From: Brian Wolff Date: Sun, 10 Jul 2016 18:44:52 +0000 (-0400) Subject: Tell users that js/css subpages are public X-Git-Tag: 1.31.0-rc.0~5931^2 X-Git-Url: http://git.heureux-cyclage.org/?a=commitdiff_plain;h=6ebb5ea249bc8e493955b6a83c8f8409dd24039f;p=lhc%2Fweb%2Fwiklou.git Tell users that js/css subpages are public There is concern that users might think user css/js is a type of preference, and thus secret. Thus they might put something identifying in the file, not realizing the file is viewable. Bug: T85856 Change-Id: Ib44afa7ad4f34c24031eba1953b1ce38d529d1ee --- diff --git a/includes/EditPage.php b/includes/EditPage.php index 9b862b932e..7dedac4d2b 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -2914,6 +2914,9 @@ class EditPage { ); } if ( $this->getTitle()->isSubpageOf( $wgUser->getUserPage() ) ) { + $wgOut->wrapWikiMsg( '
$1
', + $this->isCssSubpage ? 'usercssispublic' : 'userjsispublic' + ); if ( $this->formtype !== 'preview' ) { if ( $this->isCssSubpage && $wgAllowUserCss ) { $wgOut->wrapWikiMsg( diff --git a/languages/i18n/en.json b/languages/i18n/en.json index e1c37c88b5..892ac2c2c1 100644 --- a/languages/i18n/en.json +++ b/languages/i18n/en.json @@ -4195,5 +4195,7 @@ "linkaccounts-submit": "Link accounts", "unlinkaccounts": "Unlink accounts", "unlinkaccounts-success": "The account was unlinked.", - "authenticationdatachange-ignored": "The authentication data change was not handled. Maybe no provider was configured?" + "authenticationdatachange-ignored": "The authentication data change was not handled. Maybe no provider was configured?", + "userjsispublic": "Please note: JavaScript subpages should not contain confidential data as they are viewable by other users.", + "usercssispublic": "Please note: CSS subpages should not contain confidential data as they are viewable by other users." } diff --git a/languages/i18n/qqq.json b/languages/i18n/qqq.json index 6a3d604ae7..2c5041ca56 100644 --- a/languages/i18n/qqq.json +++ b/languages/i18n/qqq.json @@ -4378,5 +4378,7 @@ "linkaccounts-submit": "Text of the main submit button on [[Special:LinkAccounts]] (when there is one)", "unlinkaccounts": "Title of the special page [[Special:UnlinkAccounts]] which allows the user to remove linked remote accounts.", "unlinkaccounts-success": "Account unlinking form success message", - "authenticationdatachange-ignored": "Shown when authentication data change was unsuccessful due to configuration problems.\n\nCf. e.g. {{msg-mw|Passwordreset-ignored}}." + "authenticationdatachange-ignored": "Shown when authentication data change was unsuccessful due to configuration problems.\n\nCf. e.g. {{msg-mw|Passwordreset-ignored}}.", + "userjsispublic": "A reminder to users that Javascript subpages are not preferences but normal pages, and thus can be viewed by other users and the general public. This message is shown to a user whenever they are editing a subpage in their own user-space that ends in .js. See also {{msg-mw|usercssispublic}}.", + "usercssispublic": "A reminder to users that CSS subpages are not preferences but normal pages, and thus can be viewed by other users and the general public. This message is shown to a user whenever they are editing a subpage in their own user-space that ends in .css. See also {{msg-mw|userjsispublic}}" }