Mailing List Archive

Issue with VisualEditor on MediaWiki 1.35
Hello,

Apologies in advance if this has been discussed. I have just subscribed to this list.

A number of users have complained about VisualEditor not working out-of-the-box for MW 1.35.0 (even on fresh install). [1][2][3]

Is this a known issue (i.e. actually a bug)? And has a solution been shared yet?

Sorry if this is the wrong place. It just seems (to me) like it is not accepted as an actual bug yet, despite a number of feedbacks. Feel free to reply to the onsite pages.

[1] https://phabricator.wikimedia.org/T263928
[2] https://www.mediawiki.org/wiki/Extension_talk:VisualEditor
[3] https://www.mediawiki.org/wiki/Project:Support_desk



Yours truly,

Rehman<https://en.wikipedia.org/wiki/User:Rehman>

________________________________
From: MediaWiki-announce <mediawiki-announce-bounces@lists.wikimedia.org> on behalf of Sam Reed <reedy@wikimedia.org>
Sent: 25 September 2020 21:49
To: MediaWiki announcements and site admin list <mediawiki-l@lists.wikimedia.org>; mediawiki-announce@lists.wikimedia.org <mediawiki-announce@lists.wikimedia.org>; wikitech-l@lists.wikimedia.org <wikitech-l@lists.wikimedia.org>
Subject: [MediaWiki-announce] Announcing MediaWiki 1.35.0

I am happy to announce the belated availability of the general release of
MediaWiki 1.35!

Tarballs have already been uploaded, and the git tag has been pushed.

Thanks to everyone who helped out with this release, especially thanks to
those who tested out the release candidates and provided feedback, as well
as the developers who worked hard to get several important fixes merged in
time for the 1.35 final release. To see what's changed in 1.35, see the
release notes below.

Please note that the PHP version requirement has been raised from 7.2.9 in
MediaWiki 1.34 (and 7.0 in MediaWiki 1.31), to 7.3.19.

MediaWiki 1.35 is an LTS and is due to be supported until the end of
September 2023.

As a reminder, 1.31 is due to become end of life in June 2021. 1.34 is due
to become end of life in November 2020.

As per the pre-release announcement, 1.35.0 also includes some security
fixes that weren't in the release candidates, which came out yesterday for
the ther supported MediaWiki branches.

Known/outstanding issues:
* VisualEditor and Parsoid are now bundled in the tarball and no longer
need a separate Node.js service. The documentation for this still may still
require some updates. Please report any bugs [2] if this affects you.
* (T259685) Zeroconf (zero-configuration) VisualEditor/Parsoid doesn't work
using SQLite as the database backend for MediaWiki. This is due to the lack
of write concurrency in SQLite. If you wish to use this feature, it is
recommended to use MySQL/MariaDB rather than SQLite.
* Watchlist expiry (behind the $wgWatchlistExpiry flag) is currently still
experimental. It should become stable in a later point release. Please
report any issues/bugs [3].

== Security fixes ==
* (T232568, CVE-2020-25813) SECURITY: SpecialUserrights: If a viewer lacks
`hideuser`, ignore hidden users.
* (T255918, CVE-2020-25812) SECURITY: Unescaped message used in HTML on
Special:Contributions.
* (T256171, CVE-2020-25815) SECURITY: Unescaped message used in HTML within
LogEventsList.
* (T258763, CVE-2020-17367, CVE-2020-17368) SECURITY: Prevent invoking
firejail's --output functionality.
* (T86738, CVE-2020-25814) SECURITY: mediawiki.jqueryMsg: Sanitize URLs and
'style' attribute.
* (T115888, CVE-2020-25828) SECURITY: mediawiki.js: Escape HTML in
mw.message( ... ).parse().
* (T260485, CVE-2020-25869) SECURITY: ActorMigration: Load user from the
correct database.
* (T260485, CVE-2020-25869) SECURITY: ensure actor ID from correct wiki is
used.
* (T251661, CVE-2020-25827) SECURITY: TOTP throttle not enforced cross-wiki.

