https://bugzilla.wikimedia.org/show_bug.cgi?id=43137
Web browser: ---
Bug ID: 43137
Summary: The API should not return the SHA1 for revisions with
the DELETED_TEXT attribute
Product: MediaWiki
Version: 1.21-git
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: API
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected],
[email protected], [email protected]
Classification: Unclassified
Mobile Platform: ---
Querying the API with action=query&prop=revisions&rvprop=sha1 returns the SHA1
even for revisions whose content is hidden, for any user.
Example:
http://fr.wikipedia.org/w/api.php?action=query&prop=revisions&revids=86537049&rvprop=content|sha1|comment
I think this should not be the case: a revision might be hidden because of a
very short string (first name of the contributor, phone number...). In this
case it is possible to recover the hidden content from the SHA1 and the text of
the next revision.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
