X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=api.php;h=d9a69db37e62a25d596982d74d788753273cc1b1;hp=6e75fb746ae672de4f99b3bc18b6b718fa17a9a1;hb=ebc5cca3181d19c4ed488ba78cd3a39446dcb055;hpb=adae996840b9e782f6e14b21c433a83e37c3a74e

diff --git a/api.php b/api.php
index 6e75fb746a..d9a69db37e 100644
--- a/api.php
+++ b/api.php
@@ -44,6 +44,17 @@ if ( !$wgRequest->checkUrlExtension() ) {
 	return;
 }
 
+// Pathinfo can be used for stupid things. We don't support it for api.php at
+// all, so error out if it's present.
+if ( isset( $_SERVER['PATH_INFO'] ) && $_SERVER['PATH_INFO'] != '' ) {
+	$correctUrl = wfAppendQuery( wfScript( 'api' ), $wgRequest->getQueryValues() );
+	$correctUrl = wfExpandUrl( $correctUrl, PROTO_CANONICAL );
+	header( "Location: $correctUrl", true, 301 );
+	echo 'This endpoint does not support "path info", i.e. extra text between "api.php"'
+		. 'and the "?". Remove any such text and try again.';
+	die( 1 );
+}
+
 // Verify that the API has not been disabled
 if ( !$wgEnableAPI ) {
 	header( $_SERVER['SERVER_PROTOCOL'] . ' 500 MediaWiki configuration Error', true, 500 );
@@ -63,7 +74,7 @@ RequestContext::getMain()->setTitle( $wgTitle );
 try {
 	/* Construct an ApiMain with the arguments passed via the URL. What we get back
 	 * is some form of an ApiMain, possibly even one that produces an error message,
-	 * but we don't care here, as that is handled by the ctor.
+	 * but we don't care here, as that is handled by the constructor.
 	 */
 	$processor = new ApiMain( RequestContext::getMain(), $wgEnableWriteAPI );