Page MenuHomePhabricator
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Jul 18 2023

Ckujau awarded T24660: Display the categories on the mobile site for everyone a Like token.
Jul 18 2023, 9:20 AMCommunity-Wishlist-Survey-2023, Web-Team-Backlog, Advanced Mobile Contributions, Mobile, Regression, Wikimedia-Israel-Hackers, MobileFrontend, Design

May 9 2023

Ckujau awarded T284397: Unhandled Exception ("RuntimeException"): Undefined offset: 5 when trying to access T16235 a Like token.
May 9 2023, 2:14 PMPhabricator (Upstream), Upstream

Jun 6 2021

Ckujau created T284397: Unhandled Exception ("RuntimeException"): Undefined offset: 5 when trying to access T16235.
Jun 6 2021, 1:12 PMPhabricator (Upstream), Upstream

Jan 30 2020

Ckujau added a comment to T228544: Nessus Scan Revealed High Finding.

OK, understood. Thanks for clearing that up! 馃憤

Jan 30 2020, 8:29 PMSecurity, Performance-Team (Radar), MediaWiki-ResourceLoader, MediaWiki-Action-API, Vuln-Inject, Security-Team
Ckujau added a comment to T228544: Nessus Scan Revealed High Finding.

While I understand that there's no SQL query executed here, is it really harmless to have Mediawiki echo everything back that is passed in the URL? In a Mediawiki 1.34.0 installation I get:

Jan 30 2020, 12:32 PMSecurity, Performance-Team (Radar), MediaWiki-ResourceLoader, MediaWiki-Action-API, Vuln-Inject, Security-Team

Aug 10 2016

Ckujau added a comment to T78159: Fix superfluous Warning: is_executable(): open_basedir restriction in effect in /includes/GlobalFunctions.php on line 2809.

IMHO adding /bin/bash to open_basedir should not be recommended. This directive is often used to explicitly limit file system access for PHP. Allowing PHP to call a system shell doesn't sound like a good idea to me. (MW 1.26 here, the warning is logged 3 times for each picture upload, but no UI errors - only includes/limit.sh is never called, of course.)

Aug 10 2016, 6:24 AMMediaWiki-General

Jun 9 2016

Ckujau added a watcher for MediaWiki-extensions-Lockdown: Ckujau.
Jun 9 2016, 3:31 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct.Wikimedia FoundationPrivacy PolicyCode of ConductTerms of UseDisclaimerCC-BY-SAGPL