAuth wiki for Labs (metawiki)
Add metawiki as the central oauth wiki in
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/105233
Change subject: Add tooltip by disabled Basic rights checkbox
..
Add tooltip by disabled Basic rights checkbox
Explain to users why they
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/105411
Change subject: Remove grant management sister-project warning
..
Remove grant management sister-project warning
Bug: 56941
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/105418
Change subject: Fix typo in Release Notes
..
Fix typo in Release Notes
Change-Id: I5b9728f3c4ce2bf53b06f2d5d0121205ccb4d5b2
---
M
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110646
Change subject: Add Whirlpool using the password api
..
Add Whirlpool using the password api
Demonstration of adding Whirlpool as a hashing
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/112055
Change subject: Change spaces to tabs
..
Change spaces to tabs
Per Siebrand's comment on
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110069
Change subject: SECURITY: Sanitize shell command args
..
SECURITY: Sanitize shell command args
Add validation and sanitization to several
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110070
Change subject: Update Release Notes and Version number
..
Update Release Notes and Version number
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110071
Change subject: SECURITY: Sanitize shell command args
..
SECURITY: Sanitize shell command args
Add validation and sanitization to several
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110072
Change subject: Update release notes and version number
..
Update release notes and version number
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110075
Change subject: Update release notes and version number
..
Update release notes and version number
Change-Id:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110074
Change subject: Sanitize shell command args
..
Sanitize shell command args
Add validation and sanitization to several code paths.
Bug:
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110080
Change subject: SECURITY: Escape all shell arguments
..
SECURITY: Escape all shell arguments
Ensure all shell arguments are escaped
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110081
Change subject: SECURITY: Escape all shell arguments
..
SECURITY: Escape all shell arguments
Ensure all shell arguments are escaped
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110082
Change subject: SECURITY: Escape all shell arguments
..
SECURITY: Escape all shell arguments
Ensure all shell arguments are escaped
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110215
Change subject: SECURITY: Sanitize shell command args
..
SECURITY: Sanitize shell command args
Add validation and sanitization to several
CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110423
Change subject: SECURITY: Escape all shell arguments
..
SECURITY: Escape all shell arguments
Ensure all shell arguments are escaped
CSteipp has uploaded a new change for review.
Change subject: (bug 35839) Check permisions for revdel blocks
..
(bug 35839) Check permisions for revdel blocks
If a block includes the Hide username to revdel the username, check
CSteipp has uploaded a new change for review.
Change subject: (bug 39180) Set x-frame-options='DENY' for api
..
(bug 39180) Set x-frame-options='DENY' for api
By default, set the x-frame-options header for api result pages
to
CSteipp has uploaded a new change for review.
Change subject: (bug 39184) LDAP password leakage
..
(bug 39184) LDAP password leakage
Change-Id: Ie41bed7ecf5390f8815128c227bae371880a6058
---
M includes/AuthPlugin.php
M
CSteipp has uploaded a new change for review.
Change subject: (bug 39700) html injection fix
..
(bug 39700) html injection fix
Change-Id: I0e5f9eeb1f3561b1354aecced74f68ae2fa20dfa
---
M includes/Linker.php
M
CSteipp has uploaded a new change for review.
Change subject: (bug 38333) Check global blocks on account create
..
(bug 38333) Check global blocks on account create
Before displaying an account creation form, checks against
CSteipp has uploaded a new change for review.
Change subject: (bug 37587) Enforce language codes to be html safe
..
(bug 37587) Enforce language codes to be html safe
Fixes bug 37587 and many other issues which
might or might
CSteipp has uploaded a new change for review.
Change subject: (bug 39180) Set x-frame-options='DENY' for api
..
(bug 39180) Set x-frame-options='DENY' for api
By default, set the x-frame-options header for api result pages
to
CSteipp has uploaded a new change for review.
Change subject: (bug 39184) LDAP password leakage
..
(bug 39184) LDAP password leakage
Change-Id: Ie41bed7ecf5390f8815128c227bae371880a6058
---
M includes/AuthPlugin.php
M
CSteipp has uploaded a new change for review.
Change subject: (bug 35839) Check permisions for revdel blocks
..
(bug 35839) Check permisions for revdel blocks
If a block includes the Hide username to revdel the username, check
CSteipp has uploaded a new change for review.
Change subject: (Bug 39700) Fix for html injection
..
(Bug 39700) Fix for html injection
Change-Id: Ia3b6098b707ba50fe9298196f321656d1fafe585
---
M includes/Linker.php
M
CSteipp has uploaded a new change for review.
Change subject: (bug 38333) Check global blocks on account create
..
(bug 38333) Check global blocks on account create
Change-Id: I06a44a5b93e24ef2f9e4f17b8a3b2e2872bbe74e
---
M
1 - 100 of 655 matches
Mail list logo