dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
resourceloader: Add $modules parameter to makeVersionQuery()
[lhc/web/wiklou.git] / includes / resourceloader / ResourceLoader.php
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
17 *
18 * @file
19 * @author Roan Kattouw
20 * @author Trevor Parscal
21 */
22
23 use MediaWiki\MediaWikiServices;
24 use Psr\Log\LoggerAwareInterface;
25 use Psr\Log\LoggerInterface;
26 use Psr\Log\NullLogger;
27 use Wikimedia\Rdbms\DBConnectionError;
28 use Wikimedia\WrappedString;
29
30 /**
31 * @defgroup ResourceLoader ResourceLoader
32 *
33 * For higher level documentation, see <https://www.mediawiki.org/wiki/ResourceLoader/Architecture>.
34 */
35
36 /**
37 * ResourceLoader is a loading system for JavaScript and CSS resources.
38 *
39 * For higher level documentation, see <https://www.mediawiki.org/wiki/ResourceLoader/Architecture>.
40 *
41 * @ingroup ResourceLoader
42 * @since 1.17
43 */
44 class ResourceLoader implements LoggerAwareInterface {
45 /** @var Config */
46 protected $config;
47 /** @var MessageBlobStore */
48 protected $blobStore;
49
50 /** @var LoggerInterface */
51 private $logger;
52
53 /** @var ResourceLoaderModule[] Map of (module name => ResourceLoaderModule) */
54 protected $modules = [];
55 /** @var array[] Map of (module name => associative info array) */
56 protected $moduleInfos = [];
57 /**
58 * Associative array mapping framework ids to a list of names of test suite modules
59 * like [ 'qunit' => [ 'mediawiki.tests.qunit.suites', 'ext.foo.tests', ... ], ... ]
60 * @var array
61 */
62 protected $testModuleNames = [];
63 /** @var string[] List of module names that contain QUnit test suites */
64 protected $testSuiteModuleNames = [];
65
66 /** @var array Map of (source => path); E.g. [ 'source-id' => 'http://.../load.php' ] */
67 protected $sources = [];
68 /** @var array Errors accumulated during current respond() call */
69 protected $errors = [];
70 /** @var string[] Extra HTTP response headers from modules loaded in makeModuleResponse() */
71 protected $extraHeaders = [];
72
73 /** @var bool */
74 protected static $debugMode = null;
75
76 /** @var int */
77 const CACHE_VERSION = 8;
78
79 /** @var string JavaScript / CSS pragma to disable minification. * */
80 const FILTER_NOMIN = '/*@nomin*/';
81
82 /**
83 * Load information stored in the database about modules.
84 *
85 * This method grabs modules dependencies from the database and updates modules
86 * objects.
87 *
88 * This is not inside the module code because it is much faster to
89 * request all of the information at once than it is to have each module
90 * requests its own information. This sacrifice of modularity yields a substantial
91 * performance improvement.
92 *
93 * @param array $moduleNames List of module names to preload information for
94 * @param ResourceLoaderContext $context Context to load the information within
95 */
96 public function preloadModuleInfo( array $moduleNames, ResourceLoaderContext $context ) {
97 if ( !$moduleNames ) {
98 // Or else Database*::select() will explode, plus it's cheaper!
99 return;
100 }
101 $dbr = wfGetDB( DB_REPLICA );
102 $lang = $context->getLanguage();
103
104 // Batched version of ResourceLoaderModule::getFileDependencies
105 $vary = ResourceLoaderModule::getVary( $context );
106 $res = $dbr->select( 'module_deps', [ 'md_module', 'md_deps' ], [
107 'md_module' => $moduleNames,
108 'md_skin' => $vary,
109 ], __METHOD__
110 );
111
112 // Prime in-object cache for file dependencies
113 $modulesWithDeps = [];
114 foreach ( $res as $row ) {
115 $module = $this->getModule( $row->md_module );
116 if ( $module ) {
117 $module->setFileDependencies( $context, ResourceLoaderModule::expandRelativePaths(
118 json_decode( $row->md_deps, true )
119 ) );
120 $modulesWithDeps[] = $row->md_module;
121 }
122 }
123 // Register the absence of a dependency row too
124 foreach ( array_diff( $moduleNames, $modulesWithDeps ) as $name ) {
125 $module = $this->getModule( $name );
126 if ( $module ) {
127 $this->getModule( $name )->setFileDependencies( $context, [] );
128 }
129 }
130
131 // Batched version of ResourceLoaderWikiModule::getTitleInfo
132 ResourceLoaderWikiModule::preloadTitleInfo( $context, $dbr, $moduleNames );
133
134 // Prime in-object cache for message blobs for modules with messages
135 $modules = [];
136 foreach ( $moduleNames as $name ) {
137 $module = $this->getModule( $name );
138 if ( $module && $module->getMessages() ) {
139 $modules[$name] = $module;
140 }
141 }
142 $store = $this->getMessageBlobStore();
143 $blobs = $store->getBlobs( $modules, $lang );
144 foreach ( $blobs as $name => $blob ) {
145 $modules[$name]->setMessageBlob( $blob, $lang );
146 }
147 }
148
149 /**
150 * Run JavaScript or CSS data through a filter, caching the filtered result for future calls.
151 *
152 * Available filters are:
153 *
154 * - minify-js \see JavaScriptMinifier::minify
155 * - minify-css \see CSSMin::minify
156 *
157 * If $data is empty, only contains whitespace or the filter was unknown,
158 * $data is returned unmodified.
159 *
160 * @param string $filter Name of filter to run
161 * @param string $data Text to filter, such as JavaScript or CSS text
162 * @param array $options Keys:
163 * - (bool) cache: Whether to allow caching this data. Default: true.
164 * @return string Filtered data, or a comment containing an error message
165 */
166 public static function filter( $filter, $data, array $options = [] ) {
167 if ( strpos( $data, self::FILTER_NOMIN ) !== false ) {
168 return $data;
169 }
170
171 if ( isset( $options['cache'] ) && $options['cache'] === false ) {
172 return self::applyFilter( $filter, $data );
173 }
174
175 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
176 $cache = ObjectCache::getLocalServerInstance( CACHE_ANYTHING );
177
178 $key = $cache->makeGlobalKey(
179 'resourceloader-filter',
180 $filter,
181 self::CACHE_VERSION,
182 md5( $data )
183 );
184
185 $result = $cache->get( $key );
186 if ( $result === false ) {
187 $stats->increment( "resourceloader_cache.$filter.miss" );
188 $result = self::applyFilter( $filter, $data );
189 $cache->set( $key, $result, 24 * 3600 );
190 } else {
191 $stats->increment( "resourceloader_cache.$filter.hit" );
192 }
193 if ( $result === null ) {
194 // Cached failure
195 $result = $data;
196 }
197
198 return $result;
199 }
200
201 private static function applyFilter( $filter, $data ) {
202 $data = trim( $data );
203 if ( $data ) {
204 try {
205 $data = ( $filter === 'minify-css' )
206 ? CSSMin::minify( $data )
207 : JavaScriptMinifier::minify( $data );
208 } catch ( Exception $e ) {
209 MWExceptionHandler::logException( $e );
210 return null;
211 }
212 }
213 return $data;
214 }
215
216 /**
217 * Register core modules and runs registration hooks.
218 * @param Config|null $config
219 * @param LoggerInterface|null $logger [optional]
220 */
221 public function __construct( Config $config = null, LoggerInterface $logger = null ) {
222 $this->logger = $logger ?: new NullLogger();
223
224 if ( !$config ) {
225 wfDeprecated( __METHOD__ . ' without a Config instance', '1.34' );
226 $config = MediaWikiServices::getInstance()->getMainConfig();
227 }
228 $this->config = $config;
229
230 // Add 'local' source first
231 $this->addSource( 'local', $config->get( 'LoadScript' ) );
232
233 // Special module that always exists
234 $this->register( 'startup', [ 'class' => ResourceLoaderStartUpModule::class ] );
235
236 $this->setMessageBlobStore( new MessageBlobStore( $this, $this->logger ) );
237 }
238
239 /**
240 * @return Config
241 */
242 public function getConfig() {
243 return $this->config;
244 }
245
246 /**
247 * @since 1.26
248 * @param LoggerInterface $logger
249 */
250 public function setLogger( LoggerInterface $logger ) {
251 $this->logger = $logger;
252 }
253
254 /**
255 * @since 1.27
256 * @return LoggerInterface
257 */
258 public function getLogger() {
259 return $this->logger;
260 }
261
262 /**
263 * @since 1.26
264 * @return MessageBlobStore
265 */
266 public function getMessageBlobStore() {
267 return $this->blobStore;
268 }
269
270 /**
271 * @since 1.25
272 * @param MessageBlobStore $blobStore
273 */
274 public function setMessageBlobStore( MessageBlobStore $blobStore ) {
275 $this->blobStore = $blobStore;
276 }
277
278 /**
279 * Register a module with the ResourceLoader system.
280 *
281 * @param string|array[] $name Module name as a string or, array of module info arrays
282 * keyed by name.
283 * @param array|null $info Module info array. When using the first parameter to register
284 * multiple modules at once, this parameter is optional.
285 * @throws MWException If a duplicate module registration is attempted
286 * @throws MWException If a module name contains illegal characters (pipes or commas)
287 * @throws InvalidArgumentException If the module info is not an array
288 */
289 public function register( $name, $info = null ) {
290 $moduleSkinStyles = $this->config->get( 'ResourceModuleSkinStyles' );
291
292 // Allow multiple modules to be registered in one call
293 $registrations = is_array( $name ) ? $name : [ $name => $info ];
294 foreach ( $registrations as $name => $info ) {
295 // Warn on duplicate registrations
296 if ( isset( $this->moduleInfos[$name] ) ) {
297 // A module has already been registered by this name
298 $this->logger->warning(
299 'ResourceLoader duplicate registration warning. ' .
300 'Another module has already been registered as ' . $name
301 );
302 }
303
304 // Check validity
305 if ( !self::isValidModuleName( $name ) ) {
306 throw new MWException( "ResourceLoader module name '$name' is invalid, "
307 . "see ResourceLoader::isValidModuleName()" );
308 }
309 if ( !is_array( $info ) ) {
310 throw new InvalidArgumentException(
311 'Invalid module info for "' . $name . '": expected array, got ' . gettype( $info )
312 );
313 }
314
315 // Attach module
316 $this->moduleInfos[$name] = $info;
317
318 // Last-minute changes
319 // Apply custom skin-defined styles to existing modules.
320 if ( $this->isFileModule( $name ) ) {
321 foreach ( $moduleSkinStyles as $skinName => $skinStyles ) {
322 // If this module already defines skinStyles for this skin, ignore $wgResourceModuleSkinStyles.
323 if ( isset( $this->moduleInfos[$name]['skinStyles'][$skinName] ) ) {
324 continue;
325 }
326
327 // If $name is preceded with a '+', the defined style files will be added to 'default'
328 // skinStyles, otherwise 'default' will be ignored as it normally would be.
329 if ( isset( $skinStyles[$name] ) ) {
330 $paths = (array)$skinStyles[$name];
331 $styleFiles = [];
332 } elseif ( isset( $skinStyles['+' . $name] ) ) {
333 $paths = (array)$skinStyles['+' . $name];
334 $styleFiles = isset( $this->moduleInfos[$name]['skinStyles']['default'] ) ?
335 (array)$this->moduleInfos[$name]['skinStyles']['default'] :
336 [];
337 } else {
338 continue;
339 }
340
341 // Add new file paths, remapping them to refer to our directories and not use settings
342 // from the module we're modifying, which come from the base definition.
343 list( $localBasePath, $remoteBasePath ) =
344 ResourceLoaderFileModule::extractBasePaths( $skinStyles );
345
346 foreach ( $paths as $path ) {
347 $styleFiles[] = new ResourceLoaderFilePath( $path, $localBasePath, $remoteBasePath );
348 }
349
350 $this->moduleInfos[$name]['skinStyles'][$skinName] = $styleFiles;
351 }
352 }
353 }
354 }
355
356 /**
357 * @internal For use by ServiceWiring only
358 * @codeCoverageIgnore
359 */
360 public function registerTestModules() {
361 global $IP;
362
363 if ( $this->config->get( 'EnableJavaScriptTest' ) !== true ) {
364 throw new MWException( 'Attempt to register JavaScript test modules '
365 . 'but <code>$wgEnableJavaScriptTest</code> is false. '
366 . 'Edit your <code>LocalSettings.php</code> to enable it.' );
367 }
368
369 // This has a 'qunit' key for compat with the below hook.
370 $testModulesMeta = [ 'qunit' => [] ];
371
372 // Get test suites from extensions
373 // Avoid PHP 7.1 warning from passing $this by reference
374 $rl = $this;
375 Hooks::run( 'ResourceLoaderTestModules', [ &$testModulesMeta, &$rl ] );
376 $extRegistry = ExtensionRegistry::getInstance();
377 // In case of conflict, the deprecated hook has precedence.
378 $testModules = $testModulesMeta['qunit'] + $extRegistry->getAttribute( 'QUnitTestModules' );
379
380 $testSuiteModuleNames = [];
381 foreach ( $testModules as $name => &$module ) {
382 // Turn any single-module dependency into an array
383 if ( isset( $module['dependencies'] ) && is_string( $module['dependencies'] ) ) {
384 $module['dependencies'] = [ $module['dependencies'] ];
385 }
386
387 // Ensure the testrunner loads before any test suites
388 $module['dependencies'][] = 'test.mediawiki.qunit.testrunner';
389
390 // Keep track of the test suites to load on SpecialJavaScriptTest
391 $testSuiteModuleNames[] = $name;
392 }
393
394 // Core test suites (their names have further precedence).
395 $testModules = ( include "$IP/tests/qunit/QUnitTestResources.php" ) + $testModules;
396 $testSuiteModuleNames[] = 'test.mediawiki.qunit.suites';
397
398 $this->register( $testModules );
399 $this->testSuiteModuleNames = $testSuiteModuleNames;
400 }
401
402 /**
403 * Add a foreign source of modules.
404 *
405 * Source IDs are typically the same as the Wiki ID or database name (e.g. lowercase a-z).
406 *
407 * @param array|string $id Source ID (string), or [ id1 => loadUrl, id2 => loadUrl, ... ]
408 * @param string|array|null $loadUrl load.php url (string), or array with loadUrl key for
409 * backwards-compatibility.
410 * @throws MWException
411 */
412 public function addSource( $id, $loadUrl = null ) {
413 // Allow multiple sources to be registered in one call
414 if ( is_array( $id ) ) {
415 foreach ( $id as $key => $value ) {
416 $this->addSource( $key, $value );
417 }
418 return;
419 }
420
421 // Disallow duplicates
422 if ( isset( $this->sources[$id] ) ) {
423 throw new MWException(
424 'ResourceLoader duplicate source addition error. ' .
425 'Another source has already been registered as ' . $id
426 );
427 }
428
429 // Pre 1.24 backwards-compatibility
430 if ( is_array( $loadUrl ) ) {
431 if ( !isset( $loadUrl['loadScript'] ) ) {
432 throw new MWException(
433 __METHOD__ . ' was passed an array with no "loadScript" key.'
434 );
435 }
436
437 $loadUrl = $loadUrl['loadScript'];
438 }
439
440 $this->sources[$id] = $loadUrl;
441 }
442
443 /**
444 * Get a list of module names.
445 *
446 * @return array List of module names
447 */
448 public function getModuleNames() {
449 return array_keys( $this->moduleInfos );
450 }
451
452 /**
453 * Get a list of module names with QUnit test suites.
454 *
455 * @internal For use by SpecialJavaScriptTest only
456 * @return array
457 * @codeCoverageIgnore
458 */
459 public function getTestSuiteModuleNames() {
460 return $this->testSuiteModuleNames;
461 }
462
463 /**
464 * Check whether a ResourceLoader module is registered
465 *
466 * @since 1.25
467 * @param string $name
468 * @return bool
469 */
470 public function isModuleRegistered( $name ) {
471 return isset( $this->moduleInfos[$name] );
472 }
473
474 /**
475 * Get the ResourceLoaderModule object for a given module name.
476 *
477 * If an array of module parameters exists but a ResourceLoaderModule object has not
478 * yet been instantiated, this method will instantiate and cache that object such that
479 * subsequent calls simply return the same object.
480 *
481 * @param string $name Module name
482 * @return ResourceLoaderModule|null If module has been registered, return a
483 * ResourceLoaderModule instance. Otherwise, return null.
