X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;ds=sidebyside;f=thumb.php;h=068ec01700d4f1cf4528dca2efe2b293c9d10ec5;hb=1ba693980bd5d84a0707309444ecd47452dae716;hp=5fc444624868bd7d20d9ffb9b2ace5b32a1f4397;hpb=76ef1f726855328d0eee23e0a977160c680a0580;p=lhc%2Fweb%2Fwiklou.git diff --git a/thumb.php b/thumb.php index 5fc4446248..068ec01700 100644 --- a/thumb.php +++ b/thumb.php @@ -25,7 +25,7 @@ define( 'MW_NO_OUTPUT_COMPRESSION', 1 ); if ( isset( $_SERVER['MW_COMPILED'] ) ) { require( 'core/includes/WebStart.php' ); } else { - require( dirname( __FILE__ ) . '/includes/WebStart.php' ); + require( __DIR__ . '/includes/WebStart.php' ); } // Don't use fancy mime detection, just check the file extension for jpg/gif/png @@ -71,9 +71,10 @@ function wfThumbHandle404() { } # Just get the URI path (REDIRECT_URL/REQUEST_URI is either a full URL or a path) if ( substr( $uriPath, 0, 1 ) !== '/' ) { - $uri = new Uri( $uriPath ); - $uriPath = $uri->getPath(); - if ( $uriPath === null ) { + $bits = wfParseUrl( $uriPath ); + if ( $bits && isset( $bits['path'] ) ) { + $uriPath = $bits['path']; + } else { wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' ); return; } @@ -95,6 +96,7 @@ function wfThumbHandle404() { * @return void */ function wfStreamThumb( array $params ) { + global $wgVaryOnXFP; wfProfileIn( __METHOD__ ); $headers = array(); // HTTP headers to send @@ -124,7 +126,15 @@ function wfStreamThumb( array $params ) { $fileName = strtr( $fileName, '\\/', '__' ); // Actually fetch the image. Method depends on whether it is archived or not. - if ( $isOld ) { + if ( $isTemp ) { + $repo = RepoGroup::singleton()->getLocalRepo()->getTempRepo(); + $img = new UnregisteredLocalFile( null, $repo, + # Temp files are hashed based on the name without the timestamp. + # The thumbnails will be hashed based on the entire name however. + # @TODO: fix this convention to actually be reasonable. + $repo->getZonePath( 'public' ) . '/' . $repo->getTempHashPath( $fileName ) . $fileName + ); + } elseif ( $isOld ) { // Format is ! $bits = explode( '!', $fileName, 2 ); if ( count( $bits ) != 2 ) { @@ -139,25 +149,12 @@ function wfStreamThumb( array $params ) { return; } $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName ); - } elseif ( $isTemp ) { - $repo = RepoGroup::singleton()->getLocalRepo()->getTempRepo(); - // Format is ! or just - $bits = explode( '!', $fileName, 2 ); - // Get the name without the timestamp so hash paths are correctly computed - $title = Title::makeTitleSafe( NS_FILE, isset( $bits[1] ) ? $bits[1] : $fileName ); - if ( !$title ) { - wfThumbError( 404, wfMessage( 'badtitletext' )->text() ); - wfProfileOut( __METHOD__ ); - return; - } - $img = new UnregisteredLocalFile( $title, $repo, - $repo->getZonePath( 'public' ) . '/' . $repo->getTempHashPath( $fileName ) . $fileName - ); } else { $img = wfLocalFile( $fileName ); } // Check permissions if there are read restrictions + $varyHeader = array(); if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) { if ( !$img->getTitle() || !$img->getTitle()->userCan( 'read' ) ) { wfThumbError( 403, 'Access denied. You do not have permission to access ' . @@ -166,7 +163,7 @@ function wfStreamThumb( array $params ) { return; } $headers[] = 'Cache-Control: private'; - $headers[] = 'Vary: Cookie'; + $varyHeader[] = 'Cookie'; } // Check the source file storage path @@ -204,34 +201,66 @@ function wfStreamThumb( array $params ) { } } + $thumbName = $img->thumbName( $params ); + if ( !strlen( $thumbName ) ) { // invalid params? + wfThumbError( 400, 'The specified thumbnail parameters are not valid.' ); + wfProfileOut( __METHOD__ ); + return; + } + + $disposition = $img->getThumbDisposition( $thumbName ); + $headers[] = "Content-Disposition: $disposition"; + // Stream the file if it exists already... try { - $thumbName = $img->thumbName( $params ); - if ( strlen( $thumbName ) ) { // valid params? - // For 404 handled thumbnails, we only use the the base name of the URI - // for the thumb params and the parent directory for the source file name. - // Check that the zone relative path matches up so squid caches won't pick - // up thumbs that would not be purged on source file deletion (bug 34231). - if ( isset( $params['rel404'] ) // thumbnail was handled via 404 - && urldecode( $params['rel404'] ) !