As mentioned in this security change and T339016#8984703, Special:NewEntitySchema currently produces an uncaught internal error if the EntitySchema creation is blocked by an AbuseFilter:
According to the commit message, other edit scenarios also don’t show any details about the failed AbuseFilter, though at least they don’t crash completely. It would be nice to fix that too, though that might not be part of this task.
Error
- mwversion: 1.43.0-wmf.6
- reqId: 51fd6757-25d4-4afb-ae2c-5b887f7ec062
- Find reqId in Logstash
[{reqId}] {exception_url} RuntimeException: This action has been automatically identified as harmful, and therefore disallowed. If you believe your action was constructive, please inform an administrator of what you were trying to do. A brief descriptio
from /srv/mediawiki/php-1.43.0-wmf.6/extensions/EntitySchema/src/DataAccess/MediaWikiRevisionEntitySchemaInserter.php(124) #0 /srv/mediawiki/php-1.43.0-wmf.6/extensions/EntitySchema/src/DataAccess/MediaWikiRevisionEntitySchemaInserter.php(100): EntitySchema\DataAccess\MediaWikiRevisionEntitySchemaInserter->saveRevision(MediaWiki\Storage\PageUpdater, EntitySchema\MediaWiki\Content\EntitySchemaContent, MediaWiki\CommentStore\CommentStoreComment) #1 /srv/mediawiki/php-1.43.0-wmf.6/extensions/EntitySchema/src/MediaWiki/Specials/NewEntitySchema.php(119): EntitySchema\DataAccess\MediaWikiRevisionEntitySchemaInserter->insertSchema(string, string, string, array, string) #2 [internal function]: EntitySchema\MediaWiki\Specials\NewEntitySchema->submitCallback(array, MediaWiki\HTMLForm\OOUIHTMLForm) #3 /srv/mediawiki/php-1.43.0-wmf.6/includes/htmlform/HTMLForm.php(792): call_user_func(array, array, MediaWiki\HTMLForm\OOUIHTMLForm) #4 /srv/mediawiki/php-1.43.0-wmf.6/includes/htmlform/HTMLForm.php(673): MediaWiki\HTMLForm\HTMLForm->trySubmit() #5 /srv/mediawiki/php-1.43.0-wmf.6/extensions/EntitySchema/src/MediaWiki/Specials/NewEntitySchema.php(84): MediaWiki\HTMLForm\HTMLForm->tryAuthorizedSubmit() #6 /srv/mediawiki/php-1.43.0-wmf.6/includes/specialpage/SpecialPage.php(719): EntitySchema\MediaWiki\Specials\NewEntitySchema->execute(NULL) #7 /srv/mediawiki/php-1.43.0-wmf.6/includes/specialpage/SpecialPageFactory.php(1680): MediaWiki\SpecialPage\SpecialPage->run(NULL) #8 /srv/mediawiki/php-1.43.0-wmf.6/includes/actions/ActionEntryPoint.php(502): MediaWiki\SpecialPage\SpecialPageFactory->executePath(string, MediaWiki\Context\RequestContext) #9 /srv/mediawiki/php-1.43.0-wmf.6/includes/actions/ActionEntryPoint.php(145): MediaWiki\Actions\ActionEntryPoint->performRequest() #10 /srv/mediawiki/php-1.43.0-wmf.6/includes/MediaWikiEntryPoint.php(200): MediaWiki\Actions\ActionEntryPoint->execute() #11 /srv/mediawiki/php-1.43.0-wmf.6/index.php(58): MediaWiki\MediaWikiEntryPoint->run() #12 /srv/mediawiki/w/index.php(3): require(string) #13 {main}
Impact
While the edit is correctly blocked, users don’t see any useful information with the error. (Also, if the AbuseFilter is set to “warn”, that probably doesn’t work properly, since the user doesn’t get a chance to retry their edit.) Also, minor logspam (volume depends on how often users try to do the blocked activity).