484 */
485 public function getModule( $name ) {
486 if ( !isset( $this->modules[$name] ) ) {
487 if ( !isset( $this->moduleInfos[$name] ) ) {
488 // No such module
489 return null;
490 }
491 // Construct the requested module object
492 $info = $this->moduleInfos[$name];
493 if ( isset( $info['factory'] ) ) {
494 /** @var ResourceLoaderModule $object */
495 $object = call_user_func( $info['factory'], $info );
496 } else {
497 $class = $info['class'] ?? ResourceLoaderFileModule::class;
498 /** @var ResourceLoaderModule $object */
499 $object = new $class( $info );
500 }
501 $object->setConfig( $this->getConfig() );
502 $object->setLogger( $this->logger );
503 $object->setName( $name );
504 $this->modules[$name] = $object;
505 }
506
507 return $this->modules[$name];
508 }
509
510 /**
511 * Whether the module is a ResourceLoaderFileModule (including subclasses).
512 *
513 * @param string $name Module name
514 * @return bool
515 */
516 protected function isFileModule( $name ) {
517 if ( !isset( $this->moduleInfos[$name] ) ) {
518 return false;
519 }
520 $info = $this->moduleInfos[$name];
521 return !isset( $info['factory'] ) && (
522 // The implied default for 'class' is ResourceLoaderFileModule
523 !isset( $info['class'] ) ||
524 // Explicit default
525 $info['class'] === ResourceLoaderFileModule::class ||
526 is_subclass_of( $info['class'], ResourceLoaderFileModule::class )
527 );
528 }
529
530 /**
531 * Get the list of sources.
532 *
533 * @return array Like [ id => load.php url, ... ]
534 */
535 public function getSources() {
536 return $this->sources;
537 }
538
539 /**
540 * Get the URL to the load.php endpoint for the given
541 * ResourceLoader source
542 *
543 * @since 1.24
544 * @param string $source
545 * @throws MWException On an invalid $source name
546 * @return string
547 */
548 public function getLoadScript( $source ) {
549 if ( !isset( $this->sources[$source] ) ) {
550 throw new MWException( "The $source source was never registered in ResourceLoader." );
551 }
552 return $this->sources[$source];
553 }
554
555 /**
556 * @internal For use by ResourceLoaderStartUpModule only.
557 */
558 const HASH_LENGTH = 5;
559
560 /**
561 * Create a hash for module versioning purposes.
562 *
563 * This hash is used in three ways:
564 *
565 * - To differentiate between the current version and a past version
566 * of a module by the same name.
567 *
568 * In the cache key of localStorage in the browser (mw.loader.store).
569 * This store keeps only one version of any given module. As long as the
570 * next version the client encounters has a different hash from the last
571 * version it saw, it will correctly discard it in favour of a network fetch.
572 *
573 * A browser may evict a site's storage container for any reason (e.g. when
574 * the user hasn't visited a site for some time, and/or when the device is
575 * low on storage space). Anecdotally it seems devices rarely keep unused
576 * storage beyond 2 weeks on mobile devices and 4 weeks on desktop.
577 * But, there is no hard limit or expiration on localStorage.
578 * ResourceLoader's Client also clears localStorage when the user changes
579 * their language preference or when they (temporarily) use Debug Mode.
580 *
581 * The only hard factors that reduce the range of possible versions are
582 * 1) the name and existence of a given module, and
583 * 2) the TTL for mw.loader.store, and
584 * 3) the `$wgResourceLoaderStorageVersion` configuration variable.
585 *
586 * - To identify a batch response of modules from load.php in an HTTP cache.
587 *
588 * When fetching modules in a batch from load.php, a combined hash
589 * is created by the JS code, and appended as query parameter.
590 *
591 * In cache proxies (e.g. Varnish, Nginx) and in the browser's HTTP cache,
592 * these urls are used to identify other previously cached responses.
593 * The range of possible versions a given version has to be unique amongst
594 * is determined by the maximum duration each response is stored for, which
595 * is controlled by `$wgResourceLoaderMaxage['versioned']`.
596 *
597 * - To detect race conditions between multiple web servers in a MediaWiki
598 * deployment of which some have the newer version and some still the older
599 * version.
600 *
601 * An HTTP request from a browser for the Startup manifest may be responded
602 * to by a server with the newer version. The browser may then use that to
603 * request a given module, which may then be responded to by a server with
604 * the older version. To avoid caching this for too long (which would pollute
605 * all other users without repairing itself), the combined hash that the JS
606 * client adds to the url is verified by the server (in ::sendResponseHeaders).
607 * If they don't match, we instruct cache proxies and clients to not cache
608 * this response as long as they normally would. This is also the reason
609 * that the algorithm used here in PHP must match the one used in JS.
610 *
611 * The fnv132 digest creates a 32-bit integer, which goes upto 4 Giga and
612 * needs up to 7 chars in base 36.
613 * Within 7 characters, base 36 can count up to 78,364,164,096 (78 Giga),
614 * (but with fnv132 we'd use very little of this range, mostly padding).
615 * Within 6 characters, base 36 can count up to 2,176,782,336 (2 Giga).
616 * Within 5 characters, base 36 can count up to 60,466,176 (60 Mega).
617 *
618 * @since 1.26
619 * @param string $value
620 * @return string Hash
621 */
622 public static function makeHash( $value ) {
623 $hash = hash( 'fnv132', $value );
624 // The base_convert will pad it (if too short),
625 // then substr() will trim it (if too long).
626 return substr(
627 Wikimedia\base_convert( $hash, 16, 36, self::HASH_LENGTH ),
628 0,
629 self::HASH_LENGTH
630 );
631 }
632
633 /**
634 * Add an error to the 'errors' array and log it.
635 *
636 * @private For internal use by ResourceLoader and ResourceLoaderStartUpModule.
637 * @since 1.29
638 * @param Exception $e
639 * @param string $msg
640 * @param array $context
641 */
642 public function outputErrorAndLog( Exception $e, $msg, array $context = [] ) {
643 MWExceptionHandler::logException( $e );
644 $this->logger->warning(
645 $msg,
646 $context + [ 'exception' => $e ]
647 );
648 $this->errors[] = self::formatExceptionNoComment( $e );
649 }
650
651 /**
652 * Helper method to get and combine versions of multiple modules.
653 *
654 * @since 1.26
655 * @param ResourceLoaderContext $context
656 * @param string[] $moduleNames List of known module names
657 * @return string Hash
658 */
659 public function getCombinedVersion( ResourceLoaderContext $context, array $moduleNames ) {
660 if ( !$moduleNames ) {
661 return '';
662 }
663 $hashes = array_map( function ( $module ) use ( $context ) {
664 try {
665 return $this->getModule( $module )->getVersionHash( $context );
666 } catch ( Exception $e ) {
667 // If modules fail to compute a version, don't fail the request (T152266)
668 // and still compute versions of other modules.
669 $this->outputErrorAndLog( $e,
670 'Calculating version for "{module}" failed: {exception}',
671 [
672 'module' => $module,
673 ]
674 );
675 return '';
676 }
677 }, $moduleNames );
678 return self::makeHash( implode( '', $hashes ) );
679 }
680
681 /**
682 * Get the expected value of the 'version' query parameter.
683 *
684 * This is used by respond() to set a short Cache-Control header for requests with
685 * information newer than the current server has. This avoids pollution of edge caches.
686 * Typically during deployment. (T117587)
687 *
688 * This MUST match return value of `mw.loader#getCombinedVersion()` client-side.
689 *
690 * @since 1.28
691 * @param ResourceLoaderContext $context
692 * @param string[]|null $modules
693 * @return string Hash
694 */
695 public function makeVersionQuery( ResourceLoaderContext $context, array $modules = null ) {
696 if ( $modules === null ) {
697 wfDeprecated( __METHOD__ . ' without $modules', '1.34' );
698 $modules = $context->getModules();
699 }
700 // As of MediaWiki 1.28, the server and client use the same algorithm for combining
701 // version hashes. There is no technical reason for this to be same, and for years the
702 // implementations differed. If getCombinedVersion in PHP (used for StartupModule and
703 // E-Tag headers) differs in the future from getCombinedVersion in JS (used for 'version'
704 // query parameter), then this method must continue to match the JS one.
705 $filtered = [];
706 foreach ( $modules as $name ) {
707 if ( !$this->getModule( $name ) ) {
708 // If a versioned request contains a missing module, the version is a mismatch
709 // as the client considered a module (and version) we don't have.
710 return '';
711 }
712 $filtered[] = $name;
713 }
714 return $this->getCombinedVersion( $context, $filtered );
715 }
716
717 /**
718 * Output a response to a load request, including the content-type header.
719 *
720 * @param ResourceLoaderContext $context Context in which a response should be formed
721 */
722 public function respond( ResourceLoaderContext $context ) {
723 // Buffer output to catch warnings. Normally we'd use ob_clean() on the
724 // top-level output buffer to clear warnings, but that breaks when ob_gzhandler
725 // is used: ob_clean() will clear the GZIP header in that case and it won't come
726 // back for subsequent output, resulting in invalid GZIP. So we have to wrap
727 // the whole thing in our own output buffer to be sure the active buffer
728 // doesn't use ob_gzhandler.
729 // See https://bugs.php.net/bug.php?id=36514
730 ob_start();
731
732 $this->measureResponseTime( RequestContext::getMain()->getTiming() );
733
734 // Find out which modules are missing and instantiate the others
735 $modules = [];
736 $missing = [];
737 foreach ( $context->getModules() as $name ) {
738 $module = $this->getModule( $name );
739 if ( $module ) {
740 // Do not allow private modules to be loaded from the web.
741 // This is a security issue, see T36907.
742 if ( $module->getGroup() === 'private' ) {
743 // Not a serious error, just means something is trying to access it (T101806)
744 $this->logger->debug( "Request for private module '$name' denied" );
745 $this->errors[] = "Cannot build private module \"$name\"";
746 continue;
747 }
748 $modules[$name] = $module;
749 } else {
750 $missing[] = $name;
751 }
752 }
753
754 try {
755 // Preload for getCombinedVersion() and for batch makeModuleResponse()
756 $this->preloadModuleInfo( array_keys( $modules ), $context );
757 } catch ( Exception $e ) {
758 $this->outputErrorAndLog( $e, 'Preloading module info failed: {exception}' );
759 }
760
761 // Combine versions to propagate cache invalidation
762 $versionHash = '';
763 try {
764 $versionHash = $this->getCombinedVersion( $context, array_keys( $modules ) );
765 } catch ( Exception $e ) {
766 $this->outputErrorAndLog( $e, 'Calculating version hash failed: {exception}' );
767 }
768
769 // See RFC 2616 § 3.11 Entity Tags
770 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11
771 $etag = 'W/"' . $versionHash . '"';
772
773 // Try the client-side cache first
774 if ( $this->tryRespondNotModified( $context, $etag ) ) {
775 return; // output handled (buffers cleared)
776 }
777
778 // Use file cache if enabled and available...
779 if ( $this->config->get( 'UseFileCache' ) ) {
780 $fileCache = ResourceFileCache::newFromContext( $context );
781 if ( $this->tryRespondFromFileCache( $fileCache, $context, $etag ) ) {
782 return; // output handled
783 }
784 } else {
785 $fileCache = null;
786 }
787
788 // Generate a response
789 $response = $this->makeModuleResponse( $context, $modules, $missing );
790
791 // Capture any PHP warnings from the output buffer and append them to the
792 // error list if we're in debug mode.
793 if ( $context->getDebug() ) {
794 $warnings = ob_get_contents();
795 if ( strlen( $warnings ) ) {
796 $this->errors[] = $warnings;
797 }
798 }
799
800 // Consider saving the response to file cache (unless there are errors).
801 if ( $fileCache &&
802 !$this->errors &&
803 $missing === [] &&
804 ResourceFileCache::useFileCache( $context )
805 ) {
806 if ( $fileCache->isCacheWorthy() ) {
807 // There were enough hits, save the response to the cache
808 $fileCache->saveText( $response );
809 } else {
810 $fileCache->incrMissesRecent( $context->getRequest() );
811 }
812 }
813
814 $this->sendResponseHeaders( $context, $etag, (bool)$this->errors, $this->extraHeaders );
815
816 // Remove the output buffer and output the response
817 ob_end_clean();
818
819 if ( $context->getImageObj() && $this->errors ) {
820 // We can't show both the error messages and the response when it's an image.
821 $response = implode( "\n\n", $this->errors );
822 } elseif ( $this->errors ) {
823 $errorText = implode( "\n\n", $this->errors );
824 $errorResponse = self::makeComment( $errorText );
825 if ( $context->shouldIncludeScripts() ) {
826 $errorResponse .= 'if (window.console && console.error) { console.error('
827 . self::encodeJsonForScript( $errorText )
828 . "); }\n";
829 }
830
831 // Prepend error info to the response
832 $response = $errorResponse . $response;
833 }
834
835 $this->errors = [];
836 echo $response;
837 }
838
839 protected function measureResponseTime( Timing $timing ) {
840 DeferredUpdates::addCallableUpdate( function () use ( $timing ) {
841 $measure = $timing->measure( 'responseTime', 'requestStart', 'requestShutdown' );
842 if ( $measure !== false ) {
843 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
844 $stats->timing( 'resourceloader.responseTime', $measure['duration'] * 1000 );
845 }
846 } );
847 }
848
849 /**
850 * Send main response headers to the client.
851 *
852 * Deals with Content-Type, CORS (for stylesheets), and caching.
853 *
854 * @param ResourceLoaderContext $context
855 * @param string $etag ETag header value
856 * @param bool $errors Whether there are errors in the response
857 * @param string[] $extra Array of extra HTTP response headers
858 * @return void
859 */
860 protected function sendResponseHeaders(
861 ResourceLoaderContext $context, $etag, $errors, array $extra = []
862 ) {
863 \MediaWiki\HeaderCallback::warnIfHeadersSent();
864 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
865 // Use a short cache expiry so that updates propagate to clients quickly, if:
866 // - No version specified (shared resources, e.g. stylesheets)
867 // - There were errors (recover quickly)
868 // - Version mismatch (T117587, T47877)
869 if ( is_null( $context->getVersion() )
870 || $errors
871 || $context->getVersion() !== $this->makeVersionQuery( $context, $context->getModules() )
872 ) {
873 $maxage = $rlMaxage['unversioned']['client'];
874 $smaxage = $rlMaxage['unversioned']['server'];
875 // If a version was specified we can use a longer expiry time since changing
876 // version numbers causes cache misses
877 } else {
878 $maxage = $rlMaxage['versioned']['client'];
879 $smaxage = $rlMaxage['versioned']['server'];
880 }
881 if ( $context->getImageObj() ) {
882 // Output different headers if we're outputting textual errors.
883 if ( $errors ) {
884 header( 'Content-Type: text/plain; charset=utf-8' );
885 } else {
886 $context->getImageObj()->sendResponseHeaders( $context );
887 }
888 } elseif ( $context->getOnly() === 'styles' ) {
889 header( 'Content-Type: text/css; charset=utf-8' );
890 header( 'Access-Control-Allow-Origin: *' );
891 } else {
892 header( 'Content-Type: text/javascript; charset=utf-8' );
893 }
894 // See RFC 2616 § 14.19 ETag
895 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.19
896 header( 'ETag: ' . $etag );
897 if ( $context->getDebug() ) {
898 // Do not cache debug responses
899 header( 'Cache-Control: private, no-cache, must-revalidate' );
900 header( 'Pragma: no-cache' );
901 } else {
902 header( "Cache-Control: public, max-age=$maxage, s-maxage=$smaxage" );
903 $exp = min( $maxage, $smaxage );
904 header( 'Expires: ' . wfTimestamp( TS_RFC2822, $exp + time() ) );
905 }
906 foreach ( $extra as $header ) {
907 header( $header );
908 }
909 }
910
911 /**
912 * Respond with HTTP 304 Not Modified if appropiate.
913 *
914 * If there's an If-None-Match header, respond with a 304 appropriately
915 * and clear out the output buffer. If the client cache is too old then do nothing.
916 *
917 * @param ResourceLoaderContext $context
918 * @param string $etag ETag header value
919 * @return bool True if HTTP 304 was sent and output handled
920 */
921 protected function tryRespondNotModified( ResourceLoaderContext $context, $etag ) {
922 // See RFC 2616 § 14.26 If-None-Match
923 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26
924 $clientKeys = $context->getRequest()->getHeader( 'If-None-Match', WebRequest::GETHEADER_LIST );
925 // Never send 304s in debug mode
926 if ( $clientKeys !== false && !$context->getDebug() && in_array( $etag, $clientKeys ) ) {
927 // There's another bug in ob_gzhandler (see also the comment at
928 // the top of this function) that causes it to gzip even empty
929 // responses, meaning it's impossible to produce a truly empty
930 // response (because the gzip header is always there). This is
931 // a problem because 304 responses have to be completely empty
932 // per the HTTP spec, and Firefox behaves buggily when they're not.
933 // See also https://bugs.php.net/bug.php?id=51579
934 // To work around this, we tear down all output buffering before
935 // sending the 304.
936 wfResetOutputBuffers( /* $resetGzipEncoding = */ true );
937
938 HttpStatus::header( 304 );
939
940 $this->sendResponseHeaders( $context, $etag, false );
941 return true;
942 }
943 return false;
944 }
945
946 /**
947 * Send out code for a response from file cache if possible.
948 *
949 * @param ResourceFileCache $fileCache Cache object for this request URL
950 * @param ResourceLoaderContext $context Context in which to generate a response
951 * @param string $etag ETag header value
952 * @return bool If this found a cache file and handled the response
953 */
954 protected function tryRespondFromFileCache(
955 ResourceFileCache $fileCache,
956 ResourceLoaderContext $context,
957 $etag
958 ) {
959 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
960 // Buffer output to catch warnings.
961 ob_start();
962 // Get the maximum age the cache can be
963 $maxage = is_null( $context->getVersion() )
964 ? $rlMaxage['unversioned']['server']
965 : $rlMaxage['versioned']['server'];
966 // Minimum timestamp the cache file must have
967 $good = $fileCache->isCacheGood( wfTimestamp( TS_MW, time() - $maxage ) );
968 if ( !$good ) {
969 try { // RL always hits the DB on file cache miss...
970 wfGetDB( DB_REPLICA );
971 } catch ( DBConnectionError $e ) { // ...check if we need to fallback to cache
972 $good = $fileCache->isCacheGood(); // cache existence check
973 }
974 }
975 if ( $good ) {
976 $ts = $fileCache->cacheTimestamp();
977 // Send content type and cache headers
978 $this->sendResponseHeaders( $context, $etag, false );
979 $response = $fileCache->fetchText();
980 // Capture any PHP warnings from the output buffer and append them to the
981 // response in a comment if we're in debug mode.
982 if ( $context->getDebug() ) {
983 $warnings = ob_get_contents();
984 if ( strlen( $warnings ) ) {
985 $response = self::makeComment( $warnings ) . $response;
986 }
987 }
988 // Remove the output buffer and output the response
989 ob_end_clean();
990 echo $response . "\n/* Cached {$ts} */";
991 return true; // cache hit
992 }
993 // Clear buffer
994 ob_end_clean();
995
996 return false; // cache miss
997 }
998
999 /**
1000 * Generate a CSS or JS comment block.
1001 *
1002 * Only use this for public data, not error message details.
1003 *
1004 * @param string $text
1005 * @return string
1006 */
1007 public static function makeComment( $text ) {
1008 $encText = str_replace( '*/', '* /', $text );
1009 return "/*\n$encText\n*/\n";
1010 }
1011
1012 /**
1013 * Handle exception display.
1014 *
1015 * @param Exception $e Exception to be shown to the user
1016 * @return string Sanitized text in a CSS/JS comment that can be returned to the user
1017 */
1018 public static function formatException( $e ) {
1019 return self::makeComment( self::formatExceptionNoComment( $e ) );
1020 }
1021
1022 /**
1023 * Handle exception display.
1024 *
1025 * @since 1.25
1026 * @param Exception $e Exception to be shown to the user
1027 * @return string Sanitized text that can be returned to the user
1028 */
1029 protected static function formatExceptionNoComment( $e ) {
1030 global $wgShowExceptionDetails;
1031
1032 if ( !$wgShowExceptionDetails ) {
1033 return MWExceptionHandler::getPublicLogMessage( $e );
1034 }
1035
1036 return MWExceptionHandler::getLogMessage( $e ) .
1037 "\nBacktrace:\n" .
1038 MWExceptionHandler::getRedactedTraceAsString( $e );
1039 }
1040
1041 /**
1042 * Generate code for a response.
1043 *
1044 * Calling this method also populates the `errors` and `headers` members,
1045 * later used by respond().
1046 *
1047 * @param ResourceLoaderContext $context Context in which to generate a response
1048 * @param ResourceLoaderModule[] $modules List of module objects keyed by module name
1049 * @param string[] $missing List of requested module names that are unregistered (optional)
1050 * @return string Response data
1051 */
1052 public function makeModuleResponse( ResourceLoaderContext $context,
1053 array $modules, array $missing = []
1054 ) {
1055 $out = '';
1056 $states = [];
1057
1058 if ( $modules === [] && $missing === [] ) {
1059 return <<<MESSAGE
1060 /* This file is the Web entry point for MediaWiki's ResourceLoader:
1061 <https://www.mediawiki.org/wiki/ResourceLoader>. In this request,
1062 no modules were requested. Max made me put this here. */
1063 MESSAGE;
1064 }
1065
1066 $image = $context->getImageObj();
1067 if ( $image ) {
1068 $data = $image->getImageData( $context );
1069 if ( $data === false ) {
1070 $data = '';
1071 $this->errors[] = 'Image generation failed';
1072 }
1073 return $data;
1074 }
1075
1076 foreach ( $missing as $name ) {
1077 $states[$name] = 'missing';
1078 }
1079
1080 $filter = $context->getOnly() === 'styles' ? 'minify-css' : 'minify-js';
1081
1082 foreach ( $modules as $name => $module ) {
1083 try {
1084 $content = $module->getModuleContent( $context );
1085 $implementKey = $name . '@' . $module->getVersionHash( $context );
1086 $strContent = '';
1087
1088 if ( isset( $content['headers'] ) ) {
1089 $this->extraHeaders = array_merge( $this->extraHeaders, $content['headers'] );
1090 }
1091
1092 // Append output
1093 switch ( $context->getOnly() ) {
1094 case 'scripts':
1095 $scripts = $content['scripts'];
1096 if ( is_string( $scripts ) ) {
1097 // Load scripts raw...
1098 $strContent = $scripts;
1099 } elseif ( is_array( $scripts ) ) {
1100 // ...except when $scripts is an array of URLs or an associative array
1101 $strContent = self::makeLoaderImplementScript( $implementKey, $scripts, [], [], [] );
1102 }
1103 break;
1104 case 'styles':
1105 $styles = $content['styles'];
1106 // We no longer separate into media, they are all combined now with
1107 // custom media type groups into @media .. {} sections as part of the css string.
1108 // Module returns either an empty array or a numerical array with css strings.
1109 $strContent = isset( $styles['css'] ) ? implode( '', $styles['css'] ) : '';
1110 break;
1111 default:
1112 $scripts = $content['scripts'] ?? '';
1113 if ( is_string( $scripts ) ) {
1114 if ( $name === 'site' || $name === 'user' ) {
1115 // Legacy scripts that run in the global scope without a closure.
1116 // mw.loader.implement will use globalEval if scripts is a string.
1117 // Minify manually here, because general response minification is
1118 // not effective due it being a string literal, not a function.
1119 if ( !$context->getDebug() ) {
1120 $scripts = self::filter( 'minify-js', $scripts ); // T107377
1121 }
1122 } else {
1123 $scripts = new XmlJsCode( $scripts );
1124 }
1125 }
1126 $strContent = self::makeLoaderImplementScript(
1127 $implementKey,
1128 $scripts,
1129 $content['styles'] ?? [],
1130 isset( $content['messagesBlob'] ) ? new XmlJsCode( $content['messagesBlob'] ) : [],
1131 $content['templates'] ?? []
1132 );
1133 break;
1134 }
1135
1136 if ( !$context->getDebug() ) {
1137 $strContent = self::filter( $filter, $strContent );
1138 } else {
1139 // In debug mode, separate each response by a new line.
1140 // For example, between 'mw.loader.implement();' statements.
