jenkins-bot has submitted this change and it was merged.
Change subject: Limit expanded content to 25kB per revision
......................................................................
Limit expanded content to 25kB per revision
Change-Id: Ifd17240ee2435c6cc1d8a31d1e1ba284082b097d
(cherry picked from commit 69275f787a307d35c2f8ed6ae46f70bdd8903a78)
---
M Flow.php
M container.php
M i18n/en.json
M i18n/qqq.json
M includes/Model/PostRevision.php
A includes/SpamFilter/ContentLengthFilter.php
6 files changed, 36 insertions(+), 1 deletion(-)
Approvals:
EBernhardson: Looks good to me, approved
jenkins-bot: Verified
diff --git a/Flow.php b/Flow.php
index b4e6523..8f18836 100755
--- a/Flow.php
+++ b/Flow.php
@@ -93,6 +93,7 @@
$wgAutoloadClasses['Flow\SpamFilter\SpamBlacklist'] = $dir .
'includes/SpamFilter/SpamBlacklist.php';
$wgAutoloadClasses['Flow\SpamFilter\AbuseFilter'] = $dir .
'includes/SpamFilter/AbuseFilter.php';
$wgAutoloadClasses['Flow\SpamFilter\ConfirmEdit'] = $dir .
'includes/SpamFilter/ConfirmEdit.php';
+$wgAutoloadClasses['Flow\SpamFilter\ContentLengthFilter'] = $dir .
'includes/SpamFilter/ContentLengthFilter.php';
$wgAutoloadClasses['Flow\FlowActions'] = $dir . 'includes/FlowActions.php';
$wgAutoloadClasses['Flow\RevisionActionPermissions'] = $dir .
'includes/RevisionActionPermissions.php';
$wgAutoloadClasses['Flow\ReferenceClarifier'] = $dir .
'includes/ReferenceClarifier.php';
diff --git a/container.php b/container.php
index 59619cc..c9f6333 100644
--- a/container.php
+++ b/container.php
@@ -654,12 +654,17 @@
return new Flow\SpamFilter\ConfirmEdit;
} );
+$c['controller.contentlength'] = $c->share( function( $c ) {
+ return new Flow\SpamFilter\ContentLengthFilter;
+} );
+
$c['controller.spamfilter'] = $c->share( function( $c ) {
return new Flow\SpamFilter\Controller(
$c['controller.spamregex'],
$c['controller.spamblacklist'],
$c['controller.abusefilter'],
- $c['controller.confirmedit']
+ $c['controller.confirmedit'],
+ $c['controller.contentlength']
);
} );
diff --git a/i18n/en.json b/i18n/en.json
index 96e7eea..d729082 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -141,6 +141,7 @@
"flow-error-no-render": "The specified action was not recognized.",
"flow-error-no-commit": "The specified action could not be saved.",
"flow-error-fetch-after-lock": "An error was encountered when requesting
the new data. The lock/unlock operation succeeded just fine, though. The error
message was: $1",
+ "flow-error-content-too-long": "The content is too large. Content after
expansion is limited to $1 {{PLURAL:$1|byte|bytes}}.",
"flow-error-move": "Moving a discussion board is currently not supported.",
"flow-edit-header-placeholder": "Describe this discussion board",
"flow-edit-header-submit": "Save header",
diff --git a/i18n/qqq.json b/i18n/qqq.json
index ca33d6f..5e26ec4 100644
--- a/i18n/qqq.json
+++ b/i18n/qqq.json
@@ -144,6 +144,7 @@
"flow-error-no-render": "Error message when nothing was able to render
the request (data was requested but it could not be processed).",
"flow-error-no-commit": "Error message when nothing was able to commit
the request (data was submitted but it could not be processed).",
"flow-error-fetch-after-lock": "Error message to be displayed when
failing to request the new data after successfully performing lock/unlock
topic. This is meant to indicate to the user that some error was encountered,
but that the lock/unlock actually succeeded just fine - we just failed to get
the new data to display the new status. Parameters:\n* $1 - The error message
received.",
+ "flow-error-content-too-long": "Error message when the expanded(html)
output of a post is too large.\n\nParameters:\n* $1 - post content lengh limit
in byte, could be used for plural support.",
"flow-error-move": "Error message when attempting to move a flow board
(which is not yet supported)",
"flow-edit-header-placeholder": "Used as placeholder when editing the
header of a Flow board",
"flow-edit-header-submit": "Used as label for the Submit button.",
diff --git a/includes/Model/PostRevision.php b/includes/Model/PostRevision.php
index 5af74d0..77d34f2 100644
--- a/includes/Model/PostRevision.php
+++ b/includes/Model/PostRevision.php
@@ -9,6 +9,7 @@
class PostRevision extends AbstractRevision {
const MAX_TOPIC_LENGTH = 260;
+ const MAX_POST_LENGTH = 25600;
/**
* @var UUID
diff --git a/includes/SpamFilter/ContentLengthFilter.php
b/includes/SpamFilter/ContentLengthFilter.php
new file mode 100644
index 0000000..76c74a7
--- /dev/null
+++ b/includes/SpamFilter/ContentLengthFilter.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Flow\SpamFilter;
+
+use Flow\Model\AbstractRevision;
+use Status;
+use Title;
+
+class ContentLengthFilter implements SpamFilter {
+
+ public function enabled() {
+ return true;
+ }
+
+ /**
+ * @param AbstractRevision $newRevision
+ * @param AbstractRevision|null $oldRevision
+ * @param Title $title
+ * @return Status
+ */
+ public function validate( AbstractRevision $newRevision,
AbstractRevision $oldRevision = null, Title $title = null ) {
+ return strlen( $newRevision->getContentRaw() ) > 25600
+ ? Status::newFatal( 'flow-error-content-too-long',
'25600' )
+ : Status::newGood();
+ }
+}
--
To view, visit https://gerrit.wikimedia.org/r/159905
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ifd17240ee2435c6cc1d8a31d1e1ba284082b097d
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/Flow
Gerrit-Branch: wmf/1.24wmf21
Gerrit-Owner: EBernhardson <[email protected]>
Gerrit-Reviewer: EBernhardson <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
