dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Revert "Parser: Add Title type hints"
[lhc/web/wiklou.git] / includes / json / FormatJson.php
1 <?php
2 /**
3 * Wrapper for json_encode and json_decode.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 /**
24 * JSON formatter wrapper class
25 */
26 class FormatJson {
27 /**
28 * Skip escaping most characters above U+007F for readability and compactness.
29 * This encoding option saves 3 to 8 bytes (uncompressed) for each such character;
30 * however, it could break compatibility with systems that incorrectly handle UTF-8.
31 *
32 * @since 1.22
33 */
34 const UTF8_OK = 1;
35
36 /**
37 * Skip escaping the characters '<', '>', and '&', which have special meanings in
38 * HTML and XML.
39 *
40 * @warning Do not use this option for JSON that could end up in inline scripts.
41 * - HTML 5.2, §4.12.1.3 Restrictions for contents of script elements
42 * - XML 1.0 (5th Ed.), §2.4 Character Data and Markup
43 *
44 * @since 1.22
45 */
46 const XMLMETA_OK = 2;
47
48 /**
49 * Skip escaping as many characters as reasonably possible.
50 *
51 * @warning When generating inline script blocks, use FormatJson::UTF8_OK instead.
52 *
53 * @since 1.22
54 */
55 const ALL_OK = self::UTF8_OK | self::XMLMETA_OK;
56
57 /**
58 * If set, treat JSON objects '{...}' as associative arrays. Without this option,
59 * JSON objects will be converted to stdClass.
60 *
61 * @since 1.24
62 */
63 const FORCE_ASSOC = 0x100;
64
65 /**
66 * If set, attempt to fix invalid JSON.
67 *
68 * @since 1.24
69 */
70 const TRY_FIXING = 0x200;
71
72 /**
73 * If set, strip comments from input before parsing as JSON.
74 *
75 * @since 1.25
76 */
77 const STRIP_COMMENTS = 0x400;
78
79 /**
80 * Characters problematic in JavaScript.
81 *
82 * @note These are listed in ECMA-262 (5.1 Ed.), §7.3 Line Terminators along with U+000A (LF)
83 * and U+000D (CR). However, PHP already escapes LF and CR according to RFC 4627.
84 */
85 private static $badChars = [
86 "\u{2028}", // U+2028 LINE SEPARATOR
87 "\u{2029}", // U+2029 PARAGRAPH SEPARATOR
88 ];
89
90 /**
91 * Escape sequences for characters listed in FormatJson::$badChars.
92 */
93 private static $badCharsEscaped = [
94 '\u2028', // U+2028 LINE SEPARATOR
95 '\u2029', // U+2029 PARAGRAPH SEPARATOR
96 ];
97
98 /**
99 * Returns the JSON representation of a value.
100 *
101 * @note Empty arrays are encoded as numeric arrays, not as objects, so cast any associative
102 * array that might be empty to an object before encoding it.
103 *
104 * @note In pre-1.22 versions of MediaWiki, using this function for generating inline script
105 * blocks may result in an XSS vulnerability, and quite likely will in XML documents
106 * (cf. FormatJson::XMLMETA_OK). Use Xml::encodeJsVar() instead in such cases.
107 *
108 * @param mixed $value The value to encode. Can be any type except a resource.
109 * @param string|bool $pretty If a string, add non-significant whitespace to improve
110 * readability, using that string for indentation. If true, use the default indent
111 * string (four spaces).
112 * @param int $escaping Bitfield consisting of _OK class constants
113 * @return string|false String if successful; false upon failure
114 */
115 public static function encode( $value, $pretty = false, $escaping = 0 ) {
116 if ( !is_string( $pretty ) ) {
117 $pretty = $pretty ? ' ' : false;
118 }
119
120 // PHP escapes '/' to prevent breaking out of inline script blocks using '</script>',
121 // which is hardly useful when '<' and '>' are escaped (and inadequate), and such
122 // escaping negatively impacts the human readability of URLs and similar strings.