1141 $strContent = $this->ensureNewline( $strContent );
1142 }
1143
1144 if ( $context->getOnly() === 'scripts' ) {
1145 // Use a linebreak between module scripts (T162719)
1146 $out .= $this->ensureNewline( $strContent );
1147 } else {
1148 $out .= $strContent;
1149 }
1150
1151 } catch ( Exception $e ) {
1152 $this->outputErrorAndLog( $e, 'Generating module package failed: {exception}' );
1153
1154 // Respond to client with error-state instead of module implementation
1155 $states[$name] = 'error';
1156 unset( $modules[$name] );
1157 }
1158 }
1159
1160 // Update module states
1161 if ( $context->shouldIncludeScripts() && !$context->getRaw() ) {
1162 if ( $modules && $context->getOnly() === 'scripts' ) {
1163 // Set the state of modules loaded as only scripts to ready as
1164 // they don't have an mw.loader.implement wrapper that sets the state
1165 foreach ( $modules as $name => $module ) {
1166 $states[$name] = 'ready';
1167 }
1168 }
1169
1170 // Set the state of modules we didn't respond to with mw.loader.implement
1171 if ( $states ) {
1172 $stateScript = self::makeLoaderStateScript( $states );
1173 if ( !$context->getDebug() ) {
1174 $stateScript = self::filter( 'minify-js', $stateScript );
1175 }
1176 // Use a linebreak between module script and state script (T162719)
1177 $out = $this->ensureNewline( $out ) . $stateScript;
1178 }
1179 } elseif ( $states ) {
1180 $this->errors[] = 'Problematic modules: '
1181 . self::encodeJsonForScript( $states );
1182 }
1183
1184 return $out;
1185 }
1186
1187 /**
1188 * Ensure the string is either empty or ends in a line break
1189 * @param string $str
1190 * @return string
1191 */
1192 private function ensureNewline( $str ) {
1193 $end = substr( $str, -1 );
1194 if ( $end === false || $end === '' || $end === "\n" ) {
1195 return $str;
1196 }
1197 return $str . "\n";
1198 }
1199
1200 /**
1201 * Get names of modules that use a certain message.
1202 *
1203 * @param string $messageKey
1204 * @return array List of module names
1205 */
1206 public function getModulesByMessage( $messageKey ) {
1207 $moduleNames = [];
1208 foreach ( $this->getModuleNames() as $moduleName ) {
1209 $module = $this->getModule( $moduleName );
1210 if ( in_array( $messageKey, $module->getMessages() ) ) {
1211 $moduleNames[] = $moduleName;
1212 }
1213 }
1214 return $moduleNames;
1215 }
1216
1217 /**
1218 * Return JS code that calls mw.loader.implement with given module properties.
1219 *
1220 * @param string $name Module name or implement key (format "`[name]@[version]`")
1221 * @param XmlJsCode|array|string $scripts Code as XmlJsCode (to be wrapped in a closure),
1222 * list of URLs to JavaScript files, string of JavaScript for `$.globalEval`, or array with
1223 * 'files' and 'main' properties (see ResourceLoaderModule::getScript())
1224 * @param mixed $styles Array of CSS strings keyed by media type, or an array of lists of URLs
1225 * to CSS files keyed by media type
1226 * @param mixed $messages List of messages associated with this module. May either be an
1227 * associative array mapping message key to value, or a JSON-encoded message blob containing
1228 * the same data, wrapped in an XmlJsCode object.
1229 * @param array $templates Keys are name of templates and values are the source of
1230 * the template.
1231 * @throws MWException
1232 * @return string JavaScript code
1233 */
1234 protected static function makeLoaderImplementScript(
1235 $name, $scripts, $styles, $messages, $templates
1236 ) {
1237 if ( $scripts instanceof XmlJsCode ) {
1238 if ( $scripts->value === '' ) {
1239 $scripts = null;
1240 } elseif ( self::inDebugMode() ) {
1241 $scripts = new XmlJsCode( "function ( $, jQuery, require, module ) {\n{$scripts->value}\n}" );
1242 } else {
1243 $scripts = new XmlJsCode( 'function($,jQuery,require,module){' . $scripts->value . '}' );
1244 }
1245 } elseif ( is_array( $scripts ) && isset( $scripts['files'] ) ) {
1246 $files = $scripts['files'];
1247 foreach ( $files as $path => &$file ) {
1248 // $file is changed (by reference) from a descriptor array to the content of the file
1249 // All of these essentially do $file = $file['content'];, some just have wrapping around it
1250 if ( $file['type'] === 'script' ) {
1251 // Multi-file modules only get two parameters ($ and jQuery are being phased out)
1252 if ( self::inDebugMode() ) {
1253 $file = new XmlJsCode( "function ( require, module ) {\n{$file['content']}\n}" );
1254 } else {
1255 $file = new XmlJsCode( 'function(require,module){' . $file['content'] . '}' );
1256 }
1257 } else {
1258 $file = $file['content'];
1259 }
1260 }
1261 $scripts = XmlJsCode::encodeObject( [
1262 'main' => $scripts['main'],
1263 'files' => XmlJsCode::encodeObject( $files, self::inDebugMode() )
1264 ], self::inDebugMode() );
1265 } elseif ( !is_string( $scripts ) && !is_array( $scripts ) ) {
1266 throw new MWException( 'Invalid scripts error. Array of URLs or string of code expected.' );
1267 }
1268
1269 // mw.loader.implement requires 'styles', 'messages' and 'templates' to be objects (not
1270 // arrays). json_encode considers empty arrays to be numerical and outputs "[]" instead
1271 // of "{}". Force them to objects.
1272 $module = [
1273 $name,
1274 $scripts,
1275 (object)$styles,
1276 (object)$messages,
1277 (object)$templates
1278 ];
1279 self::trimArray( $module );
1280
1281 return Xml::encodeJsCall( 'mw.loader.implement', $module, self::inDebugMode() );
1282 }
1283
1284 /**
1285 * Returns JS code which, when called, will register a given list of messages.
1286 *
1287 * @param mixed $messages Associative array mapping message key to value.
1288 * @return string JavaScript code
1289 */
1290 public static function makeMessageSetScript( $messages ) {
1291 return 'mw.messages.set('
1292 . self::encodeJsonForScript( (object)$messages )
1293 . ');';
1294 }
1295
1296 /**
1297 * Combines an associative array mapping media type to CSS into a
1298 * single stylesheet with "@media" blocks.
1299 *
1300 * @param array $stylePairs Array keyed by media type containing (arrays of) CSS strings
1301 * @return array
1302 */
1303 public static function makeCombinedStyles( array $stylePairs ) {
1304 $out = [];
1305 foreach ( $stylePairs as $media => $styles ) {
1306 // ResourceLoaderFileModule::getStyle can return the styles
1307 // as a string or an array of strings. This is to allow separation in
1308 // the front-end.
1309 $styles = (array)$styles;
1310 foreach ( $styles as $style ) {
1311 $style = trim( $style );
1312 // Don't output an empty "@media print { }" block (T42498)
1313 if ( $style !== '' ) {
1314 // Transform the media type based on request params and config
1315 // The way that this relies on $wgRequest to propagate request params is slightly evil
1316 $media = OutputPage::transformCssMedia( $media );
1317
1318 if ( $media === '' || $media == 'all' ) {
1319 $out[] = $style;
1320 } elseif ( is_string( $media ) ) {
1321 $out[] = "@media $media {\n" . str_replace( "\n", "\n\t", "\t" . $style ) . "}";
1322 }
1323 // else: skip
1324 }
1325 }
1326 }
1327 return $out;
1328 }
1329
1330 /**
1331 * Wrapper around json_encode that avoids needless escapes,
1332 * and pretty-prints in debug mode.
1333 *
1334 * @internal
1335 * @since 1.32
1336 * @param mixed $data
1337 * @return string|false JSON string, false on error
1338 */
1339 public static function encodeJsonForScript( $data ) {
1340 // Keep output as small as possible by disabling needless escape modes
1341 // that PHP uses by default.
1342 // However, while most module scripts are only served on HTTP responses
1343 // for JavaScript, some modules can also be embedded in the HTML as inline
1344 // scripts. This, and the fact that we sometimes need to export strings
1345 // containing user-generated content and labels that may genuinely contain
1346 // a sequences like "</script>", we need to encode either '/' or '<'.
1347 // By default PHP escapes '/'. Let's escape '<' instead which is less common
1348 // and allows URLs to mostly remain readable.
