Page MenuHomePhabricator
Files F3133738

T122056.patch
Unicornisaurous (Unicornisaurous)
Actions

Authored By
Unicornisaurous
Dec 22 2015, 2:28 AM
Size
1 KB
Referenced Files
None
Subscribers
None

T122056.patch
View Options

From 0f9b2988e5e2be12858d2429f20c2044797f30d7 Mon Sep 17 00:00:00 2001
From: Andrew H <crazy4sb@gmail.com>
Date: Mon, 21 Dec 2015 21:16:01 +0000
Subject: [PATCH] SECURITY: Remove tokens from session when the user logs out
Bug: T122056
Change-Id: Ica0519d18171feeb359bbbe59c37b38e16cbdafd
---
includes/user/User.php | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/includes/user/User.php b/includes/user/User.php
index fed9664..92a1dff 100644
--- a/includes/user/User.php
+++ b/includes/user/User.php
@@ -3656,6 +3656,7 @@ class User implements IDBAccessObject {
$this->clearInstanceCache( 'defaults' );
$this->getRequest()->setSessionData( 'wsUserID', 0 );
+ $this->getRequest()->setSessionData( 'wsEditToken', '' );
$this->clearCookie( 'UserID' );
$this->clearCookie( 'Token' );
@@ -4129,7 +4130,7 @@ class User implements IDBAccessObject {
return self::EDIT_TOKEN_SUFFIX;
} else {
$token = $request->getSessionData( 'wsEditToken' );
- if ( $token === null ) {
+ if ( $token === null || strlen( $token ) === 0 ) {
$token = MWCryptRand::generateHex( 32 );
$request->setSessionData( 'wsEditToken', $token );
}
--
1.9.1

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3142244
Default Alt Text
T122056.patch (1 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL