dépôts / lhc / web / wiklou.git / blob
? search:


5d104d389a7d40c2b5c10c1d4a53cac38953bf60
[lhc/web/wiklou.git] / includes / resourceloader / ResourceLoader.php
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
17 *
18 * @file
19 * @author Roan Kattouw
20 * @author Trevor Parscal
21 */
22
23 use MediaWiki\MediaWikiServices;
24 use Psr\Log\LoggerAwareInterface;
25 use Psr\Log\LoggerInterface;
26 use Psr\Log\NullLogger;
27 use Wikimedia\Rdbms\DBConnectionError;
28 use Wikimedia\WrappedString;
29
30 /**
31 * @defgroup ResourceLoader ResourceLoader
32 *
33 * For higher level documentation, see <https://www.mediawiki.org/wiki/ResourceLoader/Architecture>.
34 */
35
36 /**
37 * ResourceLoader is a loading system for JavaScript and CSS resources.
38 *
39 * For higher level documentation, see <https://www.mediawiki.org/wiki/ResourceLoader/Architecture>.
40 *
41 * @ingroup ResourceLoader
42 * @since 1.17
43 */
44 class ResourceLoader implements LoggerAwareInterface {
45 /** @var Config */
46 protected $config;
47 /** @var MessageBlobStore */
48 protected $blobStore;
49
50 /** @var LoggerInterface */
51 private $logger;
52
53 /** @var ResourceLoaderModule[] Map of (module name => ResourceLoaderModule) */
54 protected $modules = [];
55 /** @var array[] Map of (module name => associative info array) */
56 protected $moduleInfos = [];
57 /**
58 * Associative array mapping framework ids to a list of names of test suite modules
59 * like [ 'qunit' => [ 'mediawiki.tests.qunit.suites', 'ext.foo.tests', ... ], ... ]
60 * @var array
61 */
62 protected $testModuleNames = [];
63 /** @var string[] List of module names that contain QUnit test suites */
64 protected $testSuiteModuleNames = [];
65
66 /** @var array Map of (source => path); E.g. [ 'source-id' => 'http://.../load.php' ] */
67 protected $sources = [];
68 /** @var array Errors accumulated during current respond() call */
69 protected $errors = [];
70 /** @var string[] Extra HTTP response headers from modules loaded in makeModuleResponse() */
71 protected $extraHeaders = [];
72
73 /** @var bool */
74 protected static $debugMode = null;
75
76 /** @var int */
77 const CACHE_VERSION = 8;
78
79 /** @var string JavaScript / CSS pragma to disable minification. * */
80 const FILTER_NOMIN = '/*@nomin*/';
81
82 /**
83 * Load information stored in the database about modules.
84 *
85 * This method grabs modules dependencies from the database and updates modules
86 * objects.
87 *
88 * This is not inside the module code because it is much faster to
89 * request all of the information at once than it is to have each module
90 * requests its own information. This sacrifice of modularity yields a substantial
91 * performance improvement.
92 *
93 * @param array $moduleNames List of module names to preload information for
94 * @param ResourceLoaderContext $context Context to load the information within
95 */
96 public function preloadModuleInfo( array $moduleNames, ResourceLoaderContext $context ) {
97 if ( !$moduleNames ) {
98 // Or else Database*::select() will explode, plus it's cheaper!
99 return;
100 }
101 $dbr = wfGetDB( DB_REPLICA );
102 $lang = $context->getLanguage();
103
104 // Batched version of ResourceLoaderModule::getFileDependencies
105 $vary = ResourceLoaderModule::getVary( $context );
106 $res = $dbr->select( 'module_deps', [ 'md_module', 'md_deps' ], [
107 'md_module' => $moduleNames,
108 'md_skin' => $vary,
109 ], __METHOD__
110 );
111
112 // Prime in-object cache for file dependencies
113 $modulesWithDeps = [];
114 foreach ( $res as $row ) {
115 $module = $this->getModule( $row->md_module );
116 if ( $module ) {
117 $module->setFileDependencies( $context, ResourceLoaderModule::expandRelativePaths(
118 json_decode( $row->md_deps, true )
119 ) );
120 $modulesWithDeps[] = $row->md_module;
121 }
122 }
123 // Register the absence of a dependency row too
124 foreach ( array_diff( $moduleNames, $modulesWithDeps ) as $name ) {
125 $module = $this->getModule( $name );
126 if ( $module ) {
127 $this->getModule( $name )->setFileDependencies( $context, [] );
128 }
129 }
130
131 // Batched version of ResourceLoaderWikiModule::getTitleInfo
132 ResourceLoaderWikiModule::preloadTitleInfo( $context, $dbr, $moduleNames );
133
134 // Prime in-object cache for message blobs for modules with messages
135 $modules = [];
136 foreach ( $moduleNames as $name ) {
137 $module = $this->getModule( $name );
138 if ( $module && $module->getMessages() ) {
139 $modules[$name] = $module;
140 }
141 }
142 $store = $this->getMessageBlobStore();
143 $blobs = $store->getBlobs( $modules, $lang );
144 foreach ( $blobs as $name => $blob ) {
145 $modules[$name]->setMessageBlob( $blob, $lang );
146 }
147 }
148
149 /**
150 * Run JavaScript or CSS data through a filter, caching the filtered result for future calls.
