X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FHtml.php;h=8c014487491ce719ac43070de3da957bbda7052a;hb=ce079cf6ad79ca8d3360817f809b219d166f9153;hp=e5128d166c6d684f15f00c9a38c077cb7e7f1a44;hpb=7f6094c2f86064ff239ba487ce1951b6190a555c;p=lhc%2Fweb%2Fwiklou.git
diff --git a/includes/Html.php b/includes/Html.php
index e5128d166c..0b6b6556ac 100644
--- a/includes/Html.php
+++ b/includes/Html.php
@@ -3,7 +3,7 @@
* Collection of methods to generate HTML content
*
* Copyright © 2009 Aryeh Gregor
- * http://www.mediawiki.org/
+ * https://www.mediawiki.org/
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -46,13 +46,12 @@
* @since 1.16
*/
class Html {
- // List of void elements from HTML5, section 8.1.2 as of 2011-08-12
+ // List of void elements from HTML5, section 8.1.2 as of 2016-09-19
private static $voidElements = [
'area',
'base',
'br',
'col',
- 'command',
'embed',
'hr',
'img',
@@ -156,11 +155,11 @@ class Html {
*
* @param string $contents The raw HTML contents of the element: *not*
* escaped!
- * @param array $attrs Associative array of attributes, e.g., array(
- * 'href' => 'http://www.mediawiki.org/' ). See expandAttributes() for
+ * @param array $attrs Associative array of attributes, e.g., [
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
* further documentation.
* @param string[] $modifiers classes to add to the button
- * @see http://tools.wmflabs.org/styleguide/desktop/index.html for guidance on available modifiers
+ * @see https://tools.wmflabs.org/styleguide/desktop/index.html for guidance on available modifiers
* @return string Raw HTML
*/
public static function linkButton( $contents, array $attrs, array $modifiers = [] ) {
@@ -176,11 +175,11 @@ class Html {
*
* @param string $contents The raw HTML contents of the element: *not*
* escaped!
- * @param array $attrs Associative array of attributes, e.g., array(
- * 'href' => 'http://www.mediawiki.org/' ). See expandAttributes() for
+ * @param array $attrs Associative array of attributes, e.g., [
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
* further documentation.
* @param string[] $modifiers classes to add to the button
- * @see http://tools.wmflabs.org/styleguide/desktop/index.html for guidance on available modifiers
+ * @see https://tools.wmflabs.org/styleguide/desktop/index.html for guidance on available modifiers
* @return string Raw HTML
*/
public static function submitButton( $contents, array $attrs, array $modifiers = [] ) {
@@ -200,8 +199,8 @@ class Html {
* content model.
*
* @param string $element The element's name, e.g., 'a'
- * @param array $attribs Associative array of attributes, e.g., array(
- * 'href' => 'http://www.mediawiki.org/' ). See expandAttributes() for
+ * @param array $attribs Associative array of attributes, e.g., [
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
* further documentation.
* @param string $contents The raw HTML contents of the element: *not*
* escaped!
@@ -321,8 +320,8 @@ class Html {
* to the input array (currently per the HTML 5 draft as of 2009-09-06).
*
* @param string $element Name of the element, e.g., 'a'
- * @param array $attribs Associative array of attributes, e.g., array(
- * 'href' => 'http://www.mediawiki.org/' ). See expandAttributes() for
+ * @param array $attribs Associative array of attributes, e.g., [
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
* further documentation.
* @return array An array of attributes functionally identical to $attribs
*/
@@ -339,7 +338,6 @@ class Html {
'height' => '150',
'width' => '300',
],
- 'command' => [ 'type' => 'command' ],
'form' => [
'action' => 'GET',
'autocomplete' => 'on',
@@ -432,9 +430,9 @@ class Html {
/**
* Given an associative array of element attributes, generate a string
- * to stick after the element name in HTML output. Like array( 'href' =>
- * 'http://www.mediawiki.org/' ) becomes something like
- * ' href="http://www.mediawiki.org"'. Again, this is like
+ * to stick after the element name in HTML output. Like [ 'href' =>
+ * 'https://www.mediawiki.org/' ] becomes something like
+ * ' href="https://www.mediawiki.org"'. Again, this is like
* Xml::expandAttributes(), but it implements some HTML-specific logic.
*
* Attributes that can contain space-separated lists ('class', 'accesskey' and 'rel') array
@@ -445,25 +443,25 @@ class Html {
*
* @par Numerical array
* @code
- * Html::element( 'em', array(
- * 'class' => array( 'foo', 'bar' )
- * ) );
+ * Html::element( 'em', [
+ * 'class' => [ 'foo', 'bar' ]
+ * ] );
* // gives ''
* @endcode
*
* @par Associative array
* @code
- * Html::element( 'em', array(
- * 'class' => array( 'foo', 'bar', 'foo' => false, 'quux' => true )
- * ) );
+ * Html::element( 'em', [
+ * 'class' => [ 'foo', 'bar', 'foo' => false, 'quux' => true ]
+ * ] );
* // gives ''
* @endcode
*
- * @param array $attribs Associative array of attributes, e.g., array(
- * 'href' => 'http://www.mediawiki.org/' ). Values will be HTML-escaped.
+ * @param array $attribs Associative array of attributes, e.g., [
+ * 'href' => 'https://www.mediawiki.org/' ]. Values will be HTML-escaped.
* A value of false means to omit the attribute. For boolean attributes,
- * you can omit the key, e.g., array( 'checked' ) instead of
- * array( 'checked' => 'checked' ) or such.
+ * you can omit the key, e.g., [ 'checked' ] instead of
+ * [ 'checked' => 'checked' ] or such.
*
* @throws MWException If an attribute that doesn't allow lists is set to an array
* @return string HTML fragment that goes between element name and '>'
@@ -472,13 +470,13 @@ class Html {
public static function expandAttributes( array $attribs ) {
$ret = '';
foreach ( $attribs as $key => $value ) {
- // Support intuitive array( 'checked' => true/false ) form
+ // Support intuitive [ 'checked' => true/false ] form
if ( $value === false || is_null( $value ) ) {
continue;
}
- // For boolean attributes, support array( 'foo' ) instead of
- // requiring array( 'foo' => 'meaningless' ).
+ // For boolean attributes, support [ 'foo' ] instead of
+ // requiring [ 'foo' => 'meaningless' ].
if ( is_int( $key ) && in_array( strtolower( $value ), self::$boolAttribs ) ) {
$key = $value;
}
@@ -503,8 +501,8 @@ class Html {
continue;
}
- // http://www.w3.org/TR/html401/index/attributes.html ("space-separated")
- // http://www.w3.org/TR/html5/index.html#attributes-1 ("space-separated")
+ // https://www.w3.org/TR/html401/index/attributes.html ("space-separated")
+ // https://www.w3.org/TR/html5/index.html#attributes-1 ("space-separated")
$spaceSeparatedListAttributes = [
'class', // html4, html5
'accesskey', // as of html5, multiple space-separated values allowed
@@ -535,7 +533,7 @@ class Html {
}
} elseif ( $v ) {
// If the value is truthy but not a string this is likely
- // an array( 'foo' => true ), falsy values don't add strings
+ // an [ 'foo' => true ], falsy values don't add strings
$newValue[] = $k;
}
}
@@ -627,6 +625,17 @@ class Html {
* @return string Raw HTML
*/
public static function inlineStyle( $contents, $media = 'all' ) {
+ // Don't escape '>' since that is used
+ // as direct child selector.
+ // Remember, in css, there is no "x" for hexadecimal escapes, and
+ // the space immediately after an escape sequence is swallowed.
+ $contents = strtr( $contents, [
+ '<' => '\3C ',
+ // CDATA end tag for good measure, but the main security
+ // is from escaping the '<'.
+ ']]>' => '\5D\5D\3E '
+ ] );
+
if ( preg_match( '/[<&]/', $contents ) ) {
$contents = "/**/";
}
@@ -935,13 +944,7 @@ class Html {
$attribs['version'] = $wgHtml5Version;
}
- $html = self::openElement( 'html', $attribs );
-
- if ( $html ) {
- $html .= "\n";
- }
-
- $ret .= $html;
+ $ret .= self::openElement( 'html', $attribs );
return $ret;
}
@@ -953,7 +956,7 @@ class Html {
* @return bool
*/
public static function isXmlMimeType( $mimetype ) {
- # http://www.whatwg.org/html/infrastructure.html#xml-mime-type
+ # https://html.spec.whatwg.org/multipage/infrastructure.html#xml-mime-type
# * text/xml
# * application/xml
# * Any MIME type with a subtype ending in +xml (this implicitly includes application/xhtml+xml)
@@ -1002,15 +1005,15 @@ class Html {
*
* @note srcset width and height values are not supported.
*
- * @see http://www.whatwg.org/html/embedded-content-1.html#attr-img-srcset
+ * @see https://html.spec.whatwg.org/#attr-img-srcset
*
* @par Example:
* @code
- * Html::srcSet( array(
+ * Html::srcSet( [
* '1x' => 'standard.jpeg',
* '1.5x' => 'large.jpeg',
* '3x' => 'extra-large.jpeg',
- * ) );
+ * ] );
* // gives 'standard.jpeg 1x, large.jpeg 1.5x, extra-large.jpeg 2x'
* @endcode
*
@@ -1020,9 +1023,21 @@ class Html {
static function srcSet( array $urls ) {
$candidates = [];
foreach ( $urls as $density => $url ) {
- // Cast density to float to strip 'x'.
- $candidates[] = $url . ' ' . (float)$density . 'x';
+ // Cast density to float to strip 'x', then back to string to serve
+ // as array index.
+ $density = (string)(float)$density;
+ $candidates[$density] = $url;
}
+
+ // Remove duplicates that are the same as a smaller value
+ ksort( $candidates, SORT_NUMERIC );
+ $candidates = array_unique( $candidates );
+
+ // Append density info to the url
+ foreach ( $candidates as $density => $url ) {
+ $candidates[$density] = $url . ' ' . $density . 'x';
+ }
+
return implode( ", ", $candidates );
}
}