Page MenuHomePhabricator
Files F3328788

version 3.1 of put a splash page before redirecting to ext interwiki
No One
Actions

Authored By
Bawolff
Feb 9 2016, 11:38 PM
Size
13 KB
Referenced Files
None
Subscribers
None

version 3.1 of put a splash page before redirecting to ext interwiki
View Options

From 23e39ce9aaf29392bc0dd8dbe724246d6af7dfdf Mon Sep 17 00:00:00 2001
From: Brian Wolff <bawolff+wn@gmail.com>
Date: Sun, 7 Feb 2016 08:07:20 -0500
Subject: [PATCH] Do not directly redirect to interwikis, but use splash page
Directly redirecting based on a url paramter might potentially
be used in a phishing attack to confuse users.
Bug: T109140
Bug: T122209
Change-Id: I6c604439320fa876719933cc7f3a3ff04fb1a6ad
---
autoload.php | 1 +
includes/OutputPage.php | 4 +-
includes/Title.php | 27 ++++++++++
includes/specialpage/RedirectSpecialPage.php | 2 +-
includes/specialpage/SpecialPageFactory.php | 1 +
includes/specials/SpecialChangeEmail.php | 2 +-
includes/specials/SpecialChangePassword.php | 2 +-
includes/specials/SpecialGoToInterwiki.php | 79 ++++++++++++++++++++++++++++
includes/specials/SpecialPageLanguage.php | 2 +-
includes/specials/SpecialPreferences.php | 2 +-
includes/specials/SpecialSearch.php | 2 +-
includes/specials/SpecialUserlogin.php | 2 +-
languages/i18n/en.json | 5 +-
languages/i18n/qqq.json | 5 +-
languages/messages/MessagesEn.php | 1 +
15 files changed, 127 insertions(+), 10 deletions(-)
create mode 100644 includes/specials/SpecialGoToInterwiki.php
diff --git a/autoload.php b/autoload.php
index 8720186..bed236a 100644
--- a/autoload.php
+++ b/autoload.php
@@ -1171,6 +1171,7 @@ $wgAutoloadLocalClasses = array(
'SpecialExpandTemplates' => __DIR__ . '/includes/specials/SpecialExpandTemplates.php',
'SpecialExport' => __DIR__ . '/includes/specials/SpecialExport.php',
'SpecialFilepath' => __DIR__ . '/includes/specials/SpecialFilepath.php',
+ 'SpecialGoToInterwiki' => __DIR__ . '/includes/specials/SpecialGoToInterwiki.php',
'SpecialImport' => __DIR__ . '/includes/specials/SpecialImport.php',
'SpecialJavaScriptTest' => __DIR__ . '/includes/specials/SpecialJavaScriptTest.php',
'SpecialListAdmins' => __DIR__ . '/includes/specials/SpecialListusers.php',
diff --git a/includes/OutputPage.php b/includes/OutputPage.php
index 97165b4..dcf835c 100644
--- a/includes/OutputPage.php
+++ b/includes/OutputPage.php
@@ -2628,7 +2628,9 @@ class OutputPage extends ContextSource {
} else {
$titleObj = Title::newFromText( $returnto );
}
- if ( !is_object( $titleObj ) ) {
+ // We don't want people to return to external interwiki. That
+ // might potentially be used as part of a phishing scheme
+ if ( !is_object( $titleObj ) || $titleObj->isExternal() ) {
$titleObj = Title::newMainPage();
}
diff --git a/includes/Title.php b/includes/Title.php
index 882b7dd..d600343 100644
--- a/includes/Title.php
+++ b/includes/Title.php
@@ -1692,6 +1692,33 @@ class Title {
}
/**
+ * Get a url appropriate for making redirects based on an untrusted url arg
+ *
+ * This is basically the same as getFullUrl(), but in the case of external
+ * interwikis, we send the user to a landing page, to prevent possible
+ * phishing attacks and the like.
+ *
+ * @note Uses current protocol by default, since technically relative urls
+ * aren't allowed in redirects per HTTP spec, so this is not suitable for
+ * places where the url gets cached, as might pollute between
+ * https and non-https users.
+ * @see self::getLocalURL for the arguments.
+ * @param array|string $query
+ * @param string $proto Protocol type to use in URL
+ * @return String. A url suitable to use in an HTTP location header.
+ */
+ public function getFullUrlForRedirect( $query = '', $proto = PROTO_CURRENT ) {
+ $target = $this;
+ if ( $this->isExternal() ) {
+ $target = SpecialPage::getTitleFor(
+ 'GoToInterwiki',
+ $this->getPrefixedDBKey()
+ );
+ }
+ return $target->getFullUrl( $query, false, $proto );
+ }
+
+ /**
* Get a URL with no fragment or server name (relative URL) from a Title object.
* If this page is generated with action=render, however,
* $wgServer is prepended to make an absolute URL.
diff --git a/includes/specialpage/RedirectSpecialPage.php b/includes/specialpage/RedirectSpecialPage.php
index 5047354..1d0a653 100644
--- a/includes/specialpage/RedirectSpecialPage.php
+++ b/includes/specialpage/RedirectSpecialPage.php
