jenkins-bot has submitted this change and it was merged.
Change subject: Check token in Special:MergeAccount
......................................................................
Check token in Special:MergeAccount
Bug: 70469
Change-Id: I4889fd5f6c51f79f6c2f68f1e3020054f57309e9
---
M includes/specials/SpecialMergeAccount.php
1 file changed, 4 insertions(+), 0 deletions(-)
Approvals:
CSteipp: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/specials/SpecialMergeAccount.php
b/includes/specials/SpecialMergeAccount.php
index 1e542b3..db94e77 100644
--- a/includes/specials/SpecialMergeAccount.php
+++ b/includes/specials/SpecialMergeAccount.php
@@ -66,6 +66,10 @@
// do / don't have more accounts to merge
if ( $this->mAttemptMerge ) {
+ // First check the edit token
+ if ( !$this->getUser()->matchEditToken(
$this->getRequest()->getVal( 'wpEditToken' ) ) ) {
+ throw new ErrorPageError(
'sessionfailure-title', 'sessionfailure' );
+ }
switch( $this->mMergeAction ) {
case "dryrun":
$this->doDryRunMerge();
--
To view, visit https://gerrit.wikimedia.org/r/165608
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I4889fd5f6c51f79f6c2f68f1e3020054f57309e9
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: CSteipp <[email protected]>
Gerrit-Reviewer: CSteipp <[email protected]>
Gerrit-Reviewer: Legoktm <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
