T287542: API action=parse&prop=headhtml leaking user tokens and other private info in cross-origin requests (again)
From cpt
| Phabricator Link | T287542 |
|---|---|
| Status | resolved |
| Priority | Needs Triage (violet) |
| Points | |
| Phabricator Task Created | 2021/07/27 07:53 PM |
| Wiki Page Created | 2021/08/10 04:28 PM |
| Phabricator Task Last Modified | 2021/08/12 11:10 AM |
| Wiki Page Last Updated | 2021/08/12 12:28 PM |
| Phabricator Task Closed | 2021/08/10 02:31 PM |
| Authored By | suffusion_of_yellow (Suffusion of Yellow) |
| Assigned To | Legoktm (Legoktm) |
| Projects |
|
| Platform Engineering Initiative Column | |
| Platform Team Workboards Column | |
| Subtasks | |
| Parent Tasks |
Column Transitions: (Added project: ⇑, Removed project: ⇓,Entered column: ⇒, Exited column: ⇐)
| Project | Column | Date |
|---|---|---|
| ⇑ Security | 27 July 2021 | |
| ⇑ Security-Team | 27 July 2021 | |
| ⇑ MediaWiki-API | 27 July 2021 | |
| ⇑ Vuln-CSRF | 27 July 2021 | |
| ⇑ Vuln-Infoleak | 27 July 2021 | |
| ⇑ Regression | 27 July 2021 | |
| ⇑ Platform Engineering | 29 July 2021 | |
| Security-Team | ⇐ Incoming | 29 July 2021 |
| Security-Team | ⇒ Watching | 29 July 2021 |
| ⇑ SecTeam-Processed | 29 July 2021 | |
| Security-Team | ⇐ Watching | 6 August 2021 |
| Security-Team | ⇒ Incoming | 6 August 2021 |
| Security-Team | ⇐ Incoming | 12 August 2021 |
| Security-Team | ⇒ Our Part Is Done | 12 August 2021 |