@@ -41,7 +41,7 @@ abstract class RedirectSpecialPage extends UnlistedSpecialPage {
$query = $this->getRedirectQuery();
// Redirect to a page title with possible query parameters
if ( $redirect instanceof Title ) {
- $url = $redirect->getFullURL( $query );
+ $url = $redirect->getFullUrlForRedirect( $query );
$this->getOutput()->redirect( $url );
return $redirect;
diff --git a/includes/specialpage/SpecialPageFactory.php b/includes/specialpage/SpecialPageFactory.php
index 3babafd..53832b9 100644
--- a/includes/specialpage/SpecialPageFactory.php
+++ b/includes/specialpage/SpecialPageFactory.php
@@ -135,6 +135,7 @@ class SpecialPageFactory {
'RandomInCategory' => 'SpecialRandomInCategory',
'Randomredirect' => 'SpecialRandomredirect',
'Randomrootpage' => 'SpecialRandomrootpage',
+ 'GoToInterwiki' => 'SpecialGoToInterwiki',
// High use pages
'Mostlinkedcategories' => 'MostlinkedCategoriesPage',
diff --git a/includes/specials/SpecialChangeEmail.php b/includes/specials/SpecialChangeEmail.php
index 989bae9..7c89aa0 100644
--- a/includes/specials/SpecialChangeEmail.php
+++ b/includes/specials/SpecialChangeEmail.php
@@ -146,7 +146,7 @@ class SpecialChangeEmail extends FormSpecialPage {
$query = $request->getVal( 'returntoquery' );
if ( $this->status->value === true ) {
- $this->getOutput()->redirect( $titleObj->getFullURL( $query ) );
+ $this->getOutput()->redirect( $titleObj->getFullUrlForRedirect( $query ) );
} elseif ( $this->status->value === 'eauth' ) {
# Notify user that a confirmation email has been sent...
$this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>",
diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php
index 8656798..bf7f328 100644
--- a/includes/specials/SpecialChangePassword.php
+++ b/includes/specials/SpecialChangePassword.php
@@ -192,7 +192,7 @@ class SpecialChangePassword extends FormSpecialPage {
$titleObj = Title::newMainPage();
}
$query = $request->getVal( 'returntoquery' );
- $this->getOutput()->redirect( $titleObj->getFullURL( $query ) );
+ $this->getOutput()->redirect( $titleObj->getFullUrlForRedirect( $query ) );
return true;
}
diff --git a/includes/specials/SpecialGoToInterwiki.php b/includes/specials/SpecialGoToInterwiki.php
new file mode 100644
index 0000000..809a14a
--- /dev/null
+++ b/includes/specials/SpecialGoToInterwiki.php
@@ -0,0 +1,79 @@
+<?php
+/**
+ * Implements Special:GoToInterwiki
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+/**
+ * Landing page for non-local interwiki links.
+ *
+ * Meant to warn people that the site they're visiting
+ * is not the local wiki (In case of phishing tricks).
+ * Only meant to be used for things that directly
+ * redirect from url (e.g. Special:Search/google:foo )
+ * Not meant for general interwiki linking (e.g.
+ * [[google:foo]] should still directly link)
+ *
+ * @ingroup SpecialPage
+ */
+class SpecialGoToInterwiki extends UnlistedSpecialPage {
+ public function __construct( $name = 'GoToInterwiki' ) {
+ parent::__construct( $name );
+ }
+
+ public function execute( $par ) {
+ $this->setHeaders();
+ $target = Title::newFromText( $par );
+ // Disallow special pages as a precaution against
+ // possible redirect loops.
+ if ( !$target || $target->isSpecialPage() ) {
+ $this->getOutput()->setStatusCode( 404 );
+ $this->getOutput()->addWikiMsg( 'gotointerwiki-invalid' );
+ return;
+ }
+
+ $url = $target->getFullURL();
+ if ( !$target->isExternal() || $target->isLocal() ) {
+ // Either a normal page, or a local interwiki.
+ // just redirect.
+ $this->getOutput()->redirect( $url, '301' );
+ } else {
+ $this->getOutput()->addWikiMsg(
+ 'gotointerwiki-external',
+ $url,
+ $target->getFullText()
+ );
+ }
+ }
+
+ /**
+ * @return bool
+ */
+ public function requiresWrite() {
+ return false;
+ }
+
+ /**
+ * @return String
+ */
+ protected function getGroupName() {
+ return 'redirects';
+ }
+}
diff --git a/includes/specials/SpecialPageLanguage.php b/includes/specials/SpecialPageLanguage.php
index 69a9d48..8ba2524 100644
--- a/includes/specials/SpecialPageLanguage.php
+++ b/includes/specials/SpecialPageLanguage.php
@@ -142,7 +142,7 @@ class SpecialPageLanguage extends FormSpecialPage {
);
// Url to redirect to after the operation
- $this->goToUrl = $title->getFullURL();
+ $this->goToUrl = $title->getFullUrlForRedirect();
// Check if user wants to use default language
if ( $data['selectoptions'] == 1 ) {
diff --git a/includes/specials/SpecialPreferences.php b/includes/specials/SpecialPreferences.php
index 965a36e..960738e 100644
--- a/includes/specials/SpecialPreferences.php
+++ b/includes/specials/SpecialPreferences.php
@@ -143,7 +143,7 @@ class SpecialPreferences extends SpecialPage {
// Set session data for the success message
$this->getRequest()->setSessionData( 'specialPreferencesSaveSuccess', 1 );
- $url = $this->getPageTitle()->getFullURL();
+ $url = $this->getPageTitle()->getFullUrlForRedirect();
$this->getOutput()->redirect( $url );
return true;
diff --git a/includes/specials/SpecialSearch.php b/includes/specials/SpecialSearch.php
index 8809900..89e3733 100644
--- a/includes/specials/SpecialSearch.php
+++ b/includes/specials/SpecialSearch.php
@@ -205,7 +205,7 @@ class SpecialSearch extends SpecialPage {
$title = SearchEngine::getNearMatch( $term );
if ( !is_null( $title ) ) {
- $this->getOutput()->redirect( $title->getFullURL() );
+ $this->getOutput()->redirect( $title->getFullUrlForRedirect() );
return;
}
diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index 62e200e..a4d5ff5 100644
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -1330,7 +1330,7 @@ class LoginForm extends SpecialPage {
}
if ( $type == 'successredirect' ) {
- $redirectUrl = $returnToTitle->getFullURL( $returnToQuery, false, $proto );
+ $redirectUrl = $returnToTitle->getFullUrlForRedirect( $returnToQuery, $proto );
$this->getOutput()->redirect( $redirectUrl );
} else {
$this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery, null, $options );
diff --git a/languages/i18n/en.json b/languages/i18n/en.json
index cb9f7c4..c0d0e24 100644
--- a/languages/i18n/en.json
+++ b/languages/i18n/en.json
@@ -3957,5 +3957,8 @@
"mw-widgets-titleinput-description-new-page": "page does not exist yet",
"mw-widgets-titleinput-description-redirect": "redirect to $1",
"api-error-blacklisted": "Please choose a different, descriptive title.",
- "randomrootpage": "Random root page"
+ "randomrootpage": "Random root page",
+ "gotointerwiki": "Leaving {{SITENAME}}",
+ "gotointerwiki-invalid": "The specified title was invalid.",
+ "gotointerwiki-external": "You are about to leave {{SITENAME}} to visit [[$2]] which is a separate website.\n\n[$1 Click here to continue on to $1]."
}
diff --git a/languages/i18n/qqq.json b/languages/i18n/qqq.json
index 388ec67..81d5c4b 100644
--- a/languages/i18n/qqq.json
+++ b/languages/i18n/qqq.json
@@ -4132,5 +4132,8 @@
"mw-widgets-titleinput-description-new-page": "Description label for a new page in the title input widget.",
"mw-widgets-titleinput-description-redirect": "Description label for a redirect in the title input widget.",
"api-error-blacklisted": "Used as error message.\n\nFollowed by the link {{msg-mw|Mwe-upwiz-feedback-blacklist-info-prompt}}.",
- "randomrootpage": "{{doc-special|RandomRootPage}}"
+ "randomrootpage": "{{doc-special|RandomRootPage}}",
+ "gotointerwiki": "{{doc-special|GoToInterwiki}}\n\nSpecial:GoToInterwiki is a warning page displayed before redirecting users to external interwiki links. Its triggered by people going to something like [[Special:Search/google:foo]].",
+ "gotointerwiki-invalid": "Message shown on Special:GoToInterwiki if given an invalid title.",
+ "gotointerwiki-external": "Message shown on Special:GoToInterwiki if given a external interwiki link (e.g. [[Special:GoToInterwiki/Google:Foo]]). $1 is the full url the user is trying to get to. $2 is the text of the interwiki link (e.g.\ "Google:foo\")."
}
diff --git a/languages/messages/MessagesEn.php b/languages/messages/MessagesEn.php
index 8fa13c6..fff8ee3 100644
--- a/languages/messages/MessagesEn.php
+++ b/languages/messages/MessagesEn.php
@@ -416,6 +416,7 @@ $specialPageAliases = array(
'Fewestrevisions' => array( 'FewestRevisions' ),
'FileDuplicateSearch' => array( 'FileDuplicateSearch' ),
'Filepath' => array( 'FilePath' ),
+ 'GoToInterwiki' => array( 'GoToInterwiki' ),
'Import' => array( 'Import' ),
'Invalidateemail' => array( 'InvalidateEmail' ),
'JavaScriptTest' => array( 'JavaScriptTest' ),
--
2.0.1

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3335929
Default Alt Text
version 3.1 of put a splash page before redirecting to ext interwiki (13 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits