On Thu, Jun 2, 2011 at 2:20 PM, Roan Kattouw <roan.kattouw(a)gmail.com> wrote:
On Thu, Jun 2, 2011 at 10:56 PM, Brion Vibber
<brion(a)pobox.com> wrote:
Is there a way we can narrow down this security
check so it doesn't keep
breaking API requests, action=raw requests, and ResourceLoader requests,
etc?
Tim had an idea about redirecting bad URLs to fixed ones. He ran it by
me last night his time, and my guess is he'll probably implement it
this morning his time. But I'll leave it up to him to elaborate on
that.
I know this has already been brought up, but that doesn't work for POST, and
may not work for API clients that don't automatically follow redirects.
(Which it looks like includes MediaWiki's ForeignAPIRepo since our Http
class got redirection turned off by default a couple versions ago.)
Your ideas to secure api.php output against HTML abuse are
interesting, but I don't think the txt and dbg
formats can be fixed
that way.
Why do we actually have these extra unparseable formats? If they're for
debug readability then we can probably just make them HTML-formatted, like
jsonfm/xmlfm/etc.
-- brion