*/
use MediaWiki\Linker\LinkTarget;
-use MediaWiki\Logger\LoggerFactory;
use MediaWiki\MediaWikiServices;
use MediaWiki\Session\SessionManager;
use Wikimedia\Rdbms\IResultWrapper;
* good tags like \<i\> will be dropped entirely.
*
* @param string|Message $name
+ * @param-taint $name tainted
+ * Phan-taint-check gets very confused by $name being either a string or a Message
*/
public function setPageTitle( $name ) {
if ( $name instanceof Message ) {
# change "<i>foo&bar</i>" to "foo&bar"
$this->setHTMLTitle(
- $this->msg( 'pagetitle' )->rawParams( Sanitizer::stripAllTags( $nameWithTags ) )
+ $this->msg( 'pagetitle' )->plaintextParams( Sanitizer::stripAllTags( $nameWithTags ) )
->inContentLanguage()
);
}
return false;
}
+ /**
+ * Get the Origin-Trial header values. This is used to enable Chrome Origin
+ * Trials: https://github.com/GoogleChrome/OriginTrials
+ *
+ * @return array
+ */
+ private function getOriginTrials() {
+ $config = $this->getConfig();
+
+ return $config->get( 'OriginTrials' );
+ }
+
/**
* Send cache control HTTP headers
*/
$response->header( "X-Frame-Options: $frameOptions" );
}
+ $originTrials = $this->getOriginTrials();
+ foreach ( $originTrials as $originTrial ) {
+ $response->header( "Origin-Trial: $originTrial", false );
+ }
+
ContentSecurityPolicy::sendHeaders( $this );
if ( $this->mArticleBodyOnly ) {
*/
public function getResourceLoader() {
if ( is_null( $this->mResourceLoader ) ) {
- $this->mResourceLoader = new ResourceLoader(
- $this->getConfig(),
- LoggerFactory::getInstance( 'resourceloader' )
- );
+ // Lazy-initialise as needed
+ $this->mResourceLoader = MediaWikiServices::getInstance()->getResourceLoader();
}
return $this->mResourceLoader;
}
*
* For example:
*
- * $wgOut->wrapWikiMsg( "<div class='error'>\n$1\n</div>", 'some-error' );
+ * $wgOut->wrapWikiMsg( "<div class='error'>\n$1\n</div>", 'some-error' );
*
* Is equivalent to:
*
- * $wgOut->addWikiTextAsInterface( "<div class='error'>\n"
- * . wfMessage( 'some-error' )->plain() . "\n</div>" );
+ * $wgOut->addWikiTextAsInterface( "<div class='error'>\n"
+ * . wfMessage( 'some-error' )->plain() . "\n</div>" );
*
* The newline after the opening div is needed in some wikitext. See T21226.
*