SECURITY: Rate limit moves via the API

While rate limiting has been applied to moves via the web UI since rate
limiting was first added, it appears that it was overlooked when ApiMove
was created.

This follows the same model as is followed by the web UI: each
submission to ApiMove is one "hit" for the rate limiter, even though
that submission might result in multiple pages being moved (e.g. the
page, its talk page, and its subpages) depending on the options and user
rights.

Bug: T132874
Change-Id: I564d8bfcc7dd3ad6d92dbbc33519a589697c0d4e

Signed-off-by: Chad Horohoe <chadh@wikimedia.org>

diff --git a/includes/api/ApiMove.php b/includes/api/ApiMove.php
index 2fbd50e..29e67b0 100644 (file)
--- a/includes/api/ApiMove.php
+++ b/includes/api/ApiMove.php
@@ -72,6 +72,11 @@ class ApiMove extends ApiBase {
                        }
                }
 
+               // Rate limit
+               if ( $user->pingLimiter( 'move' ) ) {
+                       $this->dieUsageMsg( 'actionthrottledtext' );
+               }
+
                // Move the page
                $toTitleExists = $toTitle->exists();
                $status = $this->movePage( $fromTitle, $toTitle, $params['reason'], !$params['noredirect'] );