(bug 98) Prohibit corner-case where it might be possible to create a page beginning...

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index f5f17fb..fd7d96a 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -146,6 +146,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
 * Allow case-sensitive URLs to be used for uploading from URLs.
 * (bug 1109) Correct fix for compressed 304 responses when additional output
   buffers have been installed within the compression handler
+* (bug 98) Prohibit corner-case where it might be possible to create a page
+  beginning with a forward slash.
 
 
 == Languages updated ==

diff --git a/includes/Title.php b/includes/Title.php
index b81b631..55bda5c 100644 (file)
--- a/includes/Title.php
+++ b/includes/Title.php
@@ -1551,6 +1551,16 @@ class Title {
                        return false;
                }
 
+               /**
+                * Pages whose titles start with / can confuse webservers
+                * and proxies. They can be unreachable with the pretty
+                * URLs. Forbid them explicitly.
+               */
+               if ( strpos( $r, '/') === 0 )
+               {
+                       return false;
+               }
+
                # We shouldn't need to query the DB for the size.
                #$maxSize = $dbr->textFieldSize( 'page', 'page_title' );
                if ( strlen( $r ) > 255 ) {
@@ -2298,7 +2308,7 @@ class Title {
         * @deprecated use DependencyWrapper
         */
        function getRelatedCache( $memc, $key, $expiry, $callback, $params = array() ) {
-               return DependencyWrapper::getValueFromCache( $memc, $key, $expiry, $callback, 
+               return DependencyWrapper::getValueFromCache( $memc, $key, $expiry, $callback,
                        $params, new TitleDependency( $this ) );
        }