Page MenuHomePhabricator
Create Task
Maniphest T264476

SecurePollContentHandler::getActionOverrides results in broken links
Open, MediumPublic
Actions

Description

Currently, SecurePollContentHandler::getActionOverrides overrides ContentHandler::getActionOverrides to disable a number of actions for secure poll pages:

public function getActionOverrides() {
	// Disable write actions
	return [
		'delete' => false,
		'edit' => false,
		'info' => false,
		'protect' => false,
		'revert' => false,
		'rollback' => false,
		'submit' => false,
		'unprotect' => false,
	];
}

This results in attempting to perform any of those actions triggering nosuchactiontext, eg https://vote.wikimedia.org/w/index.php?title=SecurePoll:349&action=edit

Why exactly is info a write action?

More importantly, the display at https://vote.wikimedia.org/wiki/SecurePoll:349 includes links to View source and Page information, but neither of those links works - instead showing the viewer the error.

If the actions are not available, the links to them should also be hidden.

Related Objects

Event Timeline

DannyS712 created this task.Oct 2 2020, 9:14 PM
Restricted Application added projects: User-DannyS712, Platform Engineering. · View Herald TranscriptOct 2 2020, 9:14 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
DannyS712 moved this task from Unsorted to Reports on the User-DannyS712 board.Oct 2 2020, 9:14 PM
BPirkle triaged this task as Medium priority.Oct 6 2020, 8:55 PM
BPirkle edited projects, added Platform Team Workboards (Clinic Duty Team); removed Platform Engineering.
BPirkle moved this task from Inbox to Later on the Platform Team Workboards (Clinic Duty Team) board.
DannyS712 mentioned this in T268799: Make Special:EditPage/Special:Random/SecurePoll Valid on Test Wikipedia.Nov 26 2020, 3:15 AM
WhiteWalnut17 subscribed.Nov 26 2020, 3:19 AM

If the edit, info, etc. actions aren't made valid, then the controls for those pages should be removed. The view source button shouldn't even be there if such an action is false.

jrbs moved this task from Backlog to Evaluated on the MediaWiki-extensions-SecurePoll board.Sep 23 2022, 10:34 PM
jrbs subscribed.Jan 10 2023, 3:35 PM

Evaluation:

Should be easy

Novem_Linguae subscribed.May 31 2024, 8:53 PM

How do I visit a page like your example https://vote.wikimedia.org/wiki/SecurePoll:349 on a localhost wiki? I tried http://localhost:8080/w/index.php?title=SecurePoll:1 . I would expect those two URLs to be normal wiki pages and not special pages controlled by SecurePoll, so I think I am missing something.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits