Last modified: 2011-06-26 02:41:35 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T10556, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 8556 - Bogus session loss message when editing a non-existent category page with $wgRawHtml enabled
Bogus session loss message when editing a non-existent category page with $wg...
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
Page editing (Other open bugs)
1.8.x
All All
: Low normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-01-09 21:03 UTC by Mike Axelrod
Modified: 2011-06-26 02:41 UTC (History)
1 user (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Mike Axelrod 2007-01-09 21:03:30 UTC 
After $wgRawHtml is enabled The message [[MediaWiki:Session fail preview html]]
is displayed all the time when editing an non-existent category page (might be a
problem with regular pages too, can't recall at the moment) even if the session
context is fine. (Cookie is present). We have enabled $wgRawHtml for use on an
intranet Mediawiki site and having this message displayed all the time is
annoying and confuses the users.  

As a work around I have simply edited the message and replaced it with a null
text string.  But I suspect the bug should be addressed.

I suspect the problem might be in the code of EditPage.php around lines 513 and
1360.

Steps to recreate this bug:

1. Log in 
2. edit a new page and add a link to a category page that has articles in the
category but no actual category page content has ever been created.
3. click on the link to the category page.
4. note the warning message.

I'm not so sure it is neccessary to see this warning message if the user is
logged in.

If this is not a bug then perhaps there could be some thinking done around what
to do for people in my situation.  (flag to turn off the warning, document the
work around  etc...)

BTW the documentation around $wgRawHtml is very weak....
Comment 1 Rob Church 2007-08-03 22:12:44 UTC 
This makes sense; when raw HTML is enabled, we do an edit token check for previews, to avoid users being taken to a page containing malicious raw HTML through innocuous preview links and the like. Of course, when editing categories for the first time, we do this preview too, but we don't bother to pass a token then.

Not sure what the best workaround for this is. We could perhaps skip the check if the text being previewed is blank.
Comment 2 Bawolff (Brian Wolff) 2011-06-26 02:41:35 UTC 
Happened to stumble upon this today. Fixed in r90814 by not showing the warning if the text being previewed is the empty string (It still aborts the preview just to be safe, but shouldn't matter since its only the empty string being previewed).
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links