There is concern that users might think user css/js is a type of
preference, and thus secret. Thus they might put something
identifying in the file, not realizing the file is viewable.
Bug: T85856
Change-Id: Ib44afa7ad4f34c24031eba1953b1ce38d529d1ee
);
}
if ( $this->getTitle()->isSubpageOf( $wgUser->getUserPage() ) ) {
);
}
if ( $this->getTitle()->isSubpageOf( $wgUser->getUserPage() ) ) {
+ $wgOut->wrapWikiMsg( '<div class="mw-usercssjspublic">$1</div>',
+ $this->isCssSubpage ? 'usercssispublic' : 'userjsispublic'
+ );
if ( $this->formtype !== 'preview' ) {
if ( $this->isCssSubpage && $wgAllowUserCss ) {
$wgOut->wrapWikiMsg(
if ( $this->formtype !== 'preview' ) {
if ( $this->isCssSubpage && $wgAllowUserCss ) {
$wgOut->wrapWikiMsg(
"linkaccounts-submit": "Link accounts",
"unlinkaccounts": "Unlink accounts",
"unlinkaccounts-success": "The account was unlinked.",
"linkaccounts-submit": "Link accounts",
"unlinkaccounts": "Unlink accounts",
"unlinkaccounts-success": "The account was unlinked.",
- "authenticationdatachange-ignored": "The authentication data change was not handled. Maybe no provider was configured?"
+ "authenticationdatachange-ignored": "The authentication data change was not handled. Maybe no provider was configured?",
+ "userjsispublic": "Please note: JavaScript subpages should not contain confidential data as they are viewable by other users.",
+ "usercssispublic": "Please note: CSS subpages should not contain confidential data as they are viewable by other users."
"linkaccounts-submit": "Text of the main submit button on [[Special:LinkAccounts]] (when there is one)",
"unlinkaccounts": "Title of the special page [[Special:UnlinkAccounts]] which allows the user to remove linked remote accounts.",
"unlinkaccounts-success": "Account unlinking form success message",
"linkaccounts-submit": "Text of the main submit button on [[Special:LinkAccounts]] (when there is one)",
"unlinkaccounts": "Title of the special page [[Special:UnlinkAccounts]] which allows the user to remove linked remote accounts.",
"unlinkaccounts-success": "Account unlinking form success message",
- "authenticationdatachange-ignored": "Shown when authentication data change was unsuccessful due to configuration problems.\n\nCf. e.g. {{msg-mw|Passwordreset-ignored}}."
+ "authenticationdatachange-ignored": "Shown when authentication data change was unsuccessful due to configuration problems.\n\nCf. e.g. {{msg-mw|Passwordreset-ignored}}.",
+ "userjsispublic": "A reminder to users that Javascript subpages are not preferences but normal pages, and thus can be viewed by other users and the general public. This message is shown to a user whenever they are editing a subpage in their own user-space that ends in .js. See also {{msg-mw|usercssispublic}}.",
+ "usercssispublic": "A reminder to users that CSS subpages are not preferences but normal pages, and thus can be viewed by other users and the general public. This message is shown to a user whenever they are editing a subpage in their own user-space that ends in .css. See also {{msg-mw|userjsispublic}}"
dépôts / lhc / web / wiklou.git / commitdiff