dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
SECURITY: API: Avoid some silliness with browser-guessed filenames
[lhc/web/wiklou.git] / includes / api / ApiFormatRaw.php
1 <?php
2 /**
3 *
4 *
5 * Created on Feb 2, 2009
6 *
7 * Copyright © 2009 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
23 *
24 * @file
25 */
26
27 /**
28 * Formatter that spits out anything you like with any desired MIME type
29 * @ingroup API
30 */
31 class ApiFormatRaw extends ApiFormatBase {
32
33 private $errorFallback;
34 private $mFailWithHTTPError = false;
35
36 /**
37 * @param ApiMain $main
38 * @param ApiFormatBase|null $errorFallback Object to fall back on for errors
39 */
40 public function __construct( ApiMain $main, ApiFormatBase $errorFallback = null ) {
41 parent::__construct( $main, 'raw' );
42 if ( $errorFallback === null ) {
43 $this->errorFallback = $main->createPrinterByName( $main->getParameter( 'format' ) );
44 } else {
45 $this->errorFallback = $errorFallback;
46 }
47 }
48
49 public function getMimeType() {
50 $data = $this->getResult()->getResultData();
51
52 if ( isset( $data['error'] ) || isset( $data['errors'] ) ) {
53 return $this->errorFallback->getMimeType();
54 }
55
56 if ( !isset( $data['mime'] ) ) {
57 ApiBase::dieDebug( __METHOD__, 'No MIME type set for raw formatter' );
58 }
59
60 return $data['mime'];
61 }
62
63 public function getFilename() {
64 $data = $this->getResult()->getResultData();
65 if ( isset( $data['error'] ) ) {
66 return $this->errorFallback->getFilename();
67 } elseif ( !isset( $data['filename'] ) || $this->getIsWrappedHtml() || $this->getIsHtml() ) {
68 return parent::getFilename();
69 } else {
70 return $data['filename'];
71 }
72 }
73
74 public function initPrinter( $unused = false ) {
75 $data = $this->getResult()->getResultData();
76 if ( isset( $data['error'] ) || isset( $data['errors'] ) ) {
77 $this->errorFallback->initPrinter( $unused );
78 if ( $this->mFailWithHTTPError ) {
79 $this->getMain()->getRequest()->response()->statusHeader( 400 );
80 }
81 } else {
82 parent::initPrinter( $unused );
83 }
84 }
85
86 public function closePrinter() {
87 $data = $this->getResult()->getResultData();
88 if ( isset( $data['error'] ) || isset( $data['errors'] ) ) {
89 $this->errorFallback->closePrinter();
90 } else {
91 parent::closePrinter();
92 }
93 }
94
95 public function execute() {
96 $data = $this->getResult()->getResultData();
97 if ( isset( $data['error'] ) || isset( $data['errors'] ) ) {
98 $this->errorFallback->execute();
99 return;
100 }
101
102 if ( !isset( $data['text'] ) ) {
103 ApiBase::dieDebug( __METHOD__, 'No text given for raw formatter' );
104 }
105 $this->printText( $data['text'] );
106 }
107
108 /**
109 * Output HTTP error code 400 when if an error is encountered
110 *
111 * The purpose is for output formats where the user-agent will
112 * not be able to interpret the validity of the content in any
113 * other way. For example subtitle files read by browser video players.
114 *
115 * @param bool $fail
116 */
117 public function setFailWithHTTPError( $fail ) {
118 $this->mFailWithHTTPError = $fail;
119 }
120 }
Wiklou, le Wiki du Wiklou