*/
private $config;
+ /**
+ * @var String Cache what action this request is
+ */
+ private $action;
+
/**
* @param IContextSource|null $context
*/
* @return string Action
*/
public function getAction() {
- static $action = null;
-
- if ( $action === null ) {
- $action = Action::getActionName( $this->context );
+ if ( $this->action === null ) {
+ $this->action = Action::getActionName( $this->context );
}
- return $action;
+ return $this->action;
}
/**
// Handle any other redirects.
// Redirect loops, titleless URL, $wgUsePathInfo URLs, and URLs with a variant
} elseif ( !$this->tryNormaliseRedirect( $title ) ) {
+ // Prevent information leak via Special:MyPage et al (T109724)
+ if ( $title->isSpecialPage() ) {
+ $specialPage = SpecialPageFactory::getPage( $title->getDBKey() );
+ if ( $specialPage instanceof RedirectSpecialPage
+ && $this->config->get( 'HideIdentifiableRedirects' )
+ && $specialPage->personallyIdentifiableTarget()
+ ) {
+ list( , $subpage ) = SpecialPageFactory::resolveAlias( $title->getDBKey() );
+ $target = $specialPage->getRedirect( $subpage );
+ // target can also be true. We let that case fall through to normal processing.
+ if ( $target instanceof Title ) {
+ $query = $specialPage->getRedirectQuery() ?: array();
+ $request = new DerivativeRequest( $this->context->getRequest(), $query );
+ $request->setRequestURL( $this->context->getRequest()->getRequestURL() );
+ $this->context->setRequest( $request );
+ // Do not varnish cache these. May vary even for anons
+ $this->context->getOutput()->lowerCdnMaxage( 0 );
+ $this->context->setTitle( $target );
+ $wgTitle = $target;
+ // Reset action type cache. (Special pages have only view)
+ $this->action = null;
+ $title = $target;
+ $output->addJsConfigVars( array(
+ 'wgInternalRedirectTargetUrl' => $target->getFullURL( $query ),
+ ) );
+ $output->addModules( 'mediawiki.action.view.redirect' );
+ }
+ }
+ }
- // Special pages
+ // Special pages ($title may have changed since if statement above)
if ( NS_SPECIAL == $title->getNamespace() ) {
// Actions that need to be made when we have a special pages
SpecialPageFactory::executePath( $title, $this->context );
* @param Title $requestTitle The original title, before any redirects were applied
*/
private function performAction( Page $page, Title $requestTitle ) {
-
$request = $this->context->getRequest();
$output = $this->context->getOutput();
$title = $this->context->getTitle();
}
$act = $this->getAction();
-
$action = Action::factory( $act, $page, $this->context );
if ( $action instanceof Action ) {
+ // Narrow DB query expectations for this HTTP request
+ $trxLimits = $this->config->get( 'TrxProfilerLimits' );
+ $trxProfiler = Profiler::instance()->getTransactionProfiler();
+ if ( $request->wasPosted() && !$action->doesWrites() ) {
+ $trxProfiler->setExpectations( $trxLimits['POST-nonwrite'], __METHOD__ );
+ }
+
# Let CDN cache things if we can purge them.
if ( $this->config->get( 'UseSquid' ) &&
in_array(
$output->setStatusCode( 404 );
$output->showErrorPage( 'nosuchaction', 'nosuchactiontext' );
}
-
}
/**
if ( $limit > 0 && $time > $limit ) {
throw new DBTransactionError(
$db,
- wfMessage( 'transaction-duration-limit-exceeded', $time, $limit )->plain()
+ wfMessage( 'transaction-duration-limit-exceeded', $time, $limit )->text()
);
}
} );
} );
// Commit all changes
- $factory->commitMasterChanges();
+ $factory->commitMasterChanges( __METHOD__ );
// Record ChronologyProtector positions
$factory->shutdown();
wfDebug( __METHOD__ . ': all transactions committed' );
DeferredUpdates::doUpdates( 'enqueue', DeferredUpdates::PRESEND );
wfDebug( __METHOD__ . ': pre-send deferred updates completed' );
- // Set a cookie to tell all CDN edge nodes to "stick" the user to the
- // DC that handles this POST request (e.g. the "master" data center)
+ // Set a cookie to tell all CDN edge nodes to "stick" the user to the DC that handles this
+ // POST request (e.g. the "master" data center). Also have the user briefly bypass CDN so
+ // ChronologyProtector works for cacheable URLs.
$request = $context->getRequest();
if ( $request->wasPosted() && $factory->hasOrMadeRecentMasterChanges() ) {
$expires = time() + $config->get( 'DataCenterUpdateStickTTL' );
- $request->response()->setCookie( 'UseDC', 'master', $expires, array( 'prefix' => '' ) );
+ $options = array( 'prefix' => '' );
+ $request->response()->setCookie( 'UseDC', 'master', $expires, $options );
+ $request->response()->setCookie( 'UseCDNCache', 'false', $expires, $options );
}
- // Avoid letting a few seconds of slave lag cause a month of stale data
+ // Avoid letting a few seconds of slave lag cause a month of stale data. This logic is
+ // also intimately related to the value of $wgCdnReboundPurgeDelay.
if ( $factory->laggedSlaveUsed() ) {
$maxAge = $config->get( 'CdnMaxageLagged' );
$context->getOutput()->lowerCdnMaxage( $maxAge );
}
private function main() {
- global $wgTitle, $wgTrxProfilerLimits;
+ global $wgTitle;
$request = $this->context->getRequest();
$action = $this->getAction();
$wgTitle = $title;
+ // Set DB query expectations for this HTTP request
+ $trxLimits = $this->config->get( 'TrxProfilerLimits' );
$trxProfiler = Profiler::instance()->getTransactionProfiler();
$trxProfiler->setLogger( LoggerFactory::getInstance( 'DBPerformance' ) );
-
- // Aside from rollback, master queries should not happen on GET requests.
- // Periodic or "in passing" updates on GET should use the job queue.
- if ( !$request->wasPosted()
- && in_array( $action, array( 'view', 'edit', 'history' ) )
- ) {
- $trxProfiler->setExpectations( $wgTrxProfilerLimits['GET'], __METHOD__ );
+ if ( $request->wasPosted() ) {
+ $trxProfiler->setExpectations( $trxLimits['POST'], __METHOD__ );
} else {
- $trxProfiler->setExpectations( $wgTrxProfilerLimits['POST'], __METHOD__ );
+ $trxProfiler->setExpectations( $trxLimits['GET'], __METHOD__ );
}
// If the user has forceHTTPS set to true, or if the user
if (
$request->getProtocol() == 'http' &&
(
+ $request->getSession()->shouldForceHTTPS() ||
+ // Check the cookie manually, for paranoia
$request->getCookie( 'forceHTTPS', '' ) ||
- // check for prefixed version for currently logged in users
+ // check for prefixed version that was used for a time in older MW versions
$request->getCookie( 'forceHTTPS' ) ||
// Avoid checking the user and groups unless it's enabled.
(
*/
public function restInPeace( $mode = 'fast' ) {
// Assure deferred updates are not in the main transaction
- wfGetLBFactory()->commitMasterChanges();
+ wfGetLBFactory()->commitMasterChanges( __METHOD__ );
// Ignore things like master queries/connections on GET requests
// as long as they are in deferred updates (which catch errors).
// Commit and close up!
$factory = wfGetLBFactory();
- $factory->commitMasterChanges();
+ $factory->commitMasterChanges( __METHOD__ );
$factory->shutdown( LBFactory::SHUTDOWN_NO_CHRONPROT );
wfDebug( "Request ended normally\n" );