Page MenuHomePhabricator
Create Task
Maniphest T155087

Security review for NamespaceRelations
Closed, DeclinedPublic
Actions

Description

Extension written per the approved RfC https://www.mediawiki.org/wiki/Requests_for_comment/Custom_inter-namespace_tabs#Use-cases , this is the only step left AFAICS.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Some code clarificationsmediawiki/extensions/NamespaceRelationsmaster+28 -17
Some style changesmediawiki/extensions/NamespaceRelationsmaster+100 -43
Remove wfProfile* callsmediawiki/extensions/NamespaceRelationsmaster+0 -8
Customize query in gerrit

Related Objects
Search...

Event Timeline

Nemo_bis created this task.Jan 11 2017, 11:35 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 11 2017, 11:35 AM
Nemo_bis added a parent task: T47666: Deployment review of NamespaceRelations for Wikinews and Wiktionary.Jan 11 2017, 11:36 AM
dpatrick subscribed.Feb 22 2017, 7:03 PM

Hi @Nemo_bis, could you update the description of this ticket and add the information requested at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_reviews#Requesting_a_review? Thanks!

dpatrick mentioned this in E505: Security review of NamespaceRelations.Feb 22 2017, 7:36 PM
dpatrick moved this task from Incoming to Scheduled on the deprecated-security-team-reviews board.
Nemo_bis updated the task description. (Show Details)Feb 23 2017, 1:36 PM
In T155087#3047619, @dpatrick wrote:

Hi @Nemo_bis, could you update the description of this ticket and add the information requested at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_reviews#Requesting_a_review? Thanks!

Done, I believe.

Reedy subscribed.Mar 7 2017, 2:43 PM

If this is intended for WMF deployment...

Non security stuff:

  • nsrels-desc in english doesn't make much sense. Allows who? Namespace tabs where?
  • Mixed leading whitespace in NamespaceRelations_body.php
  • Needs converting to extension registration before deployment; no new extensions should be deployed using PHP entry points
  • Various profiling calls on functions that really don't need them
  • Underscores from variable names prefixes should be removed
Bawolff moved this task from Scheduled to Waiting on the deprecated-security-team-reviews board.Mar 12 2017, 5:04 PM
Bawolff subscribed.

Review of 00f527cadfbf (Mon Oct 24, 2016). Overall looks good from a security perspective. My only major concern is potential incompatibility with any other extension which adds a namespace tab. There are some minor coding convention things that need to be fixed. The code is a tad dense, and could perhaps benefit from splitting into finer grained functions and having more comments.

In addition to what Reedy said above

Security (minor)

  • "NamespaceRelations_body.php" line 83 - The user can read test should be done against the target page of the tab, not the current page. Also since quickUserCan may return the wrong answer in certain circumstances, the extension should document that it may leak if other tabs exist if the wiki is using extensions that do expensive read checks.
  • "NamespaceRelations_body.php" line 63 - Should probably preg_escape $data['customTarget'] here.

Other (major)

  • It overwrites all tabs, including those from other extensions. I don't think we want it to overwrite namespace tabs defined by other extensions.

Other (minor)

  • "NamespaceRelations_body.php" line 175 - if ( ( $tabs['subject']['title']->isMainPage() && $this->getNamespace( $key, 'inMainPage' ) && $this->getNamespace( $key, 'hideTalk' ) ) || $this->getNamespace( $key, 'hideTalk' ) - The first clause of the OR doesn't make sense since it will never be true when the second clause is false. This if statement should be simplified or possibly corrected.
  • Add extension.json (Would also require moving the hook to be a static function of NamespaceRelations instead of a lambda function)
  • Kill wfProfileIn()/Out() - These aren't used anymore.
  • Some of the lines are a little on the long side, should probably be broken up.
  • Tests would be nice. (Even just broad ones verifying that customTarget matches things correctly)
  • [Multiple places] - Should probably use Title::makeTitleSafe instead of Title::makeTitle and maybe not show the tab, or rather show an error in the event of an invalid title (For example, with a customTarget of $1/doc, if the user goes to a page that's 254 bytes long, should it really link to the invalid title?). Or maybe it makes sense to only error when the user clicks on the tab as is the current behaviour; I'm not sure.
  • "NamespaceRelations_body.php" line 99 - Its kind of odd that there is no line saying $subjectOptions = []; but there is a line unset()'ing it. Normally we declare arrays to be arrays first, but don't worry about calling unset() as we let the garbage collector clean it up once it falls out of scope (ditto for $talkOptions)
MZMcBride subscribed.Mar 12 2017, 5:30 PM
gerritbot subscribed.Jun 2 2017, 4:25 PM

Change 356863 had a related patch set uploaded (by Nemo bis; owner: Federico Leva):
[mediawiki/extensions/NamespaceRelations@master] Some style changes

https://gerrit.wikimedia.org/r/356863

gerritbot added a project: Patch-For-Review.Jun 2 2017, 4:25 PM
gerritbot added a comment.Jun 2 2017, 4:28 PM

Change 356864 had a related patch set uploaded (by Nemo bis; owner: Federico Leva):
[mediawiki/extensions/NamespaceRelations@master] Remove wfProfile* calls

https://gerrit.wikimedia.org/r/356864

gerritbot added a comment.Jun 2 2017, 4:42 PM

Change 356864 merged by jenkins-bot:
[mediawiki/extensions/NamespaceRelations@master] Remove wfProfile* calls

https://gerrit.wikimedia.org/r/356864

gerritbot added a comment.Jun 2 2017, 4:48 PM

Change 356868 had a related patch set uploaded (by Nemo bis; owner: Federico Leva):
[mediawiki/extensions/NamespaceRelations@master] Some code clarifications

https://gerrit.wikimedia.org/r/356868

gerritbot added a comment.Jun 27 2017, 12:24 PM

Change 356863 merged by jenkins-bot:
[mediawiki/extensions/NamespaceRelations@master] Some style changes

https://gerrit.wikimedia.org/r/356863

Paladox subscribed.Feb 18 2018, 3:48 AM

Bump any more work needed on this?

Paladox unsubscribed.Feb 18 2018, 3:48 AM
Aklapper triaged this task as Lowest priority.May 11 2018, 1:42 PM
chasemp moved this task from Waiting to Incoming on the deprecated-security-team-reviews board.Dec 17 2018, 6:38 PM
charlotteportero closed this task as Declined.Jan 7 2019, 6:32 PM
charlotteportero subscribed.

No apparent interest in this, if future interest a new task will need to be created.

Nemo_bis reopened this task as Open.Jan 14 2019, 12:37 PM

Inaccurate rationale for closure.

sbassett moved this task from Incoming to Frozen on the deprecated-security-team-reviews board.Jan 14 2019, 3:54 PM
Reedy removed a project: Patch-For-Review.Jan 14 2019, 6:39 PM
Jdforrester-WMF closed this task as Declined.Jan 14 2019, 6:43 PM
Jdforrester-WMF subscribed.

No sponsoring interest in this from a Wikimedia Foundation team who would have to support it.

Aklapper added a comment.Jan 14 2019, 8:39 PM

Hmm. My main concern is that https://www.mediawiki.org/wiki/Extension:NamespaceRelations states that it is unmaintained.

Nemo_bis reopened this task as Open.Jan 15 2019, 10:06 AM

There are open patches connected to this task.

No sponsoring interest in this from a Wikimedia Foundation team who would have to support it.

That might be a reason to ask a new review or to decline the parent task about deployment, but this is still being worked on.

Bawolff added a comment.Jan 15 2019, 3:37 PM
In T155087#4876952, @Nemo_bis wrote:

Inaccurate rationale for closure.

To be clear, are you saying you (or people you know) are interested in doing any remaining work required to get this into production?

Aklapper closed this task as Declined.Jan 21 2019, 12:59 AM

Declining as of T47666#4084295. Feel free to reopen once there is an active maintainer (who then could hopefully merge any open patches).

sbassett moved this task from Frozen to Done on the deprecated-security-team-reviews board.Apr 24 2019, 6:05 PM
chasemp removed a project: deprecated-security-team-reviews.Jan 8 2020, 4:19 PM
gerritbot added a comment.Nov 9 2020, 2:11 PM

Change 356868 abandoned by Thiemo Kreuz (WMDE):
[mediawiki/extensions/NamespaceRelations@master] Some code clarifications

Reason:
This is so old, it can not be applied any more anyway. The linked ticket got declined.

https://gerrit.wikimedia.org/r/356868

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits