API:Stashedit

POST request to prepare an edit stash in shared cache.

MediaWiki version:
1.23

API documentation

action=stashedit

(main | stashedit)
  • This module is internal or unstable, and you should not use it. Its operation may change without notice.
  • This module requires read rights.
  • This module requires write rights.
  • This module only accepts POST requests.
  • Source: MediaWiki
  • License: GPL-2.0-or-later

Prepare an edit in shared cache.

This is intended to be used via AJAX from the edit form to improve the performance of the page save.

Specific parameters:
Other general parameters are available.
title

Title of the page being edited.

This parameter is required.
section

Section identifier. 0 for the top section, new for a new section.

sectiontitle

The title for a new section.

text

Page content.

stashedtexthash

Page content hash from a prior stash to use instead.

summary

Change summary.

Default: (empty)
contentmodel

Content model of the new content.

This parameter is required.
One of the following values: GadgetDefinition, Json.JsonConfig, JsonSchema, Map.JsonConfig, MassMessageListContent, NewsletterContent, Scribunto, SecurePoll, Tabular.JsonConfig, css, flow-board, javascript, json, sanitized-css, text, translate-messagebundle, unknown, wikitext
contentformat

Content serialization format used for the input text.

This parameter is required.
One of the following values: application/json, application/octet-stream, application/unknown, application/x-binary, text/css, text/javascript, text/plain, text/unknown, text/x-wiki, unknown/unknown
baserevid

Revision ID of the base revision.

This parameter is required.
Type: integer
token

A "csrf" token retrieved from action=query&meta=tokens

This parameter is required.


Example

Making any POST request is a multi-step process:

  1. Log in, via one of the methods described on API:Login .
  2. GET an edit/CSRF token as shown here API:Tokens
  3. Send a POST request, with the CSRF token, to prepare an edit in shared cache.

The sample codes below cover these steps.

POST request

Prepare an edit in shared cache.

Response

{
    "stashedit": {
        "status": "stashed",
        "texthash": "dc724af18fbdd4e59189f5fe768a5f8311527050"
    }
}

Sample code

Python

#!/usr/bin/python3

"""
    stashedit.py

    MediaWiki API Demos
    Demo of `stashedit` module: prepare an edit in shared cache

    MIT license
"""
import requests

S = requests.Session()

URL = "https://test.wikipedia.org/w/api.php"

# Step 1: Retrieve a login token
PARAMS_1 = {
    "action": "query",
    "meta": "tokens",
    "type": "login",
    "format": "json"
}

R = S.get(url=URL, params=PARAMS_1)
DATA = R.json()

LOGIN_TOKEN = DATA['query']['tokens']['logintoken']

# Step 2: Send a POST request to log in. For this login
# method, obtain credentials by first visiting
# https://www.test.wikipedia.org/wiki/Manual:Bot_passwords
# See https://www.mediawiki.org/wiki/API:Login for more
# information on log in methods.
PARAMS_2 = {
    "action": "login",
    "lgname": "user_name",
    "lgpassword": "password",
    "format": "json",
    "lgtoken": LOGIN_TOKEN
}

R = S.post(URL, data=PARAMS_2)
DATA = R.json()

# Step 3: While logged in, retrieve a CSRF token
PARAMS_3 = {
    "action": "query",
    "meta": "tokens",
    "format": "json"
}

R = S.get(url=URL, params=PARAMS_3)
DATA = R.json()

CSRF_TOKEN = DATA["query"]["tokens"]["csrftoken"]

# Step 4: Send a POST request to prepare an edit in shared cache

PARAMS_4 = {
    "token":CSRF_TOKEN,
    "action":"stashedit",
    "title":"Sandbox",
    "section":"new",
    "sectiontitle":"testing stashedit",
    "text":"testing stashedit API",
    "contentmodel":"wikitext",
    "contentformat":"text/x-wiki",
    "baserevid":"",
    "format":"json"
    }

R = S.post(URL, data=PARAMS_4)
DATA = R.text

print(DATA)

PHP

<?php

/*
    stashedit.php

    MediaWiki API Demos
    Demo of `stashedit` module: prepare an edit in shared cache

    MIT license
*/
$endPoint = "https://test.wikipedia.org/w/api.php";

$login_Token = getLoginToken(); // Step 1
loginRequest( $login_Token ); // Step 2
$csrf_Token = getCSRFToken(); // Step 3
stashEdit( $csrf_Token ); // Step 4

// Step 1: GET request to fetch login token
function getLoginToken() {
	global $endPoint;