1349 $jsonFlags = JSON_UNESCAPED_SLASHES |
1350 JSON_UNESCAPED_UNICODE |
1351 JSON_HEX_TAG |
1352 JSON_HEX_AMP;
1353 if ( self::inDebugMode() ) {
1354 $jsonFlags |= JSON_PRETTY_PRINT;
1355 }
1356 return json_encode( $data, $jsonFlags );
1357 }
1358
1359 /**
1360 * Returns a JS call to mw.loader.state, which sets the state of one
1361 * ore more modules to a given value. Has two calling conventions:
1362 *
1363 * - ResourceLoader::makeLoaderStateScript( $name, $state ):
1364 * Set the state of a single module called $name to $state
1365 *
1366 * - ResourceLoader::makeLoaderStateScript( [ $name => $state, ... ] ):
1367 * Set the state of modules with the given names to the given states
1368 *
1369 * @param array|string $states
1370 * @param string|null $state
1371 * @return string JavaScript code
1372 */
1373 public static function makeLoaderStateScript( $states, $state = null ) {
1374 if ( !is_array( $states ) ) {
1375 $states = [ $states => $state ];
1376 }
1377 return 'mw.loader.state('
1378 . self::encodeJsonForScript( $states )
1379 . ');';
1380 }
1381
1382 private static function isEmptyObject( stdClass $obj ) {
1383 foreach ( $obj as $key => $value ) {
1384 return false;
1385 }
1386 return true;
1387 }
1388
1389 /**
1390 * Remove empty values from the end of an array.
1391 *
1392 * Values considered empty:
1393 *
1394 * - null
1395 * - []
1396 * - new XmlJsCode( '{}' )
1397 * - new stdClass() // (object) []
1398 *
1399 * @param array $array
1400 */
1401 private static function trimArray( array &$array ) {
1402 $i = count( $array );
1403 while ( $i-- ) {
1404 if ( $array[$i] === null
1405 || $array[$i] === []
1406 || ( $array[$i] instanceof XmlJsCode && $array[$i]->value === '{}' )
1407 || ( $array[$i] instanceof stdClass && self::isEmptyObject( $array[$i] ) )
1408 ) {
1409 unset( $array[$i] );
1410 } else {
1411 break;
1412 }
1413 }
1414 }
1415
1416 /**
1417 * Returns JS code which calls mw.loader.register with the given
1418 * parameter.
1419 *
1420 * @par Example
1421 * @code
1422 *
1423 * ResourceLoader::makeLoaderRegisterScript( [
1424 * [ $name1, $version1, $dependencies1, $group1, $source1, $skip1 ],
1425 * [ $name2, $version2, $dependencies1, $group2, $source2, $skip2 ],
1426 * ...
1427 * ] ):
1428 * @endcode
1429 *
1430 * @internal
1431 * @since 1.32
1432 * @param array $modules Array of module registration arrays, each containing
1433 * - string: module name
1434 * - string: module version
1435 * - array|null: List of dependencies (optional)
1436 * - string|null: Module group (optional)
1437 * - string|null: Name of foreign module source, or 'local' (optional)
1438 * - string|null: Script body of a skip function (optional)
1439 * @return string JavaScript code
1440 */
1441 public static function makeLoaderRegisterScript( array $modules ) {
1442 // Optimisation: Transform dependency names into indexes when possible
1443 // to produce smaller output. They are expanded by mw.loader.register on
1444 // the other end using resolveIndexedDependencies().
1445 $index = [];
1446 foreach ( $modules as $i => &$module ) {
1447 // Build module name index
1448 $index[$module[0]] = $i;
1449 }
1450 foreach ( $modules as &$module ) {
1451 if ( isset( $module[2] ) ) {
1452 foreach ( $module[2] as &$dependency ) {
1453 if ( isset( $index[$dependency] ) ) {
1454 // Replace module name in dependency list with index
1455 $dependency = $index[$dependency];
1456 }
1457 }
1458 }
1459 }
1460
1461 array_walk( $modules, [ self::class, 'trimArray' ] );
1462
1463 return 'mw.loader.register('
1464 . self::encodeJsonForScript( $modules )
1465 . ');';
1466 }
1467
1468 /**
1469 * Returns JS code which calls mw.loader.addSource() with the given
1470 * parameters. Has two calling conventions:
1471 *
1472 * - ResourceLoader::makeLoaderSourcesScript( $id, $properties ):
1473 * Register a single source
1474 *
1475 * - ResourceLoader::makeLoaderSourcesScript( [ $id1 => $loadUrl, $id2 => $loadUrl, ... ] );
1476 * Register sources with the given IDs and properties.
1477 *
1478 * @param string|array $sources Source ID
1479 * @param string|null $loadUrl load.php url
1480 * @return string JavaScript code
1481 */
1482 public static function makeLoaderSourcesScript( $sources, $loadUrl = null ) {
1483 if ( !is_array( $sources ) ) {
1484 $sources = [ $sources => $loadUrl ];
1485 }
1486 return 'mw.loader.addSource('
1487 . self::encodeJsonForScript( $sources )
1488 . ');';
1489 }
1490
1491 /**
1492 * Wraps JavaScript code to run after the startup module.
1493 *
1494 * @param string $script JavaScript code
1495 * @return string JavaScript code
1496 */
1497 public static function makeLoaderConditionalScript( $script ) {
1498 // Adds a function to lazy-created RLQ
1499 return '(RLQ=window.RLQ||[]).push(function(){' .
1500 trim( $script ) . '});';
1501 }
1502
1503 /**
1504 * Wraps JavaScript code to run after a required module.
1505 *
1506 * @since 1.32
1507 * @param string|string[] $modules Module name(s)
1508 * @param string $script JavaScript code
1509 * @return string JavaScript code
1510 */
1511 public static function makeInlineCodeWithModule( $modules, $script ) {
1512 // Adds an array to lazy-created RLQ
1513 return '(RLQ=window.RLQ||[]).push(['
1514 . self::encodeJsonForScript( $modules ) . ','
1515 . 'function(){' . trim( $script ) . '}'
1516 . ']);';
1517 }
1518
1519 /**
1520 * Returns an HTML script tag that runs given JS code after startup and base modules.
1521 *
1522 * The code will be wrapped in a closure, and it will be executed by ResourceLoader's
1523 * startup module if the client has adequate support for MediaWiki JavaScript code.
1524 *
1525 * @param string $script JavaScript code
1526 * @param string|null $nonce [optional] Content-Security-Policy nonce
1527 * (from OutputPage::getCSPNonce)
1528 * @return string|WrappedString HTML
1529 */
1530 public static function makeInlineScript( $script, $nonce = null ) {
1531 $js = self::makeLoaderConditionalScript( $script );
1532 $escNonce = '';
1533 if ( $nonce === null ) {
1534 wfWarn( __METHOD__ . " did not get nonce. Will break CSP" );
1535 } elseif ( $nonce !== false ) {
1536 // If it was false, CSP is disabled, so no nonce attribute.
1537 // Nonce should be only base64 characters, so should be safe,
1538 // but better to be safely escaped than sorry.
1539 $escNonce = ' nonce="' . htmlspecialchars( $nonce ) . '"';
1540 }
1541
1542 return new WrappedString(
1543 Html::inlineScript( $js, $nonce ),
1544 "<script$escNonce>(RLQ=window.RLQ||[]).push(function(){",
1545 '});</script>'
1546 );
1547 }
1548
1549 /**
1550 * Returns JS code which will set the MediaWiki configuration array to
1551 * the given value.
1552 *
1553 * @param array $configuration List of configuration values keyed by variable name
1554 * @return string JavaScript code
1555 * @throws Exception
1556 */
1557 public static function makeConfigSetScript( array $configuration ) {
1558 $json = self::encodeJsonForScript( $configuration );
1559 if ( $json === false ) {
1560 $e = new Exception(
1561 'JSON serialization of config data failed. ' .
1562 'This usually means the config data is not valid UTF-8.'
1563 );
1564 MWExceptionHandler::logException( $e );
1565 return 'mw.log.error(' . self::encodeJsonForScript( $e->__toString() ) . ');';
1566 }
1567 return "mw.config.set($json);";
1568 }
1569
1570 /**
1571 * Convert an array of module names to a packed query string.
1572 *
1573 * For example, `[ 'foo.bar', 'foo.baz', 'bar.baz', 'bar.quux' ]`
1574 * becomes `'foo.bar,baz|bar.baz,quux'`.
1575 *
1576 * This process is reversed by ResourceLoader::expandModuleNames().
1577 * See also mw.loader#buildModulesString() which is a port of this, used
1578 * on the client-side.