== Links to all mentioned tasks ==
* https://phabricator.wikimedia.org/T232568
* https://phabricator.wikimedia.org/T255918
* https://phabricator.wikimedia.org/T256171
* https://phabricator.wikimedia.org/T258763
* https://phabricator.wikimedia.org/T86738
* https://phabricator.wikimedia.org/T115888
* https://phabricator.wikimedia.org/T260485
* https://phabricator.wikimedia.org/T251661

=== Changes since MediaWiki 1.35.0-rc.3 ===
* (T261258) Remove checks for ancient ImageMagick versions in BitmapHandler.
* (T260232) Don't include null page ids in query list for category dumps.
* (T260009) Check existing watchitem when saving action=watch.
* (T259055) Correct success messages for action=watch.
* mediawiki.page.ready: Simpler tablesorter/makeCollapsible call.
* mediawiki.page.ready: Fix skin override config flags, wrong way round.
* (T262175, T248512) Remove requirement for ApiWatchlistTrait to be in
ApiBase.
* (T259053, T260434) Watchlist: Fix updateWatchLink removing css class when
action=watch.
* (T261901, T261476) mediawiki.notification: Don't close notif when
clicking <select> element.
* (T251506) Sanitizer: Truncate IDs to a reasonable length.
* (T259452) Parsoid updated to v0.12.0.
* (T261970) watch.ajax: Add expiry support to watchpage.mw event.
* (T262900) Fix failure of rebuildLocalisationCache.php due to
ResourceLoader hook.
* (T263014) Hard deprecate File::userCan() with $user=null.
* (T262547) Use localized success message after watching via action=watch.
* (T201491) Fix typo 'Watchlst' in `apihelp-edit-param-watchlistexpiry`.
* (T261081) Installer: consistently reset Language objects.
* (T250449, T250450) Installer: consistently reset Language objects.
* Explicitly wrap some XML calls in libxml_disable_entity_loader().
* (T262934) Ensure dropdown label is always on its own line.
* (T246855) resourceloader: Use a local HookRunner.
* (T263604) Have findBadBlobs.php require Maintenance.php rather than
cleanupTable.inc.
* (T263606) Set fake time, to avoid flaky tests.
* (T261325) Add FindMissingActors script.
* (T262364) shell: Don't blacklist /run/firejail.
* (T263655) NewPagesPager: Ignore nonexistent namespaces.
* Update specialPageAliases and magicWords for Egyptian Arabic (arz).
* (T261347) ParserOutput: don't throw on bad editsection.
* (T255918, CVE-2020-25812) SECURITY: Unescaped message used in HTML on
Special:Contributions.
* (T256171, CVE-2020-25815) SECURITY: Unescaped message used in HTML within
LogEventsList.
* (T258763, CVE-2020-17367, CVE-2020-17368) SECURITY: Prevent invoking
firejail's --output functionality.
* (T86738, CVE-2020-25814) SECURITY: mediawiki.jqueryMsg: Sanitize URLs and
'style' attribute.
* (T115888, CVE-2020-25828) SECURITY: mediawiki.js: Escape HTML in
mw.message( ... ).parse().
* (T260485, CVE-2020-25869) SECURITY: ActorMigration: Load user from the
correct database.
* (T260485, CVE-2020-25869) SECURITY: ensure actor ID from correct wiki is
used.
* Add Finnish special page aliases.
* Fix GuzzleHttpRequest request headers.
* Fix description for pruneFileCache.php.
* emptyUserGroup.php: handle more than 5000 users.
* Make ApiSandbox copyable URL absolute.
* (T261087) Add a link from a deleted page to that page's logs.

Open Bugs:
[1] https://phabricator.wikimedia.org/project/board/4035/

Bug report form:
[2]
https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?tags=MW-1.35-Release

[3]
https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?tags=MW-1.35-Release+expiring-watchlist-items

**********************************************************************
Download:
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.0.tar.gz

Download without bundled extensions:
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-core-1.35.0.tar.gz

Patch to previous version (1.35.0-rc.3):
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.0.patch.gz

GPG signatures:
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-core-1.35.0.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.0.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.0.patch.gz.sig

Public keys:
https://www.mediawiki.org/keys/keys.html

Release Notes
https://www.mediawiki.org/wiki/Release_notes/1.35
_______________________________________________
MediaWiki announcements mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
Re: Issue with VisualEditor on MediaWiki 1.35 [ In reply to ]
On 2020-10-14 13:56, Rehman Abubakr wrote:
>
> A number of users have complained about VisualEditor not working
> out-of-the-box for MW 1.35.0 (even on fresh install). [1][2][3]
>
> Is this a known issue (i.e. actually a bug)? And has a solution been
> shared yet?
>
> Sorry if this is the wrong place. It just seems (to me) like it is not
> accepted as an actual bug yet, despite a number of feedbacks. Feel free
> to reply to the onsite pages.

My impression has been that if you have the simplest possible setup,
then everything does work out-of-the-box.

But if you have configured any of many reasonable things (e.g. you have
some hardened security settings, or you're running multiple wikis, or
you have a caching proxy in front of your site), then you might also
need to configure VisualEditor with that in mind.

Unfortunately our documentation for configuring VisualEditor is lacking.
You could probably consider that a bug, even if most of the issues being
reported don't actually require any code changes on our side to fix.

--
Bartosz Dziewo?ski

_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Re: Issue with VisualEditor on MediaWiki 1.35 [ In reply to ]
Thanks for the reply.

I had purchased the domain/hosting purely to test MW before I do a demo for a company to install a private instance.

Hence, the setup is as basic as it could be. Nothing has been modified beyond the defaults.



Yours truly,

Rehman<https://en.wikipedia.org/wiki/User:Rehman>

________________________________
From: MediaWiki-l <mediawiki-l-bounces@lists.wikimedia.org> on behalf of Bartosz Dziewo?ski <matma.rex@gmail.com>
Sent: 14 October 2020 18:14
To: mediawiki-l@lists.wikimedia.org <mediawiki-l@lists.wikimedia.org>
Subject: Re: [MediaWiki-l] Issue with VisualEditor on MediaWiki 1.35

On 2020-10-14 13:56, Rehman Abubakr wrote:
>
> A number of users have complained about VisualEditor not working
> out-of-the-box for MW 1.35.0 (even on fresh install). [1][2][3]
>
> Is this a known issue (i.e. actually a bug)? And has a solution been
> shared yet?
>
> Sorry if this is the wrong place. It just seems (to me) like it is not
> accepted as an actual bug yet, despite a number of feedbacks. Feel free
> to reply to the onsite pages.

My impression has been that if you have the simplest possible setup,
then everything does work out-of-the-box.

But if you have configured any of many reasonable things (e.g. you have
some hardened security settings, or you're running multiple wikis, or
you have a caching proxy in front of your site), then you might also
need to configure VisualEditor with that in mind.

Unfortunately our documentation for configuring VisualEditor is lacking.
You could probably consider that a bug, even if most of the issues being
reported don't actually require any code changes on our side to fix.

--
Bartosz Dziewo?ski

_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Re: Issue with VisualEditor on MediaWiki 1.35 [ In reply to ]
For private instances, it won't work out of the box. You need to
manually configure your LocalSettings.php.

See
https://www.mediawiki.org/wiki/Extension:VisualEditor#Linking_with_Parsoid_in_private_wikis


-Subbu.


On 10/14/20 7:54 AM, Rehman Abubakr wrote:
> Thanks for the reply.
>
> I had purchased the domain/hosting purely to test MW before I do a
> demo for a company to install a private instance.
>
> Hence, the setup is as basic as it could be. Nothing has been modified
> beyond the defaults.
>
>
> Yours truly,
>
> *Rehman <https://en.wikipedia.org/wiki/User:Rehman>*
>
>
> ------------------------------------------------------------------------
> *From:* MediaWiki-l <mediawiki-l-bounces@lists.wikimedia.org> on
> behalf of Bartosz Dziewo?ski <matma.rex@gmail.com>
> *Sent:* 14 October 2020 18:14
> *To:* mediawiki-l@lists.wikimedia.org <mediawiki-l@lists.wikimedia.org>
> *Subject:* Re: [MediaWiki-l] Issue with VisualEditor on MediaWiki 1.35
> On 2020-10-14 13:56, Rehman Abubakr wrote:
> >
> > A number of users have complained about VisualEditor not working
> > out-of-the-box for MW 1.35.0 (even on fresh install). [1][2][3]
> >
> > Is this a known issue (i.e. actually a bug)? And has a solution been
> > shared yet?
> >
> > Sorry if this is the wrong place. It just seems (to me) like it is not
> > accepted as an actual bug yet, despite a number of feedbacks. Feel free
> > to reply to the onsite pages.
>
> My impression has been that if you have the simplest possible setup,
> then everything does work out-of-the-box.
>
> But if you have configured any of many reasonable things (e.g. you have
> some hardened security settings, or you're running multiple wikis, or
> you have a caching proxy in front of your site), then you might also
> need to configure VisualEditor with that in mind.
>
> Unfortunately our documentation for configuring VisualEditor is lacking.
> You could probably consider that a bug, even if most of the issues being
> reported don't actually require any code changes on our side to fix.
>
> --
> Bartosz Dziewo?ski
>
> _______________________________________________
> MediaWiki-l mailing list
> To unsubscribe, go to:
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
> _______________________________________________
> MediaWiki-l mailing list
> To unsubscribe, go to:
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Re: Issue with VisualEditor on MediaWiki 1.35 [ In reply to ]
Hi Subbu,

Thank you for replying.

I'm afraid the result is the same. I've first tried adding the blue bit, outcome was same. Then tried red bit, same. And then both, same.

$wgVirtualRestConfig['modules']['parsoid']['forwardCookies'] = true;


$PARSOID_INSTALL_DIR = 'vendor/wikimedia/parsoid'; # bundled copy
#$PARSOID_INSTALL_DIR = '/my/path/to/git/checkout/of/Parsoid';

// For developers: ensure Parsoid is executed from $PARSOID_INSTALL_DIR,
// (not the version included in mediawiki-core by default)
// Must occur *before* wfLoadExtension()
if ( $PARSOID_INSTALL_DIR !== 'vendor/wikimedia/parsoid' ) {
AutoLoader::$psr4Namespaces += [.
// Keep this in sync with the "autoload" clause in
// $PARSOID_INSTALL_DIR/composer.json
'Wikimedia\\Parsoid\\' => "$PARSOID_INSTALL_DIR/src",
];
}

wfLoadExtension( 'Parsoid', "$PARSOID_INSTALL_DIR/extension.json" );

# Manually configure Parsoid
$wgVisualEditorParsoidAutoConfig = false;
$wgParsoidSettings = [
'useSelser' => true,
'rtTestMode' => false,
'linting' => false,
];
$wgVirtualRestConfig['modules']['parsoid'] = [];

The blue code is from your link. And the red code is from the footnote link within your link.

For a basic freshly-installed private wiki, in order to use the bundled VisualEditor feature, what code do you suggest please?



Yours truly,

Rehman<https://en.wikipedia.org/wiki/User:Rehman>

________________________________
From: Subramanya Sastry <ssastry@wikimedia.org>
Sent: 15 October 2020 18:36
To: MediaWiki announcements and site admin list <mediawiki-l@lists.wikimedia.org>; Rehman Abubakr <rehman.wikimedia@live.com>
Subject: Re: [MediaWiki-l] Issue with VisualEditor on MediaWiki 1.35


For private instances, it won't work out of the box. You need to manually configure your LocalSettings.php.

See https://www.mediawiki.org/wiki/Extension:VisualEditor#Linking_with_Parsoid_in_private_wikis


-Subbu.


On 10/14/20 7:54 AM, Rehman Abubakr wrote:
Thanks for the reply.

I had purchased the domain/hosting purely to test MW before I do a demo for a company to install a private instance.

Hence, the setup is as basic as it could be. Nothing has been modified beyond the defaults.



Yours truly,

Rehman<https://en.wikipedia.org/wiki/User:Rehman>

________________________________
From: MediaWiki-l <mediawiki-l-bounces@lists.wikimedia.org><mailto:mediawiki-l-bounces@lists.wikimedia.org> on behalf of Bartosz Dziewo?ski <matma.rex@gmail.com><mailto:matma.rex@gmail.com>
Sent: 14 October 2020 18:14
To: mediawiki-l@lists.wikimedia.org<mailto:mediawiki-l@lists.wikimedia.org> <mediawiki-l@lists.wikimedia.org><mailto:mediawiki-l@lists.wikimedia.org>
Subject: Re: [MediaWiki-l] Issue with VisualEditor on MediaWiki 1.35

On 2020-10-14 13:56, Rehman Abubakr wrote:
>
> A number of users have complained about VisualEditor not working
> out-of-the-box for MW 1.35.0 (even on fresh install). [1][2][3]
>
> Is this a known issue (i.e. actually a bug)? And has a solution been
> shared yet?
>
> Sorry if this is the wrong place. It just seems (to me) like it is not
> accepted as an actual bug yet, despite a number of feedbacks. Feel free
> to reply to the onsite pages.

My impression has been that if you have the simplest possible setup,
then everything does work out-of-the-box.

But if you have configured any of many reasonable things (e.g. you have
some hardened security settings, or you're running multiple wikis, or
you have a caching proxy in front of your site), then you might also
need to configure VisualEditor with that in mind.

Unfortunately our documentation for configuring VisualEditor is lacking.
You could probably consider that a bug, even if most of the issues being
reported don't actually require any code changes on our side to fix.

--
Bartosz Dziewo?ski

_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l



_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Re: Issue with VisualEditor on MediaWiki 1.35 [ In reply to ]
It is also hard to say what is going on with your install without more
information or error messages.


Looking at https://www.mediawiki.org/wiki/Topic:Vv9zl5e9gre77rgq, it
looks like you are also on NameCheap and you might benefit from whatever
that other user has tried to get NameCheap to update some security
rules. So, let us start there on that Flow thread.


As Bartosz said earlier, our docs don't cover all these various
scenarios that users encounter and so most of the problems are related
to our missing documentation for these use cases. We are limited in our
ability to capture them all and support them all and do rely on users
helping each other out.


Anyway, let us move this conversation on the wiki talk page so we can
actually look at error messages.


Subbu.


On 10/15/20 8:37 AM, Rehman Abubakr wrote:
> Hi Subbu,
>
> Thank you for replying.
>
> I'm afraid the result is the same. I've first tried adding the blue
> bit, outcome was same. Then tried red bit, same. And then both, same.
>
> $wgVirtualRestConfig['modules']['parsoid']['forwardCookies'] = true;
>
>
> $PARSOID_INSTALL_DIR = 'vendor/wikimedia/parsoid'; # bundled copy
> #$PARSOID_INSTALL_DIR = '/my/path/to/git/checkout/of/Parsoid';
>
> // For developers: ensure Parsoid is executed from
> $PARSOID_INSTALL_DIR,
> // (not the version included in mediawiki-core by default)
> // Must occur *before* wfLoadExtension()
> if ( $PARSOID_INSTALL_DIR !== 'vendor/wikimedia/parsoid' ) {
> AutoLoader::$psr4Namespaces += [.
> ? ? ? ? // Keep this in sync with the "autoload" clause in
> ? ? ? ? // $PARSOID_INSTALL_DIR/composer.json
> 'Wikimedia\\Parsoid\\' => "$PARSOID_INSTALL_DIR/src",
> ? ? ];
> }
>
> wfLoadExtension( 'Parsoid', "$PARSOID_INSTALL_DIR/extension.json" );
>
> # Manually configure Parsoid
> $wgVisualEditorParsoidAutoConfig = false;
> $wgParsoidSettings = [.
> ? ? 'useSelser' => true,
> ? ? 'rtTestMode' => false,
> ? ? 'linting' => false,
> ];
> $wgVirtualRestConfig['modules']['parsoid'] = [];
>
>
> The blue code is from your link. And the red code is from the footnote
> link within your link.
>
> For a basic freshly-installed private wiki, in order to use the
> bundled VisualEditor feature, what code do you suggest please?
>
>
> Yours truly,
>
> *Rehman <https://en.wikipedia.org/wiki/User:Rehman>*
>
>
> ------------------------------------------------------------------------
> *From:* Subramanya Sastry <ssastry@wikimedia.org>
> *Sent:* 15 October 2020 18:36
> *To:* MediaWiki announcements and site admin list
> <mediawiki-l@lists.wikimedia.org>; Rehman Abubakr
> <rehman.wikimedia@live.com>
> *Subject:* Re: [MediaWiki-l] Issue with VisualEditor on MediaWiki 1.35
>
> For private instances, it won't work out of the box. You need to
> manually configure your LocalSettings.php.
>
> See
> https://www.mediawiki.org/wiki/Extension:VisualEditor#Linking_with_Parsoid_in_private_wikis
>
>
> -Subbu.
>
>
> On 10/14/20 7:54 AM, Rehman Abubakr wrote:
>> Thanks for the reply.
>>
>> I had purchased the domain/hosting purely to test MW before I do a
>> demo for a company to install a private instance.
>>
>> Hence, the setup is as basic as it could be. Nothing has been
>> modified beyond the defaults.
>>
>>
>> Yours truly,
>>
>> *Rehman <https://en.wikipedia.org/wiki/User:Rehman>*
>>
>>
>> ------------------------------------------------------------------------
>> *From:* MediaWiki-l <mediawiki-l-bounces@lists.wikimedia.org>
>> <mailto:mediawiki-l-bounces@lists.wikimedia.org> on behalf of Bartosz
>> Dziewo?ski <matma.rex@gmail.com> <mailto:matma.rex@gmail.com>
>> *Sent:* 14 October 2020 18:14
>> *To:* mediawiki-l@lists.wikimedia.org
>> <mailto:mediawiki-l@lists.wikimedia.org>
>> <mediawiki-l@lists.wikimedia.org>
>> <mailto:mediawiki-l@lists.wikimedia.org>
>> *Subject:* Re: [MediaWiki-l] Issue with VisualEditor on MediaWiki 1.35
>> On 2020-10-14 13:56, Rehman Abubakr wrote:
>> >
>> > A number of users have complained about VisualEditor not working
>> > out-of-the-box for MW 1.35.0 (even on fresh install). [1][2][3]
>> >
>> > Is this a known issue (i.e. actually a bug)? And has a solution been
>> > shared yet?
>> >
>> > Sorry if this is the wrong place. It just seems (to me) like it is not
>> > accepted as an actual bug yet, despite a number of feedbacks. Feel
>> free
>> > to reply to the onsite pages.
>>
>> My impression has been that if you have the simplest possible setup,
>> then everything does work out-of-the-box.
>>
>> But if you have configured any of many reasonable things (e.g. you have
>> some hardened security settings, or you're running multiple wikis, or
>> you have a caching proxy in front of your site), then you might also
>> need to configure VisualEditor with that in mind.
>>
>> Unfortunately our documentation for configuring VisualEditor is lacking.
>> You could probably consider that a bug, even if most of the issues being
>> reported don't actually require any code changes on our side to fix.
>>
>> --
>> Bartosz Dziewo?ski
>>
>> _______________________________________________
>> MediaWiki-l mailing list
>> To unsubscribe, go to:
>> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>>
>> _______________________________________________
>> MediaWiki-l mailing list
>> To unsubscribe, go to:
>> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Re: Issue with VisualEditor on MediaWiki 1.35 [ In reply to ]
Dear all,

Thank you for the replies, and all the off-list responses.

The issue is resolved. For me, the cause of the issue is explained at https://www.mediawiki.org/wiki/Topic:Vv9zl5e9gre77rgq

I suspect the other users who faced the same error in similar conditions, may also apply this solution to resolve the issue.

Hope this helps.



Yours truly,

Rehman<https://en.wikipedia.org/wiki/User:Rehman>

________________________________
From: MediaWiki-l <mediawiki-l-bounces@lists.wikimedia.org> on behalf of Rehman Abubakr <rehman.wikimedia@live.com>
Sent: 14 October 2020 17:26
To: MediaWiki announcements and site admin list <mediawiki-l@lists.wikimedia.org>
Subject: [MediaWiki-l] Issue with VisualEditor on MediaWiki 1.35

Hello,

Apologies in advance if this has been discussed. I have just subscribed to this list.

