https://bugzilla.wikimedia.org/show_bug.cgi?id=51818
Web browser: ---
Bug ID: 51818
Summary: Commented-out CSRF check in Special:MobileOptions
Product: MediaWiki extensions
Version: master
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: MobileFrontend
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected],
[email protected], [email protected],
[email protected], [email protected],
[email protected], [email protected],
[email protected]
Classification: Unclassified
Mobile Platform: ---
if ( $request->getVal( 'token' ) != $context->getMobileToken() ) {
wfDebug( __METHOD__ . "(): token mismatch\n" );
//return; // Display something here?
}
We need to either fix it or stop creating mobile sessions and unconditionally
bypass caches for everyone who visits this page.
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