1579 *
1580 * @param array $modules List of module names (strings)
1581 * @return string Packed query string
1582 */
1583 public static function makePackedModulesString( $modules ) {
1584 $moduleMap = []; // [ prefix => [ suffixes ] ]
1585 foreach ( $modules as $module ) {
1586 $pos = strrpos( $module, '.' );
1587 $prefix = $pos === false ? '' : substr( $module, 0, $pos );
1588 $suffix = $pos === false ? $module : substr( $module, $pos + 1 );
1589 $moduleMap[$prefix][] = $suffix;
1590 }
1591
1592 $arr = [];
1593 foreach ( $moduleMap as $prefix => $suffixes ) {
1594 $p = $prefix === '' ? '' : $prefix . '.';
1595 $arr[] = $p . implode( ',', $suffixes );
1596 }
1597 return implode( '|', $arr );
1598 }
1599
1600 /**
1601 * Expand a string of the form `jquery.foo,bar|jquery.ui.baz,quux` to
1602 * an array of module names like `[ 'jquery.foo', 'jquery.bar',
1603 * 'jquery.ui.baz', 'jquery.ui.quux' ]`.
1604 *
1605 * This process is reversed by ResourceLoader::makePackedModulesString().
1606 *
1607 * @since 1.33
1608 * @param string $modules Packed module name list
1609 * @return array Array of module names
1610 */
1611 public static function expandModuleNames( $modules ) {
1612 $retval = [];
1613 $exploded = explode( '|', $modules );
1614 foreach ( $exploded as $group ) {
1615 if ( strpos( $group, ',' ) === false ) {
1616 // This is not a set of modules in foo.bar,baz notation
1617 // but a single module
1618 $retval[] = $group;
1619 } else {
1620 // This is a set of modules in foo.bar,baz notation
1621 $pos = strrpos( $group, '.' );
1622 if ( $pos === false ) {
1623 // Prefixless modules, i.e. without dots
1624 $retval = array_merge( $retval, explode( ',', $group ) );
1625 } else {
1626 // We have a prefix and a bunch of suffixes
1627 $prefix = substr( $group, 0, $pos ); // 'foo'
1628 $suffixes = explode( ',', substr( $group, $pos + 1 ) ); // [ 'bar', 'baz' ]
1629 foreach ( $suffixes as $suffix ) {
1630 $retval[] = "$prefix.$suffix";
1631 }
1632 }
1633 }
1634 }
1635 return $retval;
1636 }
1637
1638 /**
1639 * Determine whether debug mode was requested
1640 * Order of priority is 1) request param, 2) cookie, 3) $wg setting
1641 * @return bool
1642 */
1643 public static function inDebugMode() {
1644 if ( self::$debugMode === null ) {
1645 global $wgRequest, $wgResourceLoaderDebug;
1646 self::$debugMode = $wgRequest->getFuzzyBool( 'debug',
1647 $wgRequest->getCookie( 'resourceLoaderDebug', '', $wgResourceLoaderDebug )
1648 );
1649 }
1650 return self::$debugMode;
1651 }
1652
1653 /**
1654 * Reset static members used for caching.
1655 *
1656 * Global state and $wgRequest are evil, but we're using it right
1657 * now and sometimes we need to be able to force ResourceLoader to
1658 * re-evaluate the context because it has changed (e.g. in the test suite).
1659 *
1660 * @internal For use by unit tests
1661 * @codeCoverageIgnore
1662 */
1663 public static function clearCache() {
1664 self::$debugMode = null;
1665 }
1666
1667 /**
1668 * Build a load.php URL
1669 *
1670 * @since 1.24
1671 * @param string $source Name of the ResourceLoader source
1672 * @param ResourceLoaderContext $context
1673 * @param array $extraQuery
1674 * @return string URL to load.php. May be protocol-relative if $wgLoadScript is, too.
1675 */
1676 public function createLoaderURL( $source, ResourceLoaderContext $context,
1677 $extraQuery = []
1678 ) {
1679 $query = self::createLoaderQuery( $context, $extraQuery );
1680 $script = $this->getLoadScript( $source );
1681
1682 return wfAppendQuery( $script, $query );
1683 }
1684
1685 /**
1686 * Helper for createLoaderURL()
1687 *
1688 * @since 1.24
1689 * @see makeLoaderQuery
1690 * @param ResourceLoaderContext $context
1691 * @param array $extraQuery
1692 * @return array
1693 */
1694 protected static function createLoaderQuery( ResourceLoaderContext $context, $extraQuery = [] ) {
1695 return self::makeLoaderQuery(
1696 $context->getModules(),
1697 $context->getLanguage(),
1698 $context->getSkin(),
1699 $context->getUser(),
1700 $context->getVersion(),
1701 $context->getDebug(),
1702 $context->getOnly(),
1703 $context->getRequest()->getBool( 'printable' ),
1704 $context->getRequest()->getBool( 'handheld' ),
1705 $extraQuery
1706 );
1707 }
1708
1709 /**
1710 * Build a query array (array representation of query string) for load.php. Helper
1711 * function for createLoaderURL().
1712 *
1713 * @param array $modules
1714 * @param string $lang
1715 * @param string $skin
1716 * @param string|null $user
1717 * @param string|null $version
1718 * @param bool $debug
1719 * @param string|null $only
1720 * @param bool $printable
1721 * @param bool $handheld
1722 * @param array $extraQuery
1723 * @return array
1724 */
1725 public static function makeLoaderQuery( $modules, $lang, $skin, $user = null,
1726 $version = null, $debug = false, $only = null, $printable = false,
1727 $handheld = false, $extraQuery = []
1728 ) {
1729 $query = [
1730 'modules' => self::makePackedModulesString( $modules ),
1731 ];
1732 // Keep urls short by omitting query parameters that
1733 // match the defaults assumed by ResourceLoaderContext.
1734 // Note: This relies on the defaults either being insignificant or forever constant,
1735 // as otherwise cached urls could change in meaning when the defaults change.
1736 if ( $lang !== ResourceLoaderContext::DEFAULT_LANG ) {
1737 $query['lang'] = $lang;
1738 }
1739 if ( $skin !== ResourceLoaderContext::DEFAULT_SKIN ) {
1740 $query['skin'] = $skin;
1741 }
1742 if ( $debug === true ) {
1743 $query['debug'] = 'true';
1744 }
1745 if ( $user !== null ) {
1746 $query['user'] = $user;
1747 }
1748 if ( $version !== null ) {
1749 $query['version'] = $version;
1750 }
1751 if ( $only !== null ) {
1752 $query['only'] = $only;
1753 }
1754 if ( $printable ) {
1755 $query['printable'] = 1;
1756 }
1757 if ( $handheld ) {
1758 $query['handheld'] = 1;
1759 }
1760 $query += $extraQuery;
1761
1762 // Make queries uniform in order
1763 ksort( $query );
1764 return $query;
1765 }
1766
1767 /**
1768 * Check a module name for validity.
1769 *
1770 * Module names may not contain pipes (|), commas (,) or exclamation marks (!) and can be
1771 * at most 255 bytes.
1772 *
1773 * @param string $moduleName Module name to check
1774 * @return bool Whether $moduleName is a valid module name
1775 */
1776 public static function isValidModuleName( $moduleName ) {
1777 return strcspn( $moduleName, '!,|', 0, 255 ) === strlen( $moduleName );
1778 }
1779
1780 /**
1781 * Returns LESS compiler set up for use with MediaWiki
1782 *
1783 * @since 1.27
1784 * @param array $vars Associative array of variables that should be used
1785 * for compilation. Since 1.32, this method no longer automatically includes
1786 * global LESS vars from ResourceLoader::getLessVars (T191937).
1787 * @throws MWException
1788 * @return Less_Parser
1789 */
1790 public function getLessCompiler( $vars = [] ) {
1791 global $IP;
1792 // When called from the installer, it is possible that a required PHP extension
1793 // is missing (at least for now; see T49564). If this is the case, throw an
1794 // exception (caught by the installer) to prevent a fatal error later on.
1795 if ( !class_exists( 'Less_Parser' ) ) {
1796 throw new MWException( 'MediaWiki requires the less.php parser' );
1797 }
1798
1799 $parser = new Less_Parser;
1800 $parser->ModifyVars( $vars );
1801 $parser->SetImportDirs( [
1802 "$IP/resources/src/mediawiki.less/" => '',
1803 ] );
1804 $parser->SetOption( 'relativeUrls', false );
1805
1806 return $parser;
1807 }
1808
1809 /**
1810 * Get global LESS variables.
1811 *
1812 * @since 1.27
1813 * @deprecated since 1.32 Use ResourceLoderModule::getLessVars() instead.
1814 * @return array Map of variable names to string CSS values.
1815 */
1816 public function getLessVars() {
1817 return [];
1818 }
1819 }
Wiklou, le Wiki du Wiklou