A number of users have complained about VisualEditor not working out-of-the-box for MW 1.35.0 (even on fresh install). [1][2][3]

Is this a known issue (i.e. actually a bug)? And has a solution been shared yet?

Sorry if this is the wrong place. It just seems (to me) like it is not accepted as an actual bug yet, despite a number of feedbacks. Feel free to reply to the onsite pages.

[1] https://phabricator.wikimedia.org/T263928
[2] https://www.mediawiki.org/wiki/Extension_talk:VisualEditor
[3] https://www.mediawiki.org/wiki/Project:Support_desk



Yours truly,

Rehman<https://en.wikipedia.org/wiki/User:Rehman>

________________________________
From: MediaWiki-announce <mediawiki-announce-bounces@lists.wikimedia.org> on behalf of Sam Reed <reedy@wikimedia.org>
Sent: 25 September 2020 21:49
To: MediaWiki announcements and site admin list <mediawiki-l@lists.wikimedia.org>; mediawiki-announce@lists.wikimedia.org <mediawiki-announce@lists.wikimedia.org>; wikitech-l@lists.wikimedia.org <wikitech-l@lists.wikimedia.org>
Subject: [MediaWiki-announce] Announcing MediaWiki 1.35.0

I am happy to announce the belated availability of the general release of
MediaWiki 1.35!

Tarballs have already been uploaded, and the git tag has been pushed.

Thanks to everyone who helped out with this release, especially thanks to
those who tested out the release candidates and provided feedback, as well
as the developers who worked hard to get several important fixes merged in
time for the 1.35 final release. To see what's changed in 1.35, see the
release notes below.

Please note that the PHP version requirement has been raised from 7.2.9 in
MediaWiki 1.34 (and 7.0 in MediaWiki 1.31), to 7.3.19.

MediaWiki 1.35 is an LTS and is due to be supported until the end of
September 2023.

As a reminder, 1.31 is due to become end of life in June 2021. 1.34 is due
to become end of life in November 2020.

As per the pre-release announcement, 1.35.0 also includes some security
fixes that weren't in the release candidates, which came out yesterday for
the ther supported MediaWiki branches.

Known/outstanding issues:
* VisualEditor and Parsoid are now bundled in the tarball and no longer
need a separate Node.js service. The documentation for this still may still
require some updates. Please report any bugs [2] if this affects you.
* (T259685) Zeroconf (zero-configuration) VisualEditor/Parsoid doesn't work
using SQLite as the database backend for MediaWiki. This is due to the lack
of write concurrency in SQLite. If you wish to use this feature, it is
recommended to use MySQL/MariaDB rather than SQLite.
* Watchlist expiry (behind the $wgWatchlistExpiry flag) is currently still
experimental. It should become stable in a later point release. Please
report any issues/bugs [3].

== Security fixes ==
* (T232568, CVE-2020-25813) SECURITY: SpecialUserrights: If a viewer lacks
`hideuser`, ignore hidden users.
* (T255918, CVE-2020-25812) SECURITY: Unescaped message used in HTML on
Special:Contributions.
* (T256171, CVE-2020-25815) SECURITY: Unescaped message used in HTML within
LogEventsList.
* (T258763, CVE-2020-17367, CVE-2020-17368) SECURITY: Prevent invoking
firejail's --output functionality.
* (T86738, CVE-2020-25814) SECURITY: mediawiki.jqueryMsg: Sanitize URLs and
'style' attribute.
* (T115888, CVE-2020-25828) SECURITY: mediawiki.js: Escape HTML in
mw.message( ... ).parse().
* (T260485, CVE-2020-25869) SECURITY: ActorMigration: Load user from the
correct database.
* (T260485, CVE-2020-25869) SECURITY: ensure actor ID from correct wiki is
used.
* (T251661, CVE-2020-25827) SECURITY: TOTP throttle not enforced cross-wiki.

