Page MenuHomePhabricator
Create Task
Maniphest T120043

Recent edits / vandalism from 127.0.0.1
Closed, ResolvedPublic
Actions

Description

https://en.wikipedia.org/w/index.php?title=Death_of_a_Salesman&diff=prev&oldid=693351212
https://es.wikipedia.org/w/index.php?title=Kristen_Stewart&diff=prev&oldid=87475169

Related Objects

Event Timeline

Slakr created this task.Dec 2 2015, 12:44 AM
Slakr raised the priority of this task from to Needs Triage.
Slakr updated the task description. (Show Details)
Slakr added a project: SRE.
Slakr added subscribers: Slakr, MZMcBride.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptDec 2 2015, 12:44 AM
ori triaged this task as Unbreak Now! priority.Dec 2 2015, 12:45 AM
ori set Security to None.
ori added subscribers: ori, BBlack.

Likely rOPUP2f3d2e92d231: tlsproxy: settable upstream IP, defaulting to 127.0.0.1.

MZMcBride added a comment.Dec 2 2015, 12:46 AM

Given the timing, this is probably related to https://gerrit.wikimedia.org/r/256366.

Krenair renamed this task from Recent edits / vandalism from 127.0.0.1 on enwiki to Recent edits / vandalism from 127.0.0.1.Dec 2 2015, 12:47 AM
Krenair updated the task description. (Show Details)
Krenair subscribed.

The timing makes this seem related to <grrrit-wm> (CR) BBlack: [C: 2] tlsproxy: settable upstream IP, defaulting to 127.0.0.1 [puppet] - https://gerrit.wikimedia.org/r/256366 (owner: BBlack)

jrbs subscribed.Dec 2 2015, 12:49 AM
He7d3r subscribed.Dec 2 2015, 12:50 AM

Also seen on ptwiki: https://pt.wikipedia.org/wiki/Special:Contribs/127.0.0.1

Peachey88 subscribed.Dec 2 2015, 12:51 AM
BBlack added a comment.Dec 2 2015, 12:51 AM

Yes, it's related and revert is in progress, we don't need further confirmation reports

ori closed this task as Resolved.Dec 2 2015, 12:51 AM
ori claimed this task.

Reverted in 5f6512ac9850d1.

MZMcBride added a comment.Dec 2 2015, 6:14 AM

Has a task been filed about the bug in MediaWiki?

<bblack> there's a bug in mediawiki somewhere
<bblack> this probably all goes back to TrustedXFF and related code
<bblack> it probably "trusts" our local networks and rewinds through them in the XFF list to reach the "real" client IP, but doesn't consider 127.0.0.1 to be part of our local network for those purposes, so it stops there and calls that the client IP
<bblack> (my change was to switch one of our internal forwarding proxies from using a local server's own IP to using 127.0.0.1 to reach the same, which replaced a WMF IP with 127.0.0.1 in the midst of the XFF list)
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL