jenkins-bot has submitted this change and it was merged.
Change subject: Avoid API error/header leakage from jobs API
......................................................................
Avoid API error/header leakage from jobs API
* Also cleaned up some HTTP headers while at it
bug: 62092
Change-Id: Ia2c1643e47aae53916c107c901cca654dc438a16
---
M includes/Wiki.php
M includes/api/ApiRunJobs.php
2 files changed, 11 insertions(+), 15 deletions(-)
Approvals:
Brian Wolff: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/Wiki.php b/includes/Wiki.php
index 0f6a0b8..5c67e5f 100644
--- a/includes/Wiki.php
+++ b/includes/Wiki.php
@@ -643,14 +643,8 @@
'tasks' => 'jobs', 'maxjobs' => $n, 'sigexpiry' =>
time() + 5 );
$query['signature'] = ApiRunJobs::getQuerySignature( $query );
- // Slow job running method in case of API or socket functions
being disabled
- $fallback = function() use ( $query ) {
- $api = new ApiMain( new FauxRequest( $query, true ) );
- $api->execute();
- };
-
if ( !$wgEnableAPI ) {
- $fallback();
+ ApiRunJobs::executeJobs( $n ); // slow fallback
return;
}
@@ -666,7 +660,7 @@
wfRestoreWarnings();
if ( !$sock ) {
wfDebugLog( 'runJobs', "Failed to start cron API
(socket error $errno): $errstr\n" );
- $fallback();
+ ApiRunJobs::executeJobs( $n ); // slow fallback
return;
}
@@ -684,7 +678,7 @@
// Do not wait for the response (the script should
handle client aborts).
// Make sure that we don't close before that script
reaches ignore_user_abort().
$status = fgets( $sock );
- if ( !preg_match( '#^HTTP/\d\.\d 204 #', $status ) ) {
+ if ( !preg_match( '#^HTTP/\d\.\d 202 #', $status ) ) {
wfDebugLog( 'runJobs', "Failed to start cron
API: received '$status'\n" );
}
}
diff --git a/includes/api/ApiRunJobs.php b/includes/api/ApiRunJobs.php
index 425c0a3..e16dc5d 100644
--- a/includes/api/ApiRunJobs.php
+++ b/includes/api/ApiRunJobs.php
@@ -51,21 +51,21 @@
}
if ( !$verified || $params['sigexpiry'] < time() ) {
- $this->dieUsage( 'Invalid or stale signature provided',
'bad_signature', 401 );
+ $this->dieUsage( 'Invalid or stale signature provided',
'bad_signature', 400 );
}
// Client will usually disconnect before checking the response,
// but it needs to know when it is safe to disconnect. Until
this
// reaches ignore_user_abort(), it is not safe as the jobs
won't run.
ignore_user_abort( true ); // jobs may take a bit of time
- header( "HTTP/1.0 204 No Content" );
+ header( "HTTP/1.0 202 Accepted" );
ob_flush();
flush();
// Once the client receives this response, it can disconnect
// Do all of the specified tasks...
if ( in_array( 'jobs', $params['tasks'] ) ) {
- $this->executeJobs( $params );
+ self::executeJobs( $params['maxjobs'] );
}
}
@@ -83,11 +83,13 @@
/**
* Run jobs from the job queue
*
- * @param array $params Request parameters
+ * @note: also called from Wiki.php
+ *
+ * @param integer $maxJobs Maximum number of jobs to run
* @return void
*/
- protected function executeJobs( array $params ) {
- $n = $params['maxjobs']; // number of jobs to run
+ public static function executeJobs( $maxJobs ) {
+ $n = $maxJobs; // number of jobs to run
if ( $n < 1 ) {
return;
}
--
To view, visit https://gerrit.wikimedia.org/r/116224
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ia2c1643e47aae53916c107c901cca654dc438a16
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Aaron Schulz <asch...@wikimedia.org>
Gerrit-Reviewer: Anomie <bjor...@wikimedia.org>
Gerrit-Reviewer: Brian Wolff <bawolff...@gmail.com>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
