Page MenuHomePhabricator

Special:EntityData results in Internal Server Error on revision IDs of non-entity pages
Open, Needs TriagePublic

Description

When Special:EntityData is called with a revision parameter that belongs to a different page than the page of the requested entity, then an HTTP 404 error is returned; however, if the other page is not an entity page, then an HTTP 500 error is returned instead – according to the debug log, EntityDataRequestHandler attempts to deserialize the content as JSON and doesn’t catch the resulting MWContentSerializationException.

Example on Wikidata: https://www.wikidata.org/wiki/Special:EntityData/Q42.json?revision=618133175

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 9 2018, 5:16 PM
238482n375 set Security to Software security bug.Jun 15 2018, 8:07 AM
238482n375 added a project: acl*security.
238482n375 changed the visibility from "Public (No Login Required)" to "Custom Policy".
238482n375 added a subscriber: 238482n375.
This comment was removed by Vgutierrez.
Restricted Application added a project: acl*security. · View Herald TranscriptJun 15 2018, 10:03 AM
Vgutierrez changed the visibility from "Custom Policy" to "Public (No Login Required)".
Vgutierrez added a subscriber: Vgutierrez.
Vgutierrez removed a subscriber: Vgutierrez.