== Links to all mentioned tasks ==
* https://phabricator.wikimedia.org/T232568
* https://phabricator.wikimedia.org/T255918
* https://phabricator.wikimedia.org/T256171
* https://phabricator.wikimedia.org/T258763
* https://phabricator.wikimedia.org/T86738
* https://phabricator.wikimedia.org/T115888
* https://phabricator.wikimedia.org/T260485
* https://phabricator.wikimedia.org/T251661

=== Changes since MediaWiki 1.35.0-rc.3 ===
* (T261258) Remove checks for ancient ImageMagick versions in BitmapHandler.
* (T260232) Don't include null page ids in query list for category dumps.
* (T260009) Check existing watchitem when saving action=watch.
* (T259055) Correct success messages for action=watch.
* mediawiki.page.ready: Simpler tablesorter/makeCollapsible call.
* mediawiki.page.ready: Fix skin override config flags, wrong way round.
* (T262175, T248512) Remove requirement for ApiWatchlistTrait to be in
ApiBase.
* (T259053, T260434) Watchlist: Fix updateWatchLink removing css class when
action=watch.
* (T261901, T261476) mediawiki.notification: Don't close notif when
clicking <select> element.
* (T251506) Sanitizer: Truncate IDs to a reasonable length.
* (T259452) Parsoid updated to v0.12.0.
* (T261970) watch.ajax: Add expiry support to watchpage.mw event.
* (T262900) Fix failure of rebuildLocalisationCache.php due to
ResourceLoader hook.
* (T263014) Hard deprecate File::userCan() with $user=null.
* (T262547) Use localized success message after watching via action=watch.
* (T201491) Fix typo 'Watchlst' in `apihelp-edit-param-watchlistexpiry`.
* (T261081) Installer: consistently reset Language objects.
* (T250449, T250450) Installer: consistently reset Language objects.
* Explicitly wrap some XML calls in libxml_disable_entity_loader().
* (T262934) Ensure dropdown label is always on its own line.
* (T246855) resourceloader: Use a local HookRunner.
* (T263604) Have findBadBlobs.php require Maintenance.php rather than
cleanupTable.inc.
* (T263606) Set fake time, to avoid flaky tests.
* (T261325) Add FindMissingActors script.
* (T262364) shell: Don't blacklist /run/firejail.
* (T263655) NewPagesPager: Ignore nonexistent namespaces.
* Update specialPageAliases and magicWords for Egyptian Arabic (arz).
* (T261347) ParserOutput: don't throw on bad editsection.
* (T255918, CVE-2020-25812) SECURITY: Unescaped message used in HTML on
Special:Contributions.
* (T256171, CVE-2020-25815) SECURITY: Unescaped message used in HTML within
LogEventsList.
* (T258763, CVE-2020-17367, CVE-2020-17368) SECURITY: Prevent invoking
firejail's --output functionality.
* (T86738, CVE-2020-25814) SECURITY: mediawiki.jqueryMsg: Sanitize URLs and
'style' attribute.
* (T115888, CVE-2020-25828) SECURITY: mediawiki.js: Escape HTML in
mw.message( ... ).parse().
* (T260485, CVE-2020-25869) SECURITY: ActorMigration: Load user from the
correct database.
* (T260485, CVE-2020-25869) SECURITY: ensure actor ID from correct wiki is
used.
* Add Finnish special page aliases.
* Fix GuzzleHttpRequest request headers.
* Fix description for pruneFileCache.php.
* emptyUserGroup.php: handle more than 5000 users.
* Make ApiSandbox copyable URL absolute.
* (T261087) Add a link from a deleted page to that page's logs.

Open Bugs:
[1] https://phabricator.wikimedia.org/project/board/4035/

Bug report form:
[2]
https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?tags=MW-1.35-Release

[3]
https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?tags=MW-1.35-Release+expiring-watchlist-items

**********************************************************************
Download:
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.0.tar.gz

Download without bundled extensions:
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-core-1.35.0.tar.gz

Patch to previous version (1.35.0-rc.3):
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.0.patch.gz

GPG signatures:
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-core-1.35.0.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.0.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.0.patch.gz.sig

Public keys:
https://www.mediawiki.org/keys/keys.html

Release Notes
https://www.mediawiki.org/wiki/Release_notes/1.35
_______________________________________________
MediaWiki announcements mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce