CheckUser records XFF: 0 on PostgreSQL
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	saper
	Jun 15 2012, 12:42 AM

Description

+++ This bug was initially created as a clone of Bug #37612 +++

Sample result from the test wiki:

(diff) (hist) . . N Test . . 01:44 . . Saper (Talk | contribs | block) (test)

IP: 2001:6a0:200:121::2/128   XFF: 0   Mozilla/5.0 (X11; FreeBSD amd64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11

on MySQL:

(różn.) (hist.) . . N Test . . 02:24 . . Saper (dyskusja | edycje | zablokuj) (cu test)

IP: 2001:6A0:200:121:0:0:0:2   Mozilla/5.0 (X11; FreeBSD amd64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11

"XFF: 0" starts to appear after May 7th trunk (edits made on May 7th and earlier have no XFF, edits made on June 14th and later have "XFF: 0").

Not only edits are affected, log entries are affected as well.

Version: unspecified
Severity: normal

Details

Reference: bz37613

	Subject	Repo	Branch	Lines +/-
	Ensure that on unprovided XFF header the DB stores nothing	mediawiki/extensions/CheckUser	master	+13 -10

Customize query in gerrit

Related Objects
Search...

View Standalone Graph

This task is connected to more than 200 other tasks. Only direct parents and subtasks are shown here. Use View Standalone Graph to show more of the graph.

Status	Assigned	Task
		· · ·
Invalid	None	T2384 [REPLACED BY TAG] PostgreSQL/pgsql support (tracking)
Resolved	Dreamy_Jazz	T39613 CheckUser records XFF: 0 on PostgreSQL
		· · ·

Event Timeline

• bzimport raised the priority of this task from to Medium.Nov 22 2014, 12:25 AM

• bzimport added a project: CheckUser.

• bzimport set Reference to bz37613.

• bzimport added a subscriber: Unknown Object (MLST).

saper created this task.Jun 15 2012, 12:42 AM

MarcoAurelio mentioned this in T139810: RFC: Overhaul the CheckUser extension.Jul 23 2016, 1:26 PM

MarcoAurelio added a project: Stewards-and-global-tools.Jul 23 2016, 1:43 PM

MarcoAurelio removed a subscriber: • wikibugs-l-list.

Restricted Application added a subscriber: JEumerus. · View Herald TranscriptJul 23 2016, 1:43 PM

Peachey88 removed a project: Stewards-and-global-tools.Jul 24 2016, 2:51 AM

Peachey88 subscribed.

Liuxinyu970226 subscribed.Jul 27 2016, 3:26 AM

Migrating from the old tracking task to a tag for PostgreSQL-related tasks.

Meno25 unsubscribed.Nov 4 2016, 7:19 AM

I can confirm that this is still happening on the most up to date version using docker.

Writing a patch for this. I think this happens because the "false" result from getHeader( 'X-Forwarded-For' ) is converted to a zero somewhere along the line. If there is no XFF header, just replace it with an empty string which is the same as no header. This also seems to happen with sqlite, but it was fixed when I did this. Not tested with postgresql.

Change 791808 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Ensure that on unprovided XFF header the DB stores nothing

https://gerrit.wikimedia.org/r/791808

gerritbot added a project: Patch-For-Review.May 15 2022, 9:07 PM

Dreamy_Jazz moved this task from General / Unsorted to Patches for review on the CheckUser board.May 15 2022, 9:13 PM

Dreamy_Jazz moved this task from Patches for review to General / Unsorted on the CheckUser board.May 26 2022, 2:18 PM

Change 791808 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Ensure that on unprovided XFF header the DB stores nothing

https://gerrit.wikimedia.org/r/791808

ReleaseTaggerBot added a project: MW-1.39-notes (1.39.0-wmf.16; 2022-06-13).Jun 10 2022, 12:00 AM

Legoktm closed this task as Resolved.Jun 10 2022, 12:11 AM

Maintenance_bot removed a project: Patch-For-Review.Jun 10 2022, 12:31 AM