Page MenuHomePhabricator
Create Task
Maniphest T17527

API cannot rollback anonymous users
Closed, ResolvedPublic
Actions

Description

Author: matthew.britton

Description:
It would appear that I cannot rollback anonymous users through the API.

URL:

http://en.wikipedia.org/w/api.php

Post data (percent-encoded):

action=rollback&format=xml&title=User+talk%3aGurch&user=86.140.177.30&token=f88492c3c482f3f322a9f336faba934a%2b%5c

Response:

<?xml version="1.0" encoding="utf-8"?><api><error code="invaliduser" info="Invalid username ``86.140.177.30&#039;&#039;" /></api>

Reproduced in other formats on other pages with other anonymous users, also tried percent-encoding the whole username.

Version: unspecified
Severity: major

Details

Reference
bz15527

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:24 PM
bzimport added a project: MediaWiki-Action-API.
bzimport set Reference to bz15527.
bzimport created this task.Sep 8 2008, 5:59 PM
bzimport added a comment.Sep 8 2008, 11:12 PM

EN.WP.ST47 wrote:

Loosen the validation for IPs

This patch, very simply, only runs the username through the validator if the username is not an IP. If the username is an IP, the validator automatically fails it.

attachment 15527.diff ignored as obsolete

bzimport added a comment.Sep 8 2008, 11:18 PM

EN.WP.ST47 wrote:

Do it differently

Just change the above to do it the same way as you did it in the ApiQueryBlocks.php

Attached:

15527.diff621 BDownload

bzimport added a comment.Sep 8 2008, 11:34 PM

soxred93 wrote:

Fixed in r40628

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL