From 230acfcbc4a0dac7d9f496698ca6ca13109a2b73 Mon Sep 17 00:00:00 2001 From: csteipp Date: Tue, 12 Nov 2013 16:27:37 -0800 Subject: [PATCH] SECURITY: Don't cache when a call could autocreate Fixes for action=raw (used when sites include other site's javascript), and stashed images. Bug: 53032 Change-Id: I8f915f6a4756f750c74d9ee9bec58f7ba6c0c827 --- includes/actions/RawAction.php | 5 +++++ includes/specials/SpecialUploadStash.php | 2 ++ 2 files changed, 7 insertions(+) diff --git a/includes/actions/RawAction.php b/includes/actions/RawAction.php index e4c6b3e..f3b7204 100644 --- a/includes/actions/RawAction.php +++ b/includes/actions/RawAction.php @@ -79,6 +79,11 @@ class RawAction extends FormlessAction { # Output may contain user-specific data; # vary generated content for open sessions on private wikis $privateCache = !$wgGroupPermissions['*']['read'] && ( $smaxage == 0 || session_id() != '' ); + // Bug 53032 - make this private if user is logged in, + // so we don't accidentally cache cookies + if ( !$privateCache ) { + $privateCache = $this->getUser()->isLoggedIn(); + } # allow the client to cache this for 24 hours $mode = $privateCache ? 'private' : 'public'; $response->header( 'Cache-Control: ' . $mode . ', s-maxage=' . $smaxage . ', max-age=' . $maxage ); diff --git a/includes/specials/SpecialUploadStash.php b/includes/specials/SpecialUploadStash.php index 121b6a4..4c1f5ff 100644 --- a/includes/specials/SpecialUploadStash.php +++ b/includes/specials/SpecialUploadStash.php @@ -279,6 +279,8 @@ class SpecialUploadStash extends UnlistedSpecialPage { header( "Content-Type: $contentType", true ); header( 'Content-Transfer-Encoding: binary', true ); header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT', true ); + // Bug 53032 - It shouldn't be a problem here, but let's be safe and not cache + header( 'Cache-Control: private' ); header( "Content-Length: $size", true ); } -- 1.8.1.4