123 $options = JSON_UNESCAPED_SLASHES;
124 $options |= $pretty !== false ? JSON_PRETTY_PRINT : 0;
125 $options |= ( $escaping & self::UTF8_OK ) ? JSON_UNESCAPED_UNICODE : 0;
126 $options |= ( $escaping & self::XMLMETA_OK ) ? 0 : ( JSON_HEX_TAG | JSON_HEX_AMP );
127 $json = json_encode( $value, $options );
128 if ( $json === false ) {
129 return false;
130 }
131
132 if ( $pretty !== false && $pretty !== ' ' ) {
133 // Change the four-space indent to a tab indent
134 $json = str_replace( "\n ", "\n\t", $json );
135 while ( strpos( $json, "\t " ) !== false ) {
136 $json = str_replace( "\t ", "\t\t", $json );
137 }
138
139 if ( $pretty !== "\t" ) {
140 // Change the tab indent to the provided indent
141 $json = str_replace( "\t", $pretty, $json );
142 }
143 }
144 if ( $escaping & self::UTF8_OK ) {
145 $json = str_replace( self::$badChars, self::$badCharsEscaped, $json );
146 }
147
148 return $json;
149 }
150
151 /**
152 * Decodes a JSON string. It is recommended to use FormatJson::parse(),
153 * which returns more comprehensive result in case of an error, and has
154 * more parsing options.
155 *
156 * In PHP versions before 7.1, decoding a JSON string containing an empty key
157 * without passing $assoc as true results in a return object with a property
158 * named "_empty_" (because true empty properties were not supported pre-PHP-7.1).
159 * Instead, consider passing $assoc as true to return an associative array.
160 *
161 * But be aware that in all supported PHP versions, decoding an empty JSON object
162 * with $assoc = true returns an array, not an object, breaking round-trip consistency.
163 *
164 * See https://phabricator.wikimedia.org/T206411 for more details on these quirks.
165 *
166 * @param string $value The JSON string being decoded
167 * @param bool $assoc When true, returned objects will be converted into associative arrays.
168 *
169 * @return mixed The value encoded in JSON in appropriate PHP type.
170 * `null` is returned if $value represented `null`, if $value could not be decoded,
171 * or if the encoded data was deeper than the recursion limit.
172 * Use FormatJson::parse() to distinguish between types of `null` and to get proper error code.
173 */
174 public static function decode( $value, $assoc = false ) {
175 return json_decode( $value, $assoc );
176 }
177
178 /**
179 * Decodes a JSON string.
180 * Unlike FormatJson::decode(), if $value represents null value, it will be
181 * properly decoded as valid.
182 *
183 * @param string $value The JSON string being decoded
184 * @param int $options A bit field that allows FORCE_ASSOC, TRY_FIXING,
185 * STRIP_COMMENTS
186 * @return Status If valid JSON, the value is available in $result->getValue()
187 */
188 public static function parse( $value, $options = 0 ) {
189 if ( $options & self::STRIP_COMMENTS ) {
190 $value = self::stripComments( $value );
191 }
192 $assoc = ( $options & self::FORCE_ASSOC ) !== 0;
193 $result = json_decode( $value, $assoc );
194 $code = json_last_error();
195
196 if ( $code === JSON_ERROR_SYNTAX && ( $options & self::TRY_FIXING ) !== 0 ) {
197 // The most common error is the trailing comma in a list or an object.
198 // We cannot simply replace /,\s*[}\]]/ because it could be inside a string value.
199 // But we could use the fact that JSON does not allow multi-line string values,
200 // And remove trailing commas if they are et the end of a line.
201 // JSON only allows 4 control characters: [ \t\r\n]. So we must not use '\s' for matching.
202 // Regex match ,]<any non-quote chars>\n or ,\n] with optional spaces/tabs.
203 $count = 0;
204 $value =
205 preg_replace( '/,([ \t]*[}\]][^"\r\n]*([\r\n]|$)|[ \t]*[\r\n][ \t\r\n]*[}\]])/', '$1',
206 $value, -1, $count );
207 if ( $count > 0 ) {
208 $result = json_decode( $value, $assoc );
209 if ( JSON_ERROR_NONE === json_last_error() ) {
210 // Report warning
211 $st = Status::newGood( $result );
212 $st->warning( wfMessage( 'json-warn-trailing-comma' )->numParams( $count ) );
213 return $st;
214 }
215 }
216 }
217
218 switch ( $code ) {
219 case JSON_ERROR_NONE:
220 return Status::newGood( $result );
221 default:
222 return Status::newFatal( wfMessage( 'json-error-unknown' )->numParams( $code ) );
223 case JSON_ERROR_DEPTH:
224 $msg = 'json-error-depth';
225 break;
226 case JSON_ERROR_STATE_MISMATCH:
227 $msg = 'json-error-state-mismatch';
228 break;
229 case JSON_ERROR_CTRL_CHAR:
230 $msg = 'json-error-ctrl-char';
231 break;
232 case JSON_ERROR_SYNTAX:
233 $msg = 'json-error-syntax';
234 break;
235 case JSON_ERROR_UTF8:
236 $msg = 'json-error-utf8';
237 break;
238 case JSON_ERROR_RECURSION:
239 $msg = 'json-error-recursion';
240 break;
241 case JSON_ERROR_INF_OR_NAN:
242 $msg = 'json-error-inf-or-nan';
243 break;
244 case JSON_ERROR_UNSUPPORTED_TYPE:
245 $msg = 'json-error-unsupported-type';
246 break;
247 }
248 return Status::newFatal( $msg );
249 }
250
251 /**
252 * Remove multiline and single line comments from an otherwise valid JSON
253 * input string. This can be used as a preprocessor, to allow JSON
254 * formatted configuration files to contain comments.
255 *
256 * @param string $json
257 * @return string JSON with comments removed
258 */
259 public static function stripComments( $json ) {
260 // Ensure we have a string
261 $str = (string)$json;
262 $buffer = '';
263 $maxLen = strlen( $str );
264 $mark = 0;
265
266 $inString = false;
267 $inComment = false;
268 $multiline = false;
269
270 for ( $idx = 0; $idx < $maxLen; $idx++ ) {
271 switch ( $str[$idx] ) {
272 case '"':
273 $lookBehind = ( $idx - 1 >= 0 ) ? $str[$idx - 1] : '';
274 if ( !$inComment && $lookBehind !== '\\' ) {
275 // Either started or ended a string
276 $inString = !$inString;
277 }
278 break;
279
280 case '/':
281 $lookAhead = ( $idx + 1 < $maxLen ) ? $str[$idx + 1] : '';
282 $lookBehind = ( $idx - 1 >= 0 ) ? $str[$idx - 1] : '';
283 if ( $inString ) {
284 break;
285
286 } elseif ( !$inComment &&
287 ( $lookAhead === '/' || $lookAhead === '*' )
288 ) {
289 // Transition into a comment
290 // Add characters seen to buffer
291 $buffer .= substr( $str, $mark, $idx - $mark );
292 // Consume the look ahead character
293 $idx++;
294 // Track state
295 $inComment = true;
296 $multiline = $lookAhead === '*';
297
298 } elseif ( $multiline && $lookBehind === '*' ) {
299 // Found the end of the current comment
300 $mark = $idx + 1;
301 $inComment = false;
302 $multiline = false;
303 }
304 break;
305
306 case "\n":
307 if ( $inComment && !$multiline ) {
308 // Found the end of the current comment
309 $mark = $idx + 1;
310 $inComment = false;
311 }
312 break;
313 }
314 }
315 if ( $inComment ) {
316 // Comment ends with input
317 // Technically we should check to ensure that we aren't in
318 // a multiline comment that hasn't been properly ended, but this
319 // is a strip filter, not a validating parser.
320 $mark = $maxLen;
321 }
322 // Add final chunk to buffer before returning
323 return $buffer . substr( $str, $mark, $maxLen - $mark );
324 }
325 }
Wiklou, le Wiki du Wiklou