Brion Vibber wrote: > On Thu, Jun 2, 2011 at 2:20 PM, Roan Kattouw<[email protected]> wrote: > >> On Thu, Jun 2, 2011 at 10:56 PM, Brion Vibber<[email protected]> wrote: >>> Is there a way we can narrow down this security check so it doesn't keep >>> breaking API requests, action=raw requests, and ResourceLoader requests, >>> etc? >>> >> Tim had an idea about redirecting bad URLs to fixed ones. He ran it by >> me last night his time, and my guess is he'll probably implement it >> this morning his time. But I'll leave it up to him to elaborate on >> that. >> > > I know this has already been brought up, but that doesn't work for POST, and > may not work for API clients that don't automatically follow redirects. > (Which it looks like includes MediaWiki's ForeignAPIRepo since our Http > class got redirection turned off by default a couple versions ago.)
Luckily ForeignAPIRepo doesn't spoof IE6, so we can just redirect IE6. _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
