From adbffbbe135238341d96e542ebacf5b868335497 Mon Sep 17 00:00:00 2001 From: csteipp Date: Tue, 12 Nov 2013 16:13:11 -0800 Subject: [PATCH] SECURITY: Don't cache when a call could autocreate Fixes for action=raw (used when sites include other site's javascript), and stashed images. Bug: 53032 Change-Id: I8f915f6a4756f750c74d9ee9bec58f7ba6c0c827 --- includes/actions/RawAction.php | 3 +++ includes/specials/SpecialUploadStash.php | 2 ++ 2 files changed, 5 insertions(+) diff --git a/includes/actions/RawAction.php b/includes/actions/RawAction.php index 174ca3f..199dddf 100644 --- a/includes/actions/RawAction.php +++ b/includes/actions/RawAction.php @@ -92,6 +92,9 @@ class RawAction extends FormlessAction { # Output may contain user-specific data; # vary generated content for open sessions on private wikis $privateCache = !$wgGroupPermissions['*']['read'] && ( $smaxage == 0 || session_id() != '' ); + // Bug 53032 - make this private if user is logged in, + // so we don't accidentally cache cookies + $privateCache = $privateCache ?: $this->getUser()->isLoggedIn(); # allow the client to cache this for 24 hours $mode = $privateCache ? 'private' : 'public'; $response->header( 'Cache-Control: ' . $mode . ', s-maxage=' . $smaxage . ', max-age=' . $maxage ); diff --git a/includes/specials/SpecialUploadStash.php b/includes/specials/SpecialUploadStash.php index 1a00d73..0fdf42b 100644 --- a/includes/specials/SpecialUploadStash.php +++ b/includes/specials/SpecialUploadStash.php @@ -298,6 +298,8 @@ class SpecialUploadStash extends UnlistedSpecialPage { header( "Content-Type: $contentType", true ); header( 'Content-Transfer-Encoding: binary', true ); header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT', true ); + // Bug 53032 - It shouldn't be a problem here, but let's be safe and not cache + header( 'Cache-Control: private' ); header( "Content-Length: $size", true ); } -- 1.8.1.4