Manual talk:Suhosin

• discussion thread (excerpt)

There doesn't appear to be a straightforward mapping between Suhosin config and $wgResourceLoaderMaxQueryLength.

For example, this calculation appears to produce the maximum query string length (including the ?).
 suhosin.get.max_vars * (suhosin.get.max_totalname_length + suhosin.get.max_value_length + 1) + suhosin.get.max_vars

However, all likely occurrences of query strings at that length will fail the Suhosin filters (because there will be many more, smaller
keys/values).

This is what "name" and "value" represent to Suhosin. http://example.com/?name1=value1&name2=value2

In this example, both values are 6 characters long, and the entire query string is 26 characters.

ResourceLoader uses many names and values in each URL.  As long as individual names and values are under the configured limits, the URL
is OK.  However, $wgResourceLoaderMaxQueryLength limits the *total* length of *all* names and values.

~Rusty

I have a wiki that runs on php with suhosin. All other wiki's that I have run on php without suhosin.

This one gives trouble with files with messages such as 'Could not open lock file for "mwstore://local-backend/local-public/..'. I'm not sure that suhosin is the problem, but I have never had such problems before.

Could indeed suhosin be the source of the problem? And what can I do about it? --AdSvS (talk) 08:19, 19 June 2012 (UTC)Reply

I am running MediaWiki on a Debian system. Debian puts the suhosin configuration in suhosin.ini. It isn't clear to me whether the extension would find the setting in suhosin.ini. Haribo (talk) 03:08, 10 September 2012 (UTC)Reply

moved to Extension_talk:Suhosin