Page MenuHomePhabricator
Create Task
Maniphest T16959

UNIQ... exposed to anonymous users when hook "InternalParseBeforeLinks" uses specific messages
Closed, ResolvedPublic
Actions

Description

This assumed parser bug causes UNIQ tags to remain unsubstituted, and hence to be exposed to the user. This happens when an extension hooking to "InternalParseBeforeLinks" accesses a message that contains {{SITENAME}}. I could reproduce this on MediaWiki 1.13alpha (r36226) to 1.14alpha (r38131), even without any extensions enabled. The conditions for creating this bug are complex, but it still occurs in practice (e.g. Semantic MediaWiki hooks to this place and uses messages). Its complicated conditions make it somewhat hard to track for the user.

To reproduce:

  • Edit LocalSettings.php to include the following lines:

    $wgHooks['InternalParseBeforeLinks'][] = 'causeBug'; function causeBug() { wfMsgForContent('copyrightwarning2'); return true; }

(the message 'copyrightwarning2' could be anything with {{SITENAME}} in it)

  • Create a page containing the text "<nowiki>[[Test]]</nowiki>"
  • Log out from the wiki, and purge the cache of the freshly created page (add action=purge as a parameter to the URL).

As a result, the UNIQ tag becomes visible. This does neither happen if anonymous users edit the page or preview their edits, nor if a logged in user edits or purges the page. The problem is also not present if a message without {{SITENAME}} in it is used.

The problem can be viewed at http://sandbox.semantic-mediawiki.org/wiki/UNIQ_bug (this wiki uses the above patch to LocalSettings). The installed extensions there do not have an effect -- disabling them still leaves the bug.

Note that this is not the same as Bug 14562, but it might of course be related internally.

Version: 1.13.x
Severity: major

Details

Reference
bz14959

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to Low.Nov 21 2014, 10:10 PM
bzimport added projects: MediaWiki-Parser, Parser, TestMe.
bzimport set Reference to bz14959.
bzimport added a subscriber: Unknown Object (MLST).
mkroetzsch created this task.Jul 28 2008, 1:58 PM
mkroetzsch added a comment.Jul 28 2008, 2:27 PM

On some sites, it has been found that editing the message page is required to reproduce the bug, though after that it occurred for all users (logged in or not) even without purge. This observation was made on a Windows machine, while the original bug was discovered on Linux machines running PHP "5.2.0-8+etch11 (apache2handler)" and "5.2.4-2ubuntu5.2 (apache2handler)", respectively.

The bug can also be triggered with other messages that use magic words, such as 'grouppage-user' which contains {{ns:project}} and 'listgrouprights-summary' that contains {{MediaWiki:... The bug does not occur with messages of plain text, such as listgroupuserrights. Moreover, the bug could not be reproduced on MediaWiki 1.10alpha (r19729).

MarkAHershberger added a comment.Dec 2 2010, 8:32 PM

added dep on 14562 so they could find each other.

Bawolff added a comment.Apr 15 2012, 4:22 AM

This was fixed a while back.

  • This bug has been marked as a duplicate of bug 28532 ***
Krinkle changed the status of subtask T16562: UNIQ key exposed when feeding strip markers into {{#tag:source from Duplicate to Resolved.Apr 28 2017, 9:05 PM
Restricted Application added a subscriber: TerraCodes. · View Herald TranscriptApr 28 2017, 9:05 PM
Peachey88 mentioned this in T19329: Message handling in parser.Feb 13 2022, 3:30 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL