From 867c79be202de0656efc5b42dd46be1916b82a39 Mon Sep 17 00:00:00 2001
From: Kunal Mehta <legoktm@member.fsf.org>
Date: Tue, 11 Jul 2017 18:30:33 -0700
Subject: [PATCH 1/1] Advise extensions not to modify $wgWhitelistRead

Instead they should use the TitleReadWhitelist hook. I've seen this
pattern in multiple extensions now, each causing different problems, so
it should be explicitly documented.

Change-Id: I670b0acde660bdc27a6c7e91c4b1b3baeea8b2e5
---
 includes/DefaultSettings.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 11f08b2bb5..6ce9a66974 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -5027,6 +5027,9 @@ $wgBlockDisablesLogin = false;
  * @note Also that this will only protect _pages in the wiki_. Uploaded files
  * will remain readable. You can use img_auth.php to protect uploaded files,
  * see https://www.mediawiki.org/wiki/Manual:Image_Authorization
+ *
+ * @note Extensions should not modify this, but use the TitleReadWhitelist
+ * hook instead.
  */
 $wgWhitelistRead = false;
 
-- 
2.20.1