From 008517c80d4c391551e63bbbdcb67a8d8e838108 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bartosz=20Dziewo=C5=84ski?= <matma.rex@gmail.com>
Date: Mon, 7 Nov 2016 20:10:21 +0100
Subject: [PATCH] SECURITY: SpecialWatchlist: Check CSRF token when using "Mark
 all pages visited"

Bug: T150044
Change-Id: I7f75cab4ceb4a2c320af210fad15956b70c29661
---
 includes/specials/SpecialWatchlist.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/includes/specials/SpecialWatchlist.php b/includes/specials/SpecialWatchlist.php
index b20d857..995f514 100644
--- a/includes/specials/SpecialWatchlist.php
+++ b/includes/specials/SpecialWatchlist.php
@@ -69,6 +69,7 @@ class SpecialWatchlist extends ChangesListSpecialPage {
 		if ( ( $wgEnotifWatchlist || $wgShowUpdatedMarker )
 			&& $request->getVal( 'reset' )
 			&& $request->wasPosted()
+			&& $user->matchEditToken( $request->getVal( 'token' ) )
 		) {
 			$user->clearAllNotifications();
 			$output->redirect( $this->getPageTitle()->getFullURL( $opts->getChangedValues() ) );
@@ -496,6 +497,7 @@ class SpecialWatchlist extends ChangesListSpecialPage {
 				'action' => $this->getPageTitle()->getLocalURL(),
 				'id' => 'mw-watchlist-resetbutton' ) ) . "\n" .
 			Xml::submitButton( $this->msg( 'enotif_reset' )->text(), array( 'name' => 'dummy' ) ) . "\n" .
+			Html::hidden( 'token', $user->getEditToken() ) . "\n" .
 			Html::hidden( 'reset', 'all' ) . "\n";
 			foreach ( $nondefaults as $key => $value ) {
 				$form .= Html::hidden( $key, $value ) . "\n";
-- 
2.10.1 (Apple Git-78)