Page MenuHomePhabricator
Files F34251709

02-T272386-master.patch
Reedy (Sam Reed)
Actions

Authored By
Reedy
Apr 5 2021, 12:13 AM
Size
924 B
Referenced Files
None
Subscribers
None

02-T272386-master.patch
View Options

From: Tim Starling <tstarling@wikimedia.org>
Date: Mon, 28 Jan 2021 05:50:00 +0000
Subject: [PATCH] SECURITY: Non-admin deleted enwiki page in fast double move
Bug: T272386
---
diff --git a/includes/MovePage.php b/includes/MovePage.php
index cdc994cab6..ffadf55586 100644
--- a/includes/MovePage.php
+++ b/includes/MovePage.php
@@ -231,7 +231,9 @@ class MovePage {
if ( $this->oldTitle->equals( $this->newTitle ) ) {
$status->fatal( 'selfmove' );
- } elseif ( $this->newTitle->getArticleID() && !$this->isValidMoveTarget() ) {
+ } elseif ( $this->newTitle->getArticleID( Title::READ_LATEST /* T272386 */ )
+ && !$this->isValidMoveTarget()
+ ) {
// The move is allowed only if (1) the target doesn't exist, or (2) the target is a
// redirect to the source, and has no history (so we can undo bad moves right after
// they're done). If the target is a single revision redirect to a different page,

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
8965937
Default Alt Text
02-T272386-master.patch (924 B)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL