Page MenuHomePhabricator
Create Task
Maniphest T406415

Incorrect link to XTools GC in GlobalContributions interface message
Closed, ResolvedPublicBUG REPORT
Actions

Description

Currently, there's this message at the top of Special:GlobalContributions/127.0.0.1/32:

<p>Search <a class="external text" href="https://guc.toolforge.org/?user=127.0.0.1%2F32">GUC</a> or <a rel="nofollow" class="external text" href="https://xtools.wmcloud.org/globalcontribs/ipr-127.0.0.1%2F32">XTools GC</a> to view <a class="external text" href="https://www.mediawiki.org/wiki/Special:MyLanguage/Trust_and_Safety_Product/Temporary_Accounts/FAQ#Legacy_IP_edits">legacy IP edits</a>.
</p>

The XTools link doesn't work as-is since the IP range is URL-escaped. It shouldn't be.

Fixing this is simple enough, but does the CheckUser extension need to be fixed, or is it XTools' fault for not accepting such a query?

Related Objects

Event Timeline

NguoiDungKhongDinhDanh created this task.Oct 4 2025, 5:25 PM
Restricted Application added a project: Product Safety and Integrity. · View Herald TranscriptOct 4 2025, 5:25 PM
Agamyasamuel subscribed.Oct 4 2025, 5:32 PM
A_smart_kitten subscribed.Oct 5 2025, 2:31 AM

Judging by the QA screenshots at T385942#10672840 (& the end of my Gerrit comment here), it seems like this sort of URL may have used to work on the XTools side of things?

Alien333 added subscribers: MusikAnimal, Alien333.Oct 5 2025, 6:56 AM

(From the XTools side) The regexes that define routes for ip ranges haven't changed in years, so I can't exactly tell you why escaped urls don't work anymore.
One possibility: we have this summer deployed Anubis to fight the bot traffic (T400229); during which work our routing setup has changed a bit, which could perhaps have changed our behaviour regarding escaped characters. (@MusikAnimal probably knows more about this.)
As far as I can see, this link should be changed in the CheckUser extension.

A_smart_kitten added a project: WikimediaMessages.Oct 5 2025, 12:08 PM

I imagine it hopefully wouldn't be too hard to update the WikimediaMessages string that links to XTools, but (from a dead-link-prevention & Cool URI perspective) IMO it'd be nice for the currently-used URL to be able to work again if possible :)
(I say this without knowing the internals of XTools' setup, though, and how complex restoring the functionality for this type of URL might be)

As a potential point of interest — it might be worth noting that the link in the task description goes to a generic Apache 404 page, rather than the XTools-specific 404 page that's returned (e.g.) here.

OKryva-WMF moved this task from Inbox to Triaged (backlog) on the Product Safety and Integrity board.Oct 9 2025, 2:47 PM
MusikAnimal closed this task as Resolved.EditedOct 13 2025, 7:27 AM
MusikAnimal claimed this task.

I am terribly sorry for the delayed response!

In T406415#11243999, @Alien333 wrote:


One possibility: we have this summer deployed Anubis to fight the bot traffic (T400229); during which work our routing setup has changed a bit, which could perhaps have changed our behaviour regarding escaped characters. (@MusikAnimal probably knows more about this.)

You'd be right! Indeed, this was due to an Apache misconfiguration when I rebuilt the VMs for the Anubis deployment (T400229). I have fixed this and have updated the docs accordingly.

Note XTools also accepts query strings, but will redirect i.e. https://xtools.wmcloud.org/globalcontribs?username=127.0.0.1%2F32/globalcontribs/ipr-127.0.0.1/32

A technical explanation, for the curious:

  • GUC takes its arguments from a query string. Forward-slashes (/) for a value passed in must always be percent-encoded here.
  • XTools generates its links (with few exceptions) with arguments styled like REST API paths, where forward slashes (/) are the delimiter between arguments
  • Namespace support came first, then we added proper IP range support (T279041), which confused both Apache and the XTools router because of routes ending with /{user_or_ip_range}/{namespace}. I.e. is 127.0.0.1/32 the IP followed by the namespace ID, or just an IP range? (32 being an invalid MW Core namespace ID is incidental, we can't assume that)
  • For Apache, we needed the AllowEncodedSlashes directive, in XTools, we added the ipr- prefix to distinguish IP ranges from namespace path arguments

Again, my apologies for the inconvenience :(

MusikAnimal moved this task from Backlog to Complete on the XTools board.Oct 20 2025, 9:52 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits