From 6ebb5ea249bc8e493955b6a83c8f8409dd24039f Mon Sep 17 00:00:00 2001 From: Brian Wolff Date: Sun, 10 Jul 2016 14:44:52 -0400 Subject: [PATCH] Tell users that js/css subpages are public There is concern that users might think user css/js is a type of preference, and thus secret. Thus they might put something identifying in the file, not realizing the file is viewable. Bug: T85856 Change-Id: Ib44afa7ad4f34c24031eba1953b1ce38d529d1ee --- includes/EditPage.php | 3 +++ languages/i18n/en.json | 4 +++- languages/i18n/qqq.json | 4 +++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/includes/EditPage.php b/includes/EditPage.php index 9b862b932e..7dedac4d2b 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -2914,6 +2914,9 @@ class EditPage { ); } if ( $this->getTitle()->isSubpageOf( $wgUser->getUserPage() ) ) { + $wgOut->wrapWikiMsg( '
$1
', + $this->isCssSubpage ? 'usercssispublic' : 'userjsispublic' + ); if ( $this->formtype !== 'preview' ) { if ( $this->isCssSubpage && $wgAllowUserCss ) { $wgOut->wrapWikiMsg( diff --git a/languages/i18n/en.json b/languages/i18n/en.json index e1c37c88b5..892ac2c2c1 100644 --- a/languages/i18n/en.json +++ b/languages/i18n/en.json @@ -4195,5 +4195,7 @@ "linkaccounts-submit": "Link accounts", "unlinkaccounts": "Unlink accounts", "unlinkaccounts-success": "The account was unlinked.", - "authenticationdatachange-ignored": "The authentication data change was not handled. Maybe no provider was configured?" + "authenticationdatachange-ignored": "The authentication data change was not handled. Maybe no provider was configured?", + "userjsispublic": "Please note: JavaScript subpages should not contain confidential data as they are viewable by other users.", + "usercssispublic": "Please note: CSS subpages should not contain confidential data as they are viewable by other users." } diff --git a/languages/i18n/qqq.json b/languages/i18n/qqq.json index 6a3d604ae7..2c5041ca56 100644 --- a/languages/i18n/qqq.json +++ b/languages/i18n/qqq.json @@ -4378,5 +4378,7 @@ "linkaccounts-submit": "Text of the main submit button on [[Special:LinkAccounts]] (when there is one)", "unlinkaccounts": "Title of the special page [[Special:UnlinkAccounts]] which allows the user to remove linked remote accounts.", "unlinkaccounts-success": "Account unlinking form success message", - "authenticationdatachange-ignored": "Shown when authentication data change was unsuccessful due to configuration problems.\n\nCf. e.g. {{msg-mw|Passwordreset-ignored}}." + "authenticationdatachange-ignored": "Shown when authentication data change was unsuccessful due to configuration problems.\n\nCf. e.g. {{msg-mw|Passwordreset-ignored}}.", + "userjsispublic": "A reminder to users that Javascript subpages are not preferences but normal pages, and thus can be viewed by other users and the general public. This message is shown to a user whenever they are editing a subpage in their own user-space that ends in .js. See also {{msg-mw|usercssispublic}}.", + "usercssispublic": "A reminder to users that CSS subpages are not preferences but normal pages, and thus can be viewed by other users and the general public. This message is shown to a user whenever they are editing a subpage in their own user-space that ends in .css. See also {{msg-mw|userjsispublic}}" } -- 2.20.1