From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page API:Protect and the translation is 21% complete.

Outdated translations are marked like this.
Other languages:
Deutsch • ‎English • ‎dansk • ‎español • ‎français • ‎português • ‎română • ‎русский • ‎ไทย • ‎中文 • ‎日本語 • ‎한국어
Версия MediaWiki: 1.12

POST request to change a page's protection level.

API documentation


(main | protect)
  • This module requires read rights.
  • This module requires write rights.
  • This module only accepts POST requests.
  • Source: MediaWiki
  • License: GPL-2.0-or-later

Change the protection level of a page.


Title of the page to (un)protect. Cannot be used together with pageid.


ID of the page to (un)protect. Cannot be used together with title.

Type: integer

List of protection levels, formatted action=level (e.g. edit=sysop). A level of all means everyone is allowed to take the action, i.e. no restriction.

Note: Any actions not listed will have restrictions removed.

This parameter is required.
Separate values with | or alternative. Maximum number of values is 50 (500 for bots).

Expiry timestamps. If only one timestamp is set, it'll be used for all protections. Use infinite, indefinite, infinity, or never, for a never-expiring protection.

Separate values with | or alternative. Maximum number of values is 50 (500 for bots).
Default: infinite

Reason for (un)protecting.

Default: (empty)

Change tags to apply to the entry in the protection log.

Values (separate with | or alternative):

Enable cascading protection (i.e. protect transcluded templates and images used in this page). Ignored if none of the given protection levels support cascading.

Type: boolean (details)

If set, add the page being (un)protected to the current user's watchlist.

Type: boolean (details)

Unconditionally add or remove the page from the current user's watchlist, use preferences or do not change watch.

One of the following values: watch, unwatch, preferences, nochange
Default: preferences

A "csrf" token retrieved from action=query&meta=tokens

This parameter is required.


Protecting a page is a multi-step process:

  1. Log in using one of the methods described in API:Вход .
  2. Get a CSRF token . This token is the same for all pages, but changes at every login.
  3. Send a POST request with the CSRF token in order to protect the page.

The sample code below covers the third step in detail.

POST request

Protect the Main Page for an infinite of time to allow only autoconfirmed users to edit it and only sysops to move it.


    "protect": {
        "title": "Main Page",
        "reason": "",
        "protections": [
                "edit": "autoconfirmed",
                "expiry": "infinite"
                "move": "sysop",
                "expiry": "infinite"

Sample code




    MediaWiki Action API Code Samples
    Demo of `Protect` module: Demo to change the edit protection level of a given page.

    MIT License

import requests

S = requests.Session()

URL = "https://test.wikipedia.org/w/api.php"

# Step 1: Retrieve a login token
PARAMS_1 = {
    "action": "query",
    "meta": "tokens",
    "type": "login",
    "format": "json"

R = S.get(url=URL, params=PARAMS_1)
DATA = R.json()

LOGIN_TOKEN = DATA['query']['tokens']['logintoken']

# Step 2: Send a post request to login. Use of main account for login 
# is not supported. Obtain credentials via Special:BotPasswords
# (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & 
# lgpassword
PARAMS_2 = {
    "action": "login",
    "lgname": "bot_user_name",
    "lgpassword": "bot_password",
    "lgtoken": LOGIN_TOKEN,
    "format": "json"

R = S.post(URL, data=PARAMS_2)

# Step 3: While logged in, retrieve a CSRF token
PARAMS_3 = {
    "action": "query",
    "meta": "tokens",
    "type": "csrf",
    "format": "json"

R = S.get(url=URL, params=PARAMS_3)
DATA = R.json()

CSRF_TOKEN = DATA["query"]["tokens"]["csrftoken"]

# Step 4: Changing 'edit protection level' of a page using POST request
PARAMS_4 = {
    "title": "Main Page",
    "edit": "autoconfirmed",
    "move": "sysop",
    "expiry": "infinite",
    "token": CSRF_TOKEN,
    "action": "protect"

R = S.post(URL, data=PARAMS_4)
DATA = R.json()


Возможные ошибки

В дополнение к обычным ошибкам:

Код Информация
notitle Параметр title должен быть задан.
notoken Параметр token должен быть задан.
noprotections Параметр protections должен быть задан.
invalidexpiry Время окончания «expiry» находится в прошлом.
Означает, что временная метка истечения срока защиты отсутствует или имеет недопустимый формат (например «November 31» или «24:05»).
pastexpiry Время окончания «expiry» находится в прошлом.
toofewexpiries Задано number временных меток истечения, необходимо number2.
Эта ошибка неудачно названа: она также вызывается, если вы указали слишком много сроков истечения защиты
cantedit Вы не можете защитить эту страницу, так как вы не можете её редактировать
create-titleexists Существующие названия не могут быть защищены с помощью create.
missingtitle-createonly Несуществующие названия страниц могут быть защищены только с помощью create.
protect-invalidaction Недопустимый тип защиты «type».
protect-invalidlevel Недопустимый уровень защиты «level».

Parameter history

  • v1.27: Introduced tags
  • v1.20: Introduced pageid
  • v1.17: Introduced watchlist. Deprecated watch
  • v1.15: Introduced watch

Additional Notes

  • This module requires protect rights.
  • For MediaWiki versions 1.19 and earlier, you can obtain a protect token through API:Info .
  • For MediaWiki 1.20-1.23, you can obtain a protect token through API:Tokens (действие) .

See also