dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
API: Use U+001F (Unit Separator) for separating multi-valued parameters
[lhc/web/wiklou.git] / resources / src / mediawiki / api.js
1 ( function ( mw, $ ) {
2
3 /**
4 * @class mw.Api
5 */
6
7 /**
8 * @property {Object} defaultOptions Default options for #ajax calls. Can be overridden by passing
9 * `options` to mw.Api constructor.
10 * @property {Object} defaultOptions.parameters Default query parameters for API requests.
11 * @property {Object} defaultOptions.ajax Default options for jQuery#ajax.
12 * @property {boolean} defaultOptions.useUS Whether to use U+001F when joining multi-valued
13 * parameters (since 1.28). Default is true if ajax.url is not set, false otherwise for
14 * compatibility.
15 * @private
16 */
17 var defaultOptions = {
18 parameters: {
19 action: 'query',
20 format: 'json'
21 },
22 ajax: {
23 url: mw.util.wikiScript( 'api' ),
24 timeout: 30 * 1000, // 30 seconds
25 dataType: 'json'
26 }
27 },
28
29 // Keyed by ajax url and symbolic name for the individual request
30 promises = {};
31
32 function mapLegacyToken( action ) {
33 // Legacy types for backward-compatibility with API action=tokens.
34 var csrfActions = [
35 'edit',
36 'delete',
37 'protect',
38 'move',
39 'block',
40 'unblock',
41 'email',
42 'import',
43 'options'
44 ];
45 if ( $.inArray( action, csrfActions ) !== -1 ) {
46 mw.track( 'mw.deprecate', 'apitoken_' + action );
47 mw.log.warn( 'Use of the "' + action + '" token is deprecated. Use "csrf" instead.' );
48 return 'csrf';
49 }
50 return action;
51 }
52
53 // Pre-populate with fake ajax promises to save http requests for tokens
54 // we already have on the page via the user.tokens module (bug 34733).
55 promises[ defaultOptions.ajax.url ] = {};
56 $.each( mw.user.tokens.get(), function ( key, value ) {
57 // This requires #getToken to use the same key as user.tokens.
58 // Format: token-type + "Token" (eg. csrfToken, patrolToken, watchToken).
59 promises[ defaultOptions.ajax.url ][ key ] = $.Deferred()
60 .resolve( value )
61 .promise( { abort: function () {} } );
62 } );
63
64 /**
65 * Constructor to create an object to interact with the API of a particular MediaWiki server.
66 * mw.Api objects represent the API of a particular MediaWiki server.
67 *
68 * var api = new mw.Api();
69 * api.get( {
70 * action: 'query',
71 * meta: 'userinfo'
72 * } ).done( function ( data ) {
73 * console.log( data );
74 * } );
75 *
76 * Since MW 1.25, multiple values for a parameter can be specified using an array:
77 *
78 * var api = new mw.Api();
79 * api.get( {
80 * action: 'query',
81 * meta: [ 'userinfo', 'siteinfo' ] // same effect as 'userinfo|siteinfo'
82 * } ).done( function ( data ) {
83 * console.log( data );
84 * } );
85 *
86 * Since MW 1.26, boolean values for a parameter can be specified directly. If the value is
87 * `false` or `undefined`, the parameter will be omitted from the request, as required by the API.
88 *
89 * @constructor
90 * @param {Object} [options] See #defaultOptions documentation above. Can also be overridden for
91 * each individual request by passing them to #get or #post (or directly #ajax) later on.
92 */
93 mw.Api = function ( options ) {
94 options = options || {};
95
96 // Force a string if we got a mw.Uri object
97 if ( options.ajax && options.ajax.url !== undefined ) {
98 options.ajax.url = String( options.ajax.url );
99 }
100
101 options = $.extend( { useUS: !options.ajax || !options.ajax.url }, options );
102
103 options.parameters = $.extend( {}, defaultOptions.parameters, options.parameters );
104 options.ajax = $.extend( {}, defaultOptions.ajax, options.ajax );
105
106 this.defaults = options;
107 this.requests = [];
108 };
109
110 mw.Api.prototype = {
111 /**
112 * Abort all unfinished requests issued by this Api object.
113 *
114 * @method
115 */
116 abort: function () {
117 $.each( this.requests, function ( index, request ) {
118 if ( request ) {
119 request.abort();
120 }
121 } );
122 },
123
124 /**
125 * Perform API get request
126 *
127 * @param {Object} parameters
128 * @param {Object} [ajaxOptions]
129 * @return {jQuery.Promise}
130 */
131 get: function ( parameters, ajaxOptions ) {
132 ajaxOptions = ajaxOptions || {};
133 ajaxOptions.type = 'GET';
134 return this.ajax( parameters, ajaxOptions );
135 },
136
137 /**
138 * Perform API post request
139 *
140 * @param {Object} parameters
141 * @param {Object} [ajaxOptions]
142 * @return {jQuery.Promise}
143 */
144 post: function ( parameters, ajaxOptions ) {
145 ajaxOptions = ajaxOptions || {};
146 ajaxOptions.type = 'POST';
147 return this.ajax( parameters, ajaxOptions );
148 },
149
150 /**
151 * Massage parameters from the nice format we accept into a format suitable for the API.
152 *
153 * @private
154 * @param {Object} parameters (modified in-place)
155 * @param {boolean} useUS Whether to use U+001F when joining multi-valued parameters.
156 */
157 preprocessParameters: function ( parameters, useUS ) {
158 var key;
159 // Handle common MediaWiki API idioms for passing parameters
160 for ( key in parameters ) {
161 // Multiple values are pipe-separated
162 if ( $.isArray( parameters[ key ] ) ) {
163 if ( !useUS || parameters[ key ].join( '' ).indexOf( '|' ) === -1 ) {
164 parameters[ key ] = parameters[ key ].join( '|' );
165 } else {
166 parameters[ key ] = '\x1f' + parameters[ key ].join( '\x1f' );
167 }
168 }
169 // Boolean values are only false when not given at all
170 if ( parameters[ key ] === false || parameters[ key ] === undefined ) {
171 delete parameters[ key ];
172 }
173 }
174 },
175
176 /**
177 * Perform the API call.
178 *
179 * @param {Object} parameters
180 * @param {Object} [ajaxOptions]
181 * @return {jQuery.Promise} Done: API response data and the jqXHR object.
182 * Fail: Error code
183 */
184 ajax: function ( parameters, ajaxOptions ) {
185 var token, requestIndex,
186 api = this,
187 apiDeferred = $.Deferred(),
188 xhr, key, formData;
189
190 parameters = $.extend( {}, this.defaults.parameters, parameters );
191 ajaxOptions = $.extend( {}, this.defaults.ajax, ajaxOptions );
192
193 // Ensure that token parameter is last (per [[mw:API:Edit#Token]]).
194 if ( parameters.token ) {
195 token = parameters.token;
196 delete parameters.token;
197 }
198
199 this.preprocessParameters( parameters, this.defaults.useUS );
200
201 // If multipart/form-data has been requested and emulation is possible, emulate it
202 if (
203 ajaxOptions.type === 'POST' &&
204 window.FormData &&
205 ajaxOptions.contentType === 'multipart/form-data'
206 ) {
207
208 formData = new FormData();
209
210 for ( key in parameters ) {
211 formData.append( key, parameters[ key ] );
212 }
213 // If we extracted a token parameter, add it back in.
214 if ( token ) {
215 formData.append( 'token', token );
216 }
217
218 ajaxOptions.data = formData;
219
220 // Prevent jQuery from mangling our FormData object
221 ajaxOptions.processData = false;
222 // Prevent jQuery from overriding the Content-Type header
223 ajaxOptions.contentType = false;
224 } else {
225 // This works because jQuery accepts data as a query string or as an Object
226 ajaxOptions.data = $.param( parameters );
227 // If we extracted a token parameter, add it back in.
228 if ( token ) {
229 ajaxOptions.data += '&token=' + encodeURIComponent( token );
230 }
231
232 // Depending on server configuration, MediaWiki may forbid periods in URLs, due to an IE 6
233 // XSS bug. So let's escape them here. See WebRequest::checkUrlExtension() and T30235.
234 ajaxOptions.data = ajaxOptions.data.replace( /\./g, '%2E' );
235
236 if ( ajaxOptions.contentType === 'multipart/form-data' ) {
237 // We were asked to emulate but can't, so drop the Content-Type header, otherwise
238 // it'll be wrong and the server will fail to decode the POST body
239 delete ajaxOptions.contentType;
240 }
241 }
242
243 // Make the AJAX request
244 xhr = $.ajax( ajaxOptions )
245 // If AJAX fails, reject API call with error code 'http'
246 // and details in second argument.
247 .fail( function ( xhr, textStatus, exception ) {
248 apiDeferred.reject( 'http', {
249 xhr: xhr,
250 textStatus: textStatus,
251 exception: exception
252 } );
253 } )
254 // AJAX success just means "200 OK" response, also check API error codes
255 .done( function ( result, textStatus, jqXHR ) {
256 if ( result === undefined || result === null || result === '' ) {
257 apiDeferred.reject( 'ok-but-empty',
258 'OK response but empty result (check HTTP headers?)',
259 result,
260 jqXHR
261 );
262 } else if ( result.error ) {
263 var code = result.error.code === undefined ? 'unknown' : result.error.code;
264 apiDeferred.reject( code, result, result, jqXHR );
265 } else {
266 apiDeferred.resolve( result, jqXHR );
267 }
268 } );
269
270 requestIndex = this.requests.length;
271 this.requests.push( xhr );
272 xhr.always( function () {
273 api.requests[ requestIndex ] = null;
274 } );
275 // Return the Promise
276 return apiDeferred.promise( { abort: xhr.abort } ).fail( function ( code, details ) {
277 if ( !( code === 'http' && details && details.textStatus === 'abort' ) ) {
278 mw.log( 'mw.Api error: ', code, details );
279 }
280 } );
281 },
282
283 /**
284 * Post to API with specified type of token. If we have no token, get one and try to post.
285 * If we have a cached token try using that, and if it fails, blank out the
286 * cached token and start over. For example to change an user option you could do:
287 *
288 * new mw.Api().postWithToken( 'csrf', {
289 * action: 'options',
290 * optionname: 'gender',
291 * optionvalue: 'female'
292 * } );
293 *
294 * @param {string} tokenType The name of the token, like options or edit.
295 * @param {Object} params API parameters
296 * @param {Object} [ajaxOptions]
297 * @return {jQuery.Promise} See #post
298 * @since 1.22
299 */
300 postWithToken: function ( tokenType, params, ajaxOptions ) {
301 var api = this,
302 abortedPromise = $.Deferred().reject( 'http',
303 { textStatus: 'abort', exception: 'abort' } ).promise(),
304 abortable,
305 aborted;
306
307 return api.getToken( tokenType, params.assert ).then( function ( token ) {
308 params.token = token;
309 // Request was aborted while token request was running, but we
310 // don't want to unnecessarily abort token requests, so abort
311 // a fake request instead
312 if ( aborted ) {
313 return abortedPromise;
314 }
315
316 return ( abortable = api.post( params, ajaxOptions ) ).then(
317 // If no error, return to caller as-is
318 null,
319 // Error handler
320 function ( code ) {
321 if ( code === 'badtoken' ) {
322 api.badToken( tokenType );
323 // Try again, once
324 params.token = undefined;
325 abortable = null;
326 return api.getToken( tokenType, params.assert ).then( function ( token ) {
327 params.token = token;
328 if ( aborted ) {
329 return abortedPromise;
330 }
331
332 return ( abortable = api.post( params, ajaxOptions ) );
333 } );
334 }
335
336 // Different error, pass on to let caller handle the error code
337 return this;
338 }
339 );
340 } ).promise( { abort: function () {
341 if ( abortable ) {
342 abortable.abort();
343 } else {
344 aborted = true;
345 }
346 } } );
347 },
348
349 /**
350 * Get a token for a certain action from the API.
351 *
352 * The assert parameter is only for internal use by #postWithToken.
353 *
354 * @since 1.22
355 * @param {string} type Token type
356 * @return {jQuery.Promise} Received token.
