Page MenuHomePhabricator
Create Task
Maniphest T62242

Renameuser does not properly sanitize/canonicalize old username in rename form
Open, MediumPublic
Actions

Description

Renameuser does not properly sanitize/canonicalize old username in rename form.

It is possible to provide a string that is an invalid username that can be canonicalized to a valid one (e.g. "Test user" with two spaces), which will trigger a "The user does not exist." error even if the account "Test user" does exist.

(There is a separate process of uppercasing the first letter of the provided username; the RenameUserWarning hook can receive the lowercase username before it is adjusted. This might be a separate bug too.)

Version: unspecified
Severity: normal
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=60241

Details

Reference
bz60242

Related Objects

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL