Steps to replicate
- Install the ReportIncident extension
- Create a new account and make an edit using this account
- Open a user talk page
- Click on the "Report" link in the "Tools" menu
- Click through to the second step of the dialog
- Enter form data, but enter a username that does not exist
- Open DevTools and click on the 'Network' tab
- Click on submit until you see the error 429 (should take no more than 6 times in a standard configuration and no more than 1 time for a new user account). The errors seen before the 429 should have the error code 404.
What happens?:
The API request response has the status code 429, even though no reports were submitted in the previous request (as the form data failed validation).
What should have happened instead?:
All form validation should occur before the rate limit is increased, so that the rate limit should only be increased when a user submits a valid report that is emailed to the administrators.
Therefore, after 6 attempts to submit there should be no error with a code of 429.
Software version
MediaWiki 1.42.0-alpha (72f7b7a) 12:57, 18 October 2023. ReportIncident – (404454b) 13:13, 19 October 2023.
Other information
Example in Firefox DevTools: