can't log in or create new users on mediawiki

Tim Dunphy bluethundr at gmail.com
Mon Aug 17 17:02:39 CEST 2015


Hi Geoff,

I don't know how it works with mediawiki, but let's talk about regexen
> again. %^)
>
> > req.http.host ~ "^wiki\.example\.com$"
>
> If you're going for an exact string match -- '^' followed by a fixed
> string followed by '$' -- you might as well just compare for string
> equality:
>
>         req.http.host == "wiki.example.com"
>
> That might be a little faster, and it makes the intention of your code
> much clearer.
>

Thanks! That makes sense, and I've done that in my next attempt, which I'll
show soon.

req.url ~
> >
> "^/index.php?title=Special:UserLogin&returnto=Main+Page&returntoquery=action%3Dsubmitlogin%26type%3Dlogin$"
>
> Same
> >
> thing here, with the additional problem that '.', '?' and '+' are
> regex metacharacters. "index.php?" will match "index.ph" possibly
> followed by a "p", but it won't match the question mark (it also
> matches anything where the dot is). "Main+" will match "Mai" followed
> one or more "n"s, but it won't match the plus sign.
>
> So your idea may or may not work with mediawiki, but at any rate the
> regex matches were failing.
>
> If you're sure you're looking for those exact strings, just use the
> '==' comparison.
>
> Are you certain that the URLs of interest will always be written
> exactly those two ways? No one will ever use '/' instead of
> '/index.php', and the key-value pairs in the query string will always
> be in exactly that order?
>
> If not, you'd be better off using regexen after all, something like this:
>
>         req.url ~ "^/(index\.php)?" && req.url ~ "foo=bar"
>         && req.url ~ "baz=quux"
>
> Meaning: the path must be '/' possibly followed by 'index.php', and
> the key-value pairs must all appear (in any order).
>
> Again, this is just to ensure that you're identifying the URLs you're
> looking for, I can't say if mediawiki will then do as you expect.
>

Ok so for my next attempt, I attempted to clean up the regex a little bit.
Hopefully this makes a little more sense:

  if ( req.http.host == "wiki.jokefire.com" && req.url ~
"^/(index\.php)?\?title=Special:UserLogin(.*)" ) {
    return (pass) ;
   }


  So what I'm doing here is an exact match for the host name and I'm using
a regex for the URL. The URL regex means that the string must begin with
either a slash or with index.php and after that match
"\?title=Special:UserLogin" exactly and then allow any combination of
characters after that. I do that because I think that mediawiki varies this
URL with some cookie info appended at the end. This theory makes sense to
me because I did make some progress with this approach. On the next
attempt, instead of having the page simply refresh when I try to log in, I
am now getting a new error from mediawiki:

Login error
JF Wiki uses cookies to log in users. You have cookies disabled. Please
enable them and try again.

So I think I need to find a way to preserve the cookie that's being used to
identify the user at the end of the URL, which I'm pretty sure will be a
random string. Can you help me find a way to do this?

Thanks,
Tim

On Mon, Aug 17, 2015 at 2:24 AM, Geoff Simmons <geoff at uplex.de> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 8/17/15 5:29 AM, Tim Dunphy wrote:
> >
> > I've setup my mediawiki behind varnish. Since doing that I am
> > unable to either create new users or log into the wiki itself.
>
> I don't know how it works with mediawiki, but let's talk about regexen
> again. %^)
>
> > req.http.host ~ "^wiki\.example\.com$"
>
> If you're going for an exact string match -- '^' followed by a fixed
> string followed by '$' -- you might as well just compare for string
> equality:
>
>         req.http.host == "wiki.example.com"
>
> That might be a little faster, and it makes the intention of your code
> much clearer.
>
> > req.url ~
> > "^/index.php?title=Special:UserLogin&returnto=Main+Page&type=signup"
>
> >
> >
> req.url ~
> >
> "^/index.php?title=Special:UserLogin&returnto=Main+Page&returntoquery=action%3Dsubmitlogin%26type%3Dlogin$"
>
> Same
> >
> thing here, with the additional problem that '.', '?' and '+' are
> regex metacharacters. "index.php?" will match "index.ph" possibly
> followed by a "p", but it won't match the question mark (it also
> matches anything where the dot is). "Main+" will match "Mai" followed
> one or more "n"s, but it won't match the plus sign.
>
> So your idea may or may not work with mediawiki, but at any rate the
> regex matches were failing.
>
> If you're sure you're looking for those exact strings, just use the
> '==' comparison.
>
> Are you certain that the URLs of interest will always be written
> exactly those two ways? No one will ever use '/' instead of
> '/index.php', and the key-value pairs in the query string will always
> be in exactly that order?
>
> If not, you'd be better off using regexen after all, something like this:
>
>         req.url ~ "^/(index\.php)?" && req.url ~ "foo=bar"
>         && req.url ~ "baz=quux"
>
> Meaning: the path must be '/' possibly followed by 'index.php', and
> the key-value pairs must all appear (in any order).
>
> Again, this is just to ensure that you're identifying the URLs you're
> looking for, I can't say if mediawiki will then do as you expect.
>
>
> HTH,
> Geoff
> - --
> UPLEX Systemoptimierung
> Scheffelstraße 32
> 22301 Hamburg
> http://uplex.de/
> Mob: +49-176-63690917
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
>
> iQIcBAEBCAAGBQJV0X4rAAoJEOUwvh9pJNURKLsP/1qI5suvBWXW+BwwXtXmINQY
> vPU78Z8JfkdDeXSxmc3lDaazO0L/KE2IwsNnkP5Vl/kJ6EbI3sU8Eq7eXZ73v563
> W2d/poA6tlFKHuJovP/opGLhKu1Ls4qUGc74njywNTxiS+pqSvQKPx3OndoYEfyi
> /MiPkaPAbSfa7YVKMQ6dHlaEKXP6VJQ3JOJwWKQl4ehl9V1EP1Ddcd2ABHAGf2s+
> 2yaEINvDVRVek/QBkzgzZbN//KXjtpQdtELjSriNAAAUV+Oi1ULP9ROL0QE+IVYO
> Gqe9q0AxquOxn7D6DFgUyZmZWgEjDPy3V8JvNMI+drwTewhEk1g9A1yOI9v+5RJb
> MDO6t7RWR+m9VTO0dsXiCXyRYZzUrn2nnwYysYvUy5PdfaHF+4xQBN9hniAu49AQ
> nHqfwaY6C1eDATLkqlDvrsFcwySr5sF2Ax6H3BiKV5seuQ5n+dpy6RdKBi+YDIBy
> GBy4YEYwDkPyLmXPyNt3izY3rxmmob/aaoKBRpBJOMuuVDyKiqRNaUmIVkvMHAUb
> S0UFQ+dMdsuak6z/ei/32p/vNvZvEuQG5s97FLDui9BpVa1Q8W5Lkamyy96I2WSQ
> Y0iPQludnzm1TQ9FLYp0tJPTW4UTbWi9tyUn35d8vKsaNkqUTTAk/UH1FQvaQ2n6
> tm2gtaXXQc6n1yD6xY29
> =89fY
> -----END PGP SIGNATURE-----
>



-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20150817/6e363d14/attachment.html>


More information about the varnish-misc mailing list