From: Kunal Mehta Date: Sat, 19 May 2018 20:05:08 +0000 (-0700) Subject: registration: Perform extra validation for mediawiki.org URLs X-Git-Tag: 1.34.0-rc.0~5366^2 X-Git-Url: http://git.heureux-cyclage.org/?a=commitdiff_plain;h=399b391f240e94d4025dcd740b5df584c640b6a9;p=lhc%2Fweb%2Fwiklou.git registration: Perform extra validation for mediawiki.org URLs If the "url" field in extension.json is pointing to mediawiki.org, perform some extra validation steps: * Require HTTPS * Require the `www.mediawiki.org` canonical domain Change-Id: I3371443d3f6c76f53437adf90a700969bba7d0e7 --- diff --git a/includes/registration/ExtensionJsonValidator.php b/includes/registration/ExtensionJsonValidator.php index 7e3afaa803..564ea6be0c 100644 --- a/includes/registration/ExtensionJsonValidator.php +++ b/includes/registration/ExtensionJsonValidator.php @@ -89,20 +89,34 @@ class ExtensionJsonValidator { ); } - $licenseError = false; + $extraErrors = []; // Check if it's a string, if not, schema validation will display an error if ( isset( $data->{'license-name'} ) && is_string( $data->{'license-name'} ) ) { $licenses = new SpdxLicenses(); $valid = $licenses->validate( $data->{'license-name'} ); if ( !$valid ) { - $licenseError = '[license-name] Invalid SPDX license identifier, ' + $extraErrors[] = '[license-name] Invalid SPDX license identifier, ' . 'see '; } } + if ( isset( $data->url ) && is_string( $data->url ) ) { + $parsed = wfParseUrl( $data->url ); + $mwoUrl = false; + if ( $parsed['host'] === 'www.mediawiki.org' ) { + $mwoUrl = true; + } elseif ( $parsed['host'] === 'mediawiki.org' ) { + $mwoUrl = true; + $extraErrors[] = '[url] Should use www.mediawiki.org domain'; + } + + if ( $mwoUrl && $parsed['scheme'] !== 'https' ) { + $extraErrors[] = '[url] Should use HTTPS for www.mediawiki.org URLs'; + } + } $validator = new Validator; $validator->check( $data, (object)[ '$ref' => 'file://' . $schemaPath ] ); - if ( $validator->isValid() && !$licenseError ) { + if ( $validator->isValid() && !$extraErrors ) { // All good. return true; } else { @@ -110,8 +124,8 @@ class ExtensionJsonValidator { foreach ( $validator->getErrors() as $error ) { $out .= "[{$error['property']}] {$error['message']}\n"; } - if ( $licenseError ) { - $out .= "$licenseError\n"; + if ( $extraErrors ) { + $out .= implode( "\n", $extraErrors ) . "\n"; } throw new ExtensionJsonValidationError( $out ); } diff --git a/tests/phpunit/data/registration/bad_url.json b/tests/phpunit/data/registration/bad_url.json new file mode 100644 index 0000000000..ee0f4b95c4 --- /dev/null +++ b/tests/phpunit/data/registration/bad_url.json @@ -0,0 +1,5 @@ +{ + "name": "Test", + "url": "http://www.mediawiki.org/", + "manifest_version": 1 +} diff --git a/tests/phpunit/data/registration/bad_url2.json b/tests/phpunit/data/registration/bad_url2.json new file mode 100644 index 0000000000..813e9d60d7 --- /dev/null +++ b/tests/phpunit/data/registration/bad_url2.json @@ -0,0 +1,5 @@ +{ + "name": "Test", + "url": "http://mediawiki.org/", + "manifest_version": 1 +} diff --git a/tests/phpunit/includes/registration/ExtensionJsonValidatorTest.php b/tests/phpunit/includes/registration/ExtensionJsonValidatorTest.php index d69ad5973a..355f4ef0e3 100644 --- a/tests/phpunit/includes/registration/ExtensionJsonValidatorTest.php +++ b/tests/phpunit/includes/registration/ExtensionJsonValidatorTest.php @@ -78,6 +78,15 @@ class ExtensionJsonValidatorTest extends MediaWikiTestCase { 'good.json', true ], + [ + 'bad_url.json', 'bad_url.json did not pass validation. +[url] Should use HTTPS for www.mediawiki.org URLs' + ], + [ + 'bad_url2.json', 'bad_url2.json did not pass validation. +[url] Should use www.mediawiki.org domain +[url] Should use HTTPS for www.mediawiki.org URLs' + ] ]; }