357 */
358 getToken: function ( type, assert ) {
359 var apiPromise, promiseGroup, d;
360 type = mapLegacyToken( type );
361 promiseGroup = promises[ this.defaults.ajax.url ];
362 d = promiseGroup && promiseGroup[ type + 'Token' ];
363
364 if ( !d ) {
365 apiPromise = this.get( {
366 action: 'query',
367 meta: 'tokens',
368 type: type,
369 assert: assert
370 } );
371 d = apiPromise
372 .then( function ( res ) {
373 // If token type is unknown, it is omitted from the response
374 if ( !res.query.tokens[ type + 'token' ] ) {
375 return $.Deferred().reject( 'token-missing', res );
376 }
377
378 return res.query.tokens[ type + 'token' ];
379 }, function () {
380 // Clear promise. Do not cache errors.
381 delete promiseGroup[ type + 'Token' ];
382
383 // Pass on to allow the caller to handle the error
384 return this;
385 } )
386 // Attach abort handler
387 .promise( { abort: apiPromise.abort } );
388
389 // Store deferred now so that we can use it again even if it isn't ready yet
390 if ( !promiseGroup ) {
391 promiseGroup = promises[ this.defaults.ajax.url ] = {};
392 }
393 promiseGroup[ type + 'Token' ] = d;
394 }
395
396 return d;
397 },
398
399 /**
400 * Indicate that the cached token for a certain action of the API is bad.
401 *
402 * Call this if you get a 'badtoken' error when using the token returned by #getToken.
403 * You may also want to use #postWithToken instead, which invalidates bad cached tokens
404 * automatically.
405 *
406 * @param {string} type Token type
407 * @since 1.26
408 */
409 badToken: function ( type ) {
410 var promiseGroup = promises[ this.defaults.ajax.url ];
411
412 type = mapLegacyToken( type );
413 if ( promiseGroup ) {
414 delete promiseGroup[ type + 'Token' ];
415 }
416 }
417 };
418
419 /**
420 * @static
421 * @property {Array}
422 * List of errors we might receive from the API.
423 * For now, this just documents our expectation that there should be similar messages
424 * available.
425 */
426 mw.Api.errors = [
427 // occurs when POST aborted
428 // jQuery 1.4 can't distinguish abort or lost connection from 200 OK + empty result
429 'ok-but-empty',
430
431 // timeout
432 'timeout',
433
434 // really a warning, but we treat it like an error
435 'duplicate',
436 'duplicate-archive',
437
438 // upload succeeded, but no image info.
439 // this is probably impossible, but might as well check for it
440 'noimageinfo',
441 // remote errors, defined in API
442 'uploaddisabled',
443 'nomodule',
444 'mustbeposted',
445 'badaccess-groups',
446 'missingresult',
447 'missingparam',
448 'invalid-file-key',
449 'copyuploaddisabled',
450 'mustbeloggedin',
451 'empty-file',
452 'file-too-large',
453 'filetype-missing',
454 'filetype-banned',
455 'filetype-banned-type',
456 'filename-tooshort',
457 'illegal-filename',
458 'verification-error',
459 'hookaborted',
460 'unknown-error',
461 'internal-error',
462 'overwrite',
463 'badtoken',
464 'fetchfileerror',
465 'fileexists-shared-forbidden',
466 'invalidtitle',
467 'notloggedin',
468 'autoblocked',
469 'blocked',
470
471 // Stash-specific errors - expanded
472 'stashfailed',
473 'stasherror',
474 'stashedfilenotfound',
475 'stashpathinvalid',
476 'stashfilestorage',
477 'stashzerolength',
478 'stashnotloggedin',
479 'stashwrongowner',
480 'stashnosuchfilekey'
481 ];
482
483 /**
484 * @static
485 * @property {Array}
486 * List of warnings we might receive from the API.
487 * For now, this just documents our expectation that there should be similar messages
488 * available.
489 */
490 mw.Api.warnings = [
491 'duplicate',
492 'exists'
493 ];
494
495 }( mediaWiki, jQuery ) );
Wiklou, le Wiki du Wiklou