	$params1 = [
		"action" => "query",
		"meta" => "tokens",
		"type" => "login",
		"format" => "json"
	];

	$url = $endPoint . "?" . http_build_query( $params1 );

	$ch = curl_init( $url );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );

	$result = json_decode( $output, true );
	return $result["query"]["tokens"]["logintoken"];
}

// Step 2: POST request to log in. Use of main account for login is not
// supported. Obtain credentials via Special:BotPasswords
// (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & lgpassword
function loginRequest( $logintoken ) {
	global $endPoint;

	$params2 = [
		"action" => "login",
		"lgname" => "bot_user_name",
		"lgpassword" => "bot_password",
		"lgtoken" => $logintoken,
		"format" => "json"
	];

	$ch = curl_init();

	curl_setopt( $ch, CURLOPT_URL, $endPoint );
	curl_setopt( $ch, CURLOPT_POST, true );
	curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params2 ) );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );
}

// Step 3: GET request to fetch CSRF token
function getCSRFToken() {
	global $endPoint;

	$params3 = [
		"action" => "query",
		"meta" => "tokens",
		"format" => "json"
	];

	$url = $endPoint . "?" . http_build_query( $params3 );

	$ch = curl_init( $url );

	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );

	$result = json_decode( $output, true );
	return $result["query"]["tokens"]["csrftoken"];
}

# Step 4: Send a POST request  to prepare an edit in shared cache
function stashEdit( $csrftoken ) {
	global $endPoint;
	
	$params4 = [
		"action" => "stashedit",
		"title" => "Sandbox",
		"section" => "new",
		"sectiontitle" => "testing stashedit",
		"text" => "testing stashedit API",
		"contentmodel" => "wikitext",
		"contentformat" => "text/x-wiki",
		"baserevid" => "",
		"format" => "json",
		"token" => $csrftoken
	];
  
	$ch = curl_init();

	curl_setopt( $ch, CURLOPT_URL, $endPoint );
	curl_setopt( $ch, CURLOPT_POST, true );
	curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params4 ) );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$response = curl_exec($ch);
	curl_close($ch);

	echo ($response);
}

JavaScript

/*
    stashedit.js

    MediaWiki API Demos
    Demo of `stashedit` module: prepare an edit in shared cache

    MIT license
*/
var request = require("request").defaults({jar: true}),
url = "https://test.wikipedia.org/w/api.php";

// Step 1: GET request to fetch login token
function getLoginToken() {
    var params_0 = {
        action: "query",
        meta: "tokens",
        type: "login",
        format: "json"
    };
    request.get({ url: url, qs: params_0 }, function (error, res, body) {
        if (error) {
            return;
        }
        var data = JSON.parse(body);
        loginRequest(data.query.tokens.logintoken);
    });
}

// Step 2: POST request to log in. 
// Use of main account for login is not
// supported. Obtain credentials via Special:BotPasswords
// (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & lgpassword
function loginRequest(login_token) {
    var params_1 = {
        action: "login",
        lgname: "bot_username",
        lgpassword: "bot_password",
        lgtoken: login_token,
        format: "json"
    };
    
    request.post({ url: url, form: params_1 }, function (error, res, body) {
        if (error) {
            return;
        }
        getCsrfToken();
    });
}

// Step 3: GET request to fetch CSRF token
function getCsrfToken() {
    var params_2 = {
        action: "query",
        meta: "tokens",
        format: "json"
    };
    request.get({ url: url, qs: params_2 }, function(error, res, body) {
        if (error) {
            return;
        }
        var data = JSON.parse(body);
        stashEdit(data.query.tokens.csrftoken);
    });
}

// Step 4: Send a POST request  to prepare an edit in shared cache
function stashEdit(csrf_token) {
    var params_3 = {
        action: "stashedit",
        title: "Sandbox",
        section: "new",
        sectiontitle: "testing stashedit",
        text: "testing stashedit API",
        contentmodel: "wikitext",
        contentformat: "text/x-wiki",
        baserevid: "",
        format: "json",
        token: csrf_token
    };
    request.post({ url: url, form: params_3 }, function(error, res, body) {
        if (error) {
            return;
        }
        console.log(body);
    });
}

// Start From Step 1
getLoginToken();

Possible errors

Code Info
badtoken Invalid CSRF token
internal_api_error_MWException Exception caught: Incompatible content model for section

Additional notes

  • This is intended to be used via AJAX from the edit form to improve the performance of the page save.

See also