Page MenuHomePhabricator
Create Task
Maniphest T255620

SecurityError: The operation is insecure. mediawiki.action.view.redirect.js
Closed, ResolvedPublic
Actions

Description

On https://m.mediawiki.org/wiki/Special:MyLanguage/Help:Contents?debug=true I see the exception: "SecurityError: The operation is insecure. mediawiki.action.view.redirect.js"

This appears to relate to the line:

history.replaceState( /* data= */ history.state, /* title= */ document.title, /* url= */ canonical );

The value of mw.config.get( 'wgInternalRedirectTargetUrl' ) on mobile is "//www.mediawiki.org/w/index.php?title=Help:Contents&debug=true"

Either the redirect code needs to take into account the mobile demain or the internal redirect target url should be a relative link.

Details

SubjectRepoBranchLines +/-
Fix redirects using Special:MyLanguage etc. when using a mobile domainmediawiki/coremaster+1 -1
Customize query in gerrit

Related Objects
Search...

Event Timeline

Jdlrobson created this task.Jun 16 2020, 9:18 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 16 2020, 9:18 PM
thcipriani moved this task from Untriaged to Jun 2020 on the Wikimedia-production-error board.Jun 17 2020, 6:53 PM
thcipriani moved this task from Jun 2020 to Untriaged on the Wikimedia-production-error board.
thcipriani moved this task from Untriaged to Jun 2020 on the Wikimedia-production-error board.
thcipriani subscribed.

@Jdlrobson can I add a team tag to this? If so...who :)?

Jdlrobson added a parent task: T156847: Core should be aware of the domain it is running on and render mobile domains where necessary.Jun 17 2020, 8:27 PM

@thcipriani not sure at this point. It's not clear what team supports that redirect code. I'm not sure if there is a quick fix to this or this requires some focus from core platform team. That said the error is happening at low frequency.

thcipriani added a comment.Jun 17 2020, 8:30 PM
In T255620#6233221, @Jdlrobson wrote:

@thcipriani not sure at this point. It's not clear what team supports that redirect code. I'm not sure if there is a quick fix to this or this requires some focus from core platform team. That said the error is happening at low frequency.

Ack. Thank you for filing the task.

matmarex subscribed.Jun 17 2020, 9:44 PM

Oh, I wrote some of this code when I was a wee lad ;)

gerritbot added a comment.Jun 17 2020, 9:44 PM

Change 606276 had a related patch set uploaded (by Bartosz Dziewoński; owner: Bartosz Dziewoński):
[mediawiki/core@master] Fix redirects using Special:MyLanguage etc. when using a mobile domain

https://gerrit.wikimedia.org/r/606276

gerritbot added a project: Patch-For-Review.Jun 17 2020, 9:44 PM
gerritbot added a comment.Jun 18 2020, 12:16 AM

Change 606276 merged by jenkins-bot:
[mediawiki/core@master] Fix redirects using Special:MyLanguage etc. when using a mobile domain

https://gerrit.wikimedia.org/r/606276

matmarex closed this task as Resolved.Jun 18 2020, 12:47 AM
matmarex claimed this task.
ReleaseTaggerBot added a project: MW-1.35-notes (1.35.0-wmf.38; 2020-06-23).Jun 18 2020, 1:00 AM
Maintenance_bot removed a project: Patch-For-Review.Jun 18 2020, 1:10 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL