dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge "Allow for time-limited tokens"
[lhc/web/wiklou.git]
/
RELEASE-NOTES-1.25
diff --git
a/RELEASE-NOTES-1.25
b/RELEASE-NOTES-1.25
index
48d7b05
..
322e664
100644
(file)
--- a/
RELEASE-NOTES-1.25
+++ b/
RELEASE-NOTES-1.25
@@
-12,6
+12,10
@@
production.
* $wgPageShowWatchingUsers was removed.
* $wgLocalVirtualHosts has been added to replace $wgConf->localVHosts.
* $wgAntiLockFlags was removed.
* $wgPageShowWatchingUsers was removed.
* $wgLocalVirtualHosts has been added to replace $wgConf->localVHosts.
* $wgAntiLockFlags was removed.
+* Edit tokens returned from User::getEditToken may change on every call. Token
+ validity must be checked by passing the user-supplied token to
+ User::matchEditToken rather than by testing for equality with a
+ newly-generated token.
=== New features in 1.25 ===
* (bug 58139) ResourceLoaderFileModule now supports language fallback
=== New features in 1.25 ===
* (bug 58139) ResourceLoaderFileModule now supports language fallback
@@
-33,6
+37,8
@@
production.
- Usage instructions: https://www.mediawiki.org/wiki/Help:Page_status_indicators
- Adjusting custom skins to support indicators:
https://www.mediawiki.org/wiki/Manual:Skinning#Page_status_indicators
- Usage instructions: https://www.mediawiki.org/wiki/Help:Page_status_indicators
- Adjusting custom skins to support indicators:
https://www.mediawiki.org/wiki/Manual:Skinning#Page_status_indicators
+* Edit tokens may now be time-limited: passing a maximum age to
+ User::matchEditToken will reject any older tokens.
=== Bug fixes in 1.25 ===
* (bug 71003) No additional code will be generated to try to load CSS-embedded
=== Bug fixes in 1.25 ===
* (bug 71003) No additional code will be generated to try to load CSS-embedded