Difference between revisions of "MediaWiki/Parser50"
From Nick Jenkins
m (as CURL command line test.) |
m (+ variant that does not require successful login) |
||
Line 23: | Line 23: | ||
curl --silent --include --cookie 'wikidb_session=1' -F 'wpName'='SOME_VALID_USERNAME' -F 'wpPassword'='SOME_VALID_PASSWORD' \ | curl --silent --include --cookie 'wikidb_session=1' -F 'wpName'='SOME_VALID_USERNAME' -F 'wpPassword'='SOME_VALID_PASSWORD' \ | ||
'192.168.0.64/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto=<' | '192.168.0.64/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto=<' | ||
+ | </pre> | ||
+ | |||
+ | Also seems to be reproducible without having to login: | ||
+ | <pre> | ||
+ | curl --silent --include \ | ||
+ | --cookie 'enwiki_session=1'\ | ||
+ | -F 'wpCookieCheck'=\ | ||
+ | -F 'returnto'='|'\ | ||
+ | 'en.wikipedia.org/w/index.php/Special:Userlogin' | ||
</pre> | </pre> |
Revision as of 05:21, 20 June 2006
URL:
http://en.wikipedia.org/w/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto="><a href="ownage
Alternate URL on a test wiki (replace IP address with appropriate details):
http://192.168.0.64/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto="><a href="ownage
Then login.
Output on a wiki showing errors:
Fatal error: Call to a member function escapeFullURL() on a non-object in /var/www/hosts/mediawiki/phase3/includes/OutputPage.php on line 921
Output on the wikipedia: Blank page (errors are being logged).
This test as a curl command line:
curl --silent --include --cookie 'wikidb_session=1' -F 'wpName'='SOME_VALID_USERNAME' -F 'wpPassword'='SOME_VALID_PASSWORD' \ '192.168.0.64/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto=<'
Also seems to be reproducible without having to login:
curl --silent --include \ --cookie 'enwiki_session=1'\ -F 'wpCookieCheck'=\ -F 'returnto'='|'\ 'en.wikipedia.org/w/index.php/Special:Userlogin'