Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F22260739
T197279.patch
No One
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Bawolff
Jun 15 2018, 8:26 AM
2018-06-15 08:26:31 (UTC+0)
Size
1 KB
Referenced Files
None
Subscribers
None
T197279.patch
View Options
From 990bb6be9ae5fe5c301363dbe661efb896b92b64 Mon Sep 17 00:00:00 2001
From: Brian Wolff <bawolff+wn@gmail.com>
Date: Fri, 15 Jun 2018 08:19:49 +0000
Subject: [PATCH] SECURITY: Fix reauth in Special:ChangeEmail
Previously you could bypass reauthentication by directly
POSTing to Special:ChangeEmail.
Bug: T197279
Change-Id: I674557351e0e91a8105c12ddf6cd30283aac9f7a
---
includes/specials/SpecialChangeEmail.php | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/includes/specials/SpecialChangeEmail.php b/includes/specials/SpecialChangeEmail.php
index c514300..cd720eb 100644
--- a/includes/specials/SpecialChangeEmail.php
+++ b/includes/specials/SpecialChangeEmail.php
@@ -54,14 +54,16 @@ class SpecialChangeEmail extends FormSpecialPage {
* @param string $par
*/
function execute( $par ) {
- $this->checkLoginSecurityLevel();
-
$out = $this->getOutput();
$out->disallowUserJs();
parent::execute( $par );
}
+ protected function getLoginSecurityLevel() {
+ return $this->getName();
+ }
+
protected function checkExecutePermissions( User $user ) {
if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
--
2.8.1
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
6025486
Default Alt Text
T197279.patch (1 KB)
Attached To
Mode
T197279: Direct POST to Special:ChangeEmail will bypass reauth check
Attached
Detach File
Event Timeline
Log In to Comment