CSteipp has uploaded a new change for review.
https://gerrit.wikimedia.org/r/165608
Change subject: Check token in Special:MergeAccount
......................................................................
Check token in Special:MergeAccount
Bug: 70469
Change-Id: I4889fd5f6c51f79f6c2f68f1e3020054f57309e9
---
M includes/specials/SpecialMergeAccount.php
1 file changed, 4 insertions(+), 0 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/CentralAuth
refs/changes/08/165608/1
diff --git a/includes/specials/SpecialMergeAccount.php
b/includes/specials/SpecialMergeAccount.php
index 1e542b3..db94e77 100644
--- a/includes/specials/SpecialMergeAccount.php
+++ b/includes/specials/SpecialMergeAccount.php
@@ -66,6 +66,10 @@
// do / don't have more accounts to merge
if ( $this->mAttemptMerge ) {
+ // First check the edit token
+ if ( !$this->getUser()->matchEditToken(
$this->getRequest()->getVal( 'wpEditToken' ) ) ) {
+ throw new ErrorPageError(
'sessionfailure-title', 'sessionfailure' );
+ }
switch( $this->mMergeAction ) {
case "dryrun":
$this->doDryRunMerge();
--
To view, visit https://gerrit.wikimedia.org/r/165608
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I4889fd5f6c51f79f6c2f68f1e3020054f57309e9
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: CSteipp <[email protected]>
Gerrit-Reviewer: Legoktm <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
