Manual:$wgWhitelistReadRegexp
| User rights, access control and monitoring: $wgWhitelistReadRegexp | |
|---|---|
| Whitelists publicly readable titles with regular expressions. |
|
| Introduced in version: | 1.21.0 (Gerrit change 11137; git #550b878e) |
| Removed in version: | Still in use |
| Allowed values: | (Array of regexes) or false |
| Default value: | false |
| Other settings: Alphabetical | By function | |
 Warning: | MediaWiki from 1.32 to 1.35.4, 1.36.2, 1.37.0 contain a security issue that allow unprivileged editing of arbitrary page and arbitrary JavaScript execution. If you are using one of these versions and can not upgrade to a newer version, please see 2021-12 security release/FAQ for a workaround. |
Details
editIt is similar to $wgWhitelistRead, but uses a list of regular expressions.
This would be useful in a semi-public team wiki situation where one would want to hide everything except for an entire namespace from everyone.
This function will match the regexp against the title name, which is without underscore. Unless ^ and/or $ is specified, a regular expression might match pages not intended to be whitelisted.
This configuration parameter will only work if the following is set:
$wgGroupPermissions['*']['read'] = false;
Otherwise, all pages are accessible, regardless of this setting.
| Warning: | If you are using a content language other than English, you may need to use the translated special page names instead of their English names. |
Examples
editWhitelist "Main Page" or "Security Main Page":
$wgWhitelistReadRegexp = [ '/Main Page/' ];
Allow reading any page starting with 'User' regardless of the case, e.g. "User is banned" and "User:JohnDoe":
$wgWhitelistReadRegexp = [ '@^UsEr.*@i' ];
Allow reading "Main Page" and all pages in namespace "Foo Bar":
$wgWhitelistReadRegexp = [
'/Main Page/',
'/^Foo Bar:/'
];
You can also create a blacklist with this by using a negative lookahead containing all blacklisted terms in the same expression. This will block the namespaces "Private" and "Private talk", and also block subpages in the "User" namespace, but make all other pages public:
$wgWhitelistReadRegexp = [ "#(?!(?:Private(?: talk)?:|User:[^/]+/.))^#" ];