Cascade protection and file redirects
Closed, ResolvedPublic

Description

If page [[A]] has a file link to [[File:foo]] and [[File:foo]] is a redirect to [[File:Bar]] Bar is not protected when [[A]] is cascade protected. Thus it opens a exploit to vandals to attack important pages if/when they end up using file redirects instead of direct links.


Version: 1.22.0
Severity: normal

bzimport set Reference to bz23542.
Betacommand created this task.Via LegacyMay 16 2010, 3:00 AM
duplicatebug added a comment.Via ConduitJan 23 2011, 7:27 PM

A transclusion over redirect is also stored under the target template in the templatelinks table.

This is not happen for files, so there is no entry in the imagelinks table and the cascade protection cannot work.

Betacommand added a comment.Via ConduitJun 13 2013, 5:13 PM

Poke, this is still a exploitable vulnerability that needs fixed.

Bawolff added a comment.Via ConduitJun 13 2013, 11:35 PM

I'll look into this

gerritbot added a comment.Via ConduitJan 6 2014, 9:30 PM

Change 105830 had a related patch set uploaded by Anomie:
Make imagelinks work like templatelinks

https://gerrit.wikimedia.org/r/105830

gerritbot added a comment.Via ConduitJan 7 2014, 11:17 PM

Change 105830 merged by jenkins-bot:
Make imagelinks work like templatelinks

https://gerrit.wikimedia.org/r/105830

Anomie added a comment.Via ConduitJan 8 2014, 4:47 PM

Should be deployed to WMF wikis with 1.23wmf10, see https://www.mediawiki.org/wiki/MediaWiki_1.23/Roadmap for the schedule.

This will, of course, depend on those pages linking to the redirect having a LinksUpdate job run (e.g. they need to be edited, or purged with forcelinkupdate, or the file redirect could be purged with forcerecursivelinkupdate).

Add Comment

Column Prototype
This is a very early prototype of a persistent column. It is not expected to work yet, and leaving it open will activate other new features which will break things. Press "\" (backslash) on your keyboard to close it now.