== $img->getThumbRel( $thumbName ) ) - { - wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' ); + $thumbName2 = $img->thumbName( $params, File::THUMB_FULL_NAME ); // b/c; "long" style + // For 404 handled thumbnails, we only use the the base name of the URI + // for the thumb params and the parent directory for the source file name. + // Check that the zone relative path matches up so squid caches won't pick + // up thumbs that would not be purged on source file deletion (bug 34231). + if ( isset( $params['rel404'] ) ) { // thumbnail was handled via 404 + if ( urldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName ) ) { + // Request for the canonical thumbnail name + } elseif ( urldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName2 ) ) { + // Request for the "long" thumbnail name; redirect to canonical name + $response = RequestContext::getMain()->getRequest()->response(); + $response->header( "HTTP/1.1 301 " . HttpStatus::getMessage( 301 ) ); + $response->header( 'Location: ' . wfExpandUrl( $img->getThumbUrl( $thumbName ), PROTO_CURRENT ) ); + $response->header( 'Expires: ' . + gmdate( 'D, d M Y H:i:s', time() + 7*86400 ) . ' GMT' ); + if ( $wgVaryOnXFP ) { + $varyHeader[] = 'X-Forwarded-Proto'; + } + if ( count( $varyHeader ) ) { + $response->header( 'Vary: ' . implode( ', ', $varyHeader ) ); + } wfProfileOut( __METHOD__ ); return; - } - $thumbPath = $img->getThumbPath( $thumbName ); - if ( $img->getRepo()->fileExists( $thumbPath ) ) { - $img->getRepo()->streamFile( $thumbPath, $headers ); + } else { + wfThumbError( 404, 'The given path of the specified thumbnail is incorrect.' ); wfProfileOut( __METHOD__ ); return; } } + $thumbPath = $img->getThumbPath( $thumbName ); + if ( $img->getRepo()->fileExists( $thumbPath ) ) { + if ( count( $varyHeader ) ) { + $headers[] = 'Vary: ' . implode( ', ', $varyHeader ); + } + $img->getRepo()->streamFile( $thumbPath, $headers ); + wfProfileOut( __METHOD__ ); + return; + } } catch ( MWException $e ) { wfThumbError( 500, $e->getHTML() ); wfProfileOut( __METHOD__ ); return; } + if ( count( $varyHeader ) ) { + $headers[] = 'Vary: ' . implode( ', ', $varyHeader ); + } + // Thumbnail isn't already there, so create the new thumbnail... try { $thumb = $img->transform( $params, File::RENDER_NOW ); @@ -274,51 +303,55 @@ function wfStreamThumb( array $params ) { function wfExtractThumbParams( $uriPath ) { $repo = RepoGroup::singleton()->getLocalRepo(); + // Zone URL might be relative ("/images") or protocol-relative ("//lang.site/image") $zoneUriPath = $repo->getZoneHandlerUrl( 'thumb' ) ? $repo->getZoneHandlerUrl( 'thumb' ) // custom URL : $repo->getZoneUrl( 'thumb' ); // default to main URL - // URL might be relative ("/images") or protocol-relative ("//lang.site/image") $bits = wfParseUrl( wfExpandUrl( $zoneUriPath, PROTO_INTERNAL ) ); if ( $bits && isset( $bits['path'] ) ) { $zoneUriPath = $bits['path']; } else { - return null; + return null; // not a valid thumbnail URL } - $hashDirRegex = $subdirRegex = ''; + $hashDirReg = $subdirReg = ''; for ( $i = 0; $i < $repo->getHashLevels(); $i++ ) { - $subdirRegex .= '[0-9a-f]'; - $hashDirRegex .= "$subdirRegex/"; + $subdirReg .= '[0-9a-f]'; + $hashDirReg .= "$subdirReg/"; + } + $zoneReg = preg_quote( $zoneUriPath ); // regex for thumb zone URI + + // Check if this is a thumbnail of an original in the local file repo + if ( preg_match( "!^$zoneReg/((archive/)?$hashDirReg([^/]*)/([^/]*))$!", $uriPath, $m ) ) { + list( /*all*/, $rel, $archOrTemp, $filename, $thumbname ) = $m; + // Check if this is a thumbnail of an temp file in the local file repo + } elseif ( preg_match( "!^$zoneReg/(temp/)($hashDirReg([^/]*)/([^/]*))$!", $uriPath, $m ) ) { + list( /*all*/, $archOrTemp, $rel, $filename, $thumbname ) = $m; + } else { + return null; // not a valid looking thumbnail request } - $thumbPathRegex = "!^" . preg_quote( $zoneUriPath ) . - "/((archive/|temp/)?$hashDirRegex([^/]*)/([^/]*))$!"; - - // Check if this is a valid looking thumbnail request... - if ( preg_match( $thumbPathRegex, $uriPath, $matches ) ) { - list( /* all */, $rel, $archOrTemp, $filename, $thumbname ) = $matches; - $filename = urldecode( $filename ); - $thumbname = urldecode( $thumbname ); + $filename = urldecode( $filename ); + $thumbname = urldecode( $thumbname ); - $params = array( 'f' => $filename, 'rel404' => $rel ); - if ( $archOrTemp == 'archive/' ) { - $params['archived'] = 1; - } elseif ( $archOrTemp == 'temp/' ) { - $params['temp'] = 1; - } + $params = array( 'f' => $filename, 'rel404' => $rel ); + if ( $archOrTemp === 'archive/' ) { + $params['archived'] = 1; + } elseif ( $archOrTemp === 'temp/' ) { + $params['temp'] = 1; + } - // Check if the parameters can be extracted from the thumbnail name... - if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) { - list( /* all */, $pagefull, $pagenum, $size ) = $matches; - $params['width'] = $size; - if ( $pagenum ) { - $params['page'] = $pagenum; - } - return $params; // valid thumbnail URL - // Hooks return false if they manage to *resolve* the parameters - } elseif ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) { - return $params; // valid thumbnail URL (via extension or config) + // Check if the parameters can be extracted from the thumbnail name... + if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) { + list( /* all */, $pagefull, $pagenum, $size ) = $matches; + $params['width'] = $size; + if ( $pagenum ) { + $params['page'] = $pagenum; } + return $params; // valid thumbnail URL + // Hooks return false if they manage to *resolve* the parameters + } elseif ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) { + return $params; // valid thumbnail URL (via extension or config) } return null; // not a valid thumbnail URL