Available from version 1.16.0
executed before the file is streamed to the browser, but only when using Manual:Image authorization .
Define function:
public static function onImgAuthBeforeStream( Title &$title, &$path, &$name, array &$result ) { ... }
Attach hook: In extension.json:
	"Hooks": {
		"ImgAuthBeforeStream": "MyExtensionHooks::onImgAuthBeforeStream"
Called from: File(s): ../img_auth.php
Interface: ImgAuthBeforeStreamHook.php

For more information about attaching hooks, see Manual:Hooks .
For examples of extensions using this hook, see Category:ImgAuthBeforeStream extensions.


If the hook returns true, it will go ahead and stream the file. If not, it will display the indexed messages returned in $result[0] and $result[1].

  • &$title: the Title object of the file as it would appear for the upload page
  • &$path: the original file and path name when img_auth was invoked by the the web server
  • &$name: the name only component of the file
  • &$result: The location to pass back results of the hook routine (only used if failed)
    • $result[0]: The index of the header message
    • $result[1]: The index of the body text message
    • $result[2 through n]: Parameters passed to body text message. Please note the header message cannot receive/use parameters.

IMPORTANT: Parameters $result[0], and $result[1] are message indices, NOT actual messages. They will be resolved and localized using wfMsgHTML($msgIndex). Parameters are only be passed to the body text message. For help in defining and using messages, see: System Messages


This example hook routinely checks to see if the file was stored in Namespace mode, and if so, modifies the Title to include the namespace. If the title is now invalid, returns indexes to the header and body text of the user messages as well as the name of the file ($name) as a parameter which is passed used by the body text.

$wgHooks['ImgAuthBeforeStream'][] = 'NSFileRepoImgAuthCheck';

function NSFileRepoImgAuthCheck($title, $path, $name, $result) {
	global $wgContLang;

# See if stored in a NS path

	$subdirs = explode('/',$path);
	if (strlen($subdirs[1]) == 3 && is_numeric($subdirs[1]) && $subdirs[1] >= 100)  {
		$title = Title::makeTitleSafe( NS_FILE, $wgContLang->getNsText($subdirs[1]).":".$name );
		if( !$title instanceof Title ) {
			$result = array('img-auth-accessdenied','img-auth-badtitle',$name);
			return false;
	return true;