$wgXhtmlDefaultNamespace = 'http://www.w3.org/1999/xhtml';
$wgJsMimeType = 'text/javascript';
-if ( !$wgHtml5Version && $wgAllowRdfaAttributes ) {
- // see http://www.w3.org/TR/rdfa-in-html/#document-conformance
- if ( $wgMimeType == 'application/xhtml+xml' ) {
- $wgHtml5Version = 'XHTML+RDFa 1.0';
- } else {
- $wgHtml5Version = 'HTML+RDFa 1.0';
- }
-}
-
// Blacklisted file extensions shouldn't appear on the "allowed" list
$wgFileExtensions = array_values( array_diff( $wgFileExtensions, $wgFileBlacklist ) );
require_once "$IP/includes/AutoLoader.php";
}
+// Install a header callback to prevent caching of responses with cookies (T127993)
+if ( !$wgCommandLineMode ) {
+ header_register_callback( function () {
+ $headers = [];
+ foreach ( headers_list() as $header ) {
+ list( $name, $value ) = explode( ':', $header, 2 );
+ $headers[strtolower( trim( $name ) )][] = trim( $value );
+ }
+
+ if ( isset( $headers['set-cookie'] ) ) {
+ $cacheControl = isset( $headers['cache-control'] )
+ ? implode( ', ', $headers['cache-control'] )
+ : '';
+
+ if ( !preg_match( '/(?:^|,)\s*(?:private|no-cache|no-store)\s*(?:$|,)/i', $cacheControl ) ) {
+ header( 'Expires: Thu, 01 Jan 1970 00:00:00 GMT' );
+ header( 'Cache-Control: private, max-age=0, s-maxage=0' );
+ MediaWiki\Logger\LoggerFactory::getInstance( 'cache-cookies' )->warning(
+ 'Cookies set on {url} with Cache-Control "{cache-control}"', [
+ 'url' => WebRequest::getGlobalRequestURL(),
+ 'cookies' => $headers['set-cookie'],
+ 'cache-control' => $cacheControl ?: '<not set>',
+ ]
+ );
+ }
+ }
+ } );
+}
+
MWExceptionHandler::installHandler();
require_once "$IP/includes/compat/normal/UtfNormalUtil.php";
$wgPasswordSender = 'apache@' . $wgServerName;
}
if ( !$wgNoReplyAddress ) {
- $wgNoReplyAddress = $wgNoReplyAddress;
+ $wgNoReplyAddress = $wgPasswordSender;
}
if ( $wgSecureLogin && substr( $wgServer, 0, 2 ) !== '//' ) {
dépôts / lhc / web / wiklou.git / blobdiff