}
/**
- * Add a JavaScript file out of skins/common, or a given relative path.
+ * Add a JavaScript file to be loaded as `<script>` on this page.
+ *
* Internal use only. Use OutputPage::addModules() if possible.
*
- * @param string $file Filename in skins/common or complete on-server path
- * (/foo/bar.js)
- * @param string $version Style version of the file. Defaults to $wgStyleVersion
+ * @param string $file URL to file (absolute path, protocol-relative, or full url)
+ * @param string $unused Previously used to change the cache-busting query parameter
*/
- public function addScriptFile( $file, $version = null ) {
- // See if $file parameter is an absolute URL or begins with a slash
- if ( substr( $file, 0, 1 ) == '/' || preg_match( '#^[a-z]*://#i', $file ) ) {
- $path = $file;
- } else {
- $path = $this->getConfig()->get( 'StylePath' ) . "/common/{$file}";
- }
- if ( is_null( $version ) ) {
- $version = $this->getConfig()->get( 'StyleVersion' );
+ public function addScriptFile( $file, $unused = null ) {
+ if ( substr( $file, 0, 1 ) !== '/' && !preg_match( '#^[a-z]*://#i', $file ) ) {
+ // This is not an absolute path, protocol-relative url, or full scheme url,
+ // presumed to be an old call intended to include a file from /w/skins/common,
+ // which doesn't exist anymore as of MediaWiki 1.24 per T71277. Ignore.
+ wfDeprecated( __METHOD__, '1.24' );
+ return;
}
- $this->addScript( Html::linkedScript( wfAppendQuery( $path, $version ), $this->getCSPNonce() ) );
+ $this->addScript( Html::linkedScript( $file, $this->getCSPNonce() ) );
}
/**
// Register a callback for $this->contentOverrides on the first call
$this->addContentOverrideCallback( function ( LinkTarget $target ) {
$key = $target->getNamespace() . ':' . $target->getDBkey();
- return isset( $this->contentOverrides[$key] )
- ? $this->contentOverrides[$key]
- : null;
+ return $this->contentOverrides[$key] ?? null;
} );
}
if ( $type == ResourceLoaderModule::TYPE_COMBINED ) {
return min( array_values( $this->mAllowedModules ) );
} else {
- return isset( $this->mAllowedModules[$type] )
- ? $this->mAllowedModules[$type]
- : ResourceLoaderModule::ORIGIN_ALL;
+ return $this->mAllowedModules[$type] ?? ResourceLoaderModule::ORIGIN_ALL;
}
}
$response->header( 'Content-type: ' . $config->get( 'MimeType' ) . '; charset=UTF-8' );
$response->header( 'Content-language: ' . $wgContLang->getHtmlCode() );
- // Avoid Internet Explorer "compatibility view" in IE 8-10, so that
- // jQuery etc. can work correctly.
- $response->header( 'X-UA-Compatible: IE=Edge' );
-
if ( !$this->mArticleBodyOnly ) {
$sk = $this->getSkin();
if ( $this->mArticleBodyOnly ) {
echo $this->mBodytext;
} else {
- // Enable safe mode if requested
+ // Enable safe mode if requested (T152169)
if ( $this->getRequest()->getBool( 'safemode' ) ) {
$this->disallowUserJs();
}
$rlClient = new ResourceLoaderClientHtml( $context, [
'target' => $this->getTarget(),
+ 'nonce' => $this->getCSPNonce(),
+ // When 'safemode', disallowUserJs(), or reduceAllowedModules() is used
+ // to only restrict modules to ORIGIN_CORE (ie. disallow ORIGIN_USER), the list of
+ // modules enqueud for loading on this page is filtered to just those.
+ // However, to make sure we also apply the restriction to dynamic dependencies and
+ // lazy-loaded modules at run-time on the client-side, pass 'safemode' down to the
+ // StartupModule so that the client-side registry will not contain any restricted
+ // modules either. (T152169, T185303)
+ 'safemode' => ( $this->getAllowedModules( ResourceLoaderModule::TYPE_COMBINED )
+ <= ResourceLoaderModule::ORIGIN_CORE_INDIVIDUAL
+ ) ? '1' : null,
] );
$rlClient->setConfig( $this->getJSVars() );
$rlClient->setModules( $this->getModules( /*filter*/ true ) );
}
$pieces[] = Html::element( 'title', null, $this->getHTMLTitle() );
- $pieces[] = $this->getRlClient()->getHeadHtml( $this->getCSPNonce() );
+ $pieces[] = $this->getRlClient()->getHeadHtml();
$pieces[] = $this->buildExemptModules();
$pieces = array_merge( $pieces, array_values( $this->getHeadLinksArray() ) );
$pieces = array_merge( $pieces, array_values( $this->mHeadItems ) );
$url = $style;
} else {
$config = $this->getConfig();
- $url = $config->get( 'StylePath' ) . '/' . $style . '?' .
- $config->get( 'StyleVersion' );
+ // Append file hash as query parameter
+ $url = self::transformResourcePath(
+ $config,
+ $config->get( 'StylePath' ) . '/' . $style
+ );
}
$link = Html::linkedStyle( $url, $media );
*/
public static function setupOOUI( $skinName = 'default', $dir = 'ltr' ) {
$themes = ResourceLoaderOOUIModule::getSkinThemeMap();
- $theme = isset( $themes[$skinName] ) ? $themes[$skinName] : $themes['default'];
+ $theme = $themes[$skinName] ?? $themes['default'];
// For example, 'OOUI\WikimediaUITheme'.
$themeClass = "OOUI\\{$theme}Theme";
OOUI\Theme::setSingleton( new $themeClass() );
uksort( $logosPerDppx, function ( $a , $b ) {
$a = floatval( $a );
$b = floatval( $b );
-
- if ( $a == $b ) {
- return 0;
- }
// Sort from smallest to largest (e.g. 1x, 1.5x, 2x)
- return ( $a < $b ) ? -1 : 1;
+ return $a <=> $b;
} );
foreach ( $logosPerDppx as $dppx => $src ) {