151 *
152 * Available filters are:
153 *
154 * - minify-js \see JavaScriptMinifier::minify
155 * - minify-css \see CSSMin::minify
156 *
157 * If $data is empty, only contains whitespace or the filter was unknown,
158 * $data is returned unmodified.
159 *
160 * @param string $filter Name of filter to run
161 * @param string $data Text to filter, such as JavaScript or CSS text
162 * @param array $options Keys:
163 * - (bool) cache: Whether to allow caching this data. Default: true.
164 * @return string Filtered data, or a comment containing an error message
165 */
166 public static function filter( $filter, $data, array $options = [] ) {
167 if ( strpos( $data, self::FILTER_NOMIN ) !== false ) {
168 return $data;
169 }
170
171 if ( isset( $options['cache'] ) && $options['cache'] === false ) {
172 return self::applyFilter( $filter, $data );
173 }
174
175 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
176 $cache = ObjectCache::getLocalServerInstance( CACHE_ANYTHING );
177
178 $key = $cache->makeGlobalKey(
179 'resourceloader-filter',
180 $filter,
181 self::CACHE_VERSION,
182 md5( $data )
183 );
184
185 $result = $cache->get( $key );
186 if ( $result === false ) {
187 $stats->increment( "resourceloader_cache.$filter.miss" );
188 $result = self::applyFilter( $filter, $data );
189 $cache->set( $key, $result, 24 * 3600 );
190 } else {
191 $stats->increment( "resourceloader_cache.$filter.hit" );
192 }
193 if ( $result === null ) {
194 // Cached failure
195 $result = $data;
196 }
197
198 return $result;
199 }
200
201 private static function applyFilter( $filter, $data ) {
202 $data = trim( $data );
203 if ( $data ) {
204 try {
205 $data = ( $filter === 'minify-css' )
206 ? CSSMin::minify( $data )
207 : JavaScriptMinifier::minify( $data );
208 } catch ( Exception $e ) {
209 MWExceptionHandler::logException( $e );
210 return null;
211 }
212 }
213 return $data;
214 }
215
216 /**
217 * Register core modules and runs registration hooks.
218 * @param Config|null $config
219 * @param LoggerInterface|null $logger [optional]
220 */
221 public function __construct( Config $config = null, LoggerInterface $logger = null ) {
222 $this->logger = $logger ?: new NullLogger();
223
224 if ( !$config ) {
225 wfDeprecated( __METHOD__ . ' without a Config instance', '1.34' );
226 $config = MediaWikiServices::getInstance()->getMainConfig();
227 }
228 $this->config = $config;
229
230 // Add 'local' source first
231 $this->addSource( 'local', $config->get( 'LoadScript' ) );
232
233 // Special module that always exists
234 $this->register( 'startup', [ 'class' => ResourceLoaderStartUpModule::class ] );
235
236 $this->setMessageBlobStore( new MessageBlobStore( $this, $this->logger ) );
237 }
238
239 /**
240 * @return Config
241 */
242 public function getConfig() {
243 return $this->config;
244 }
245
246 /**
247 * @since 1.26
248 * @param LoggerInterface $logger
249 */
250 public function setLogger( LoggerInterface $logger ) {
251 $this->logger = $logger;
252 }
253
254 /**
255 * @since 1.27
256 * @return LoggerInterface
257 */
258 public function getLogger() {
259 return $this->logger;
260 }
261
262 /**
263 * @since 1.26
264 * @return MessageBlobStore
265 */
266 public function getMessageBlobStore() {
267 return $this->blobStore;
268 }
269
270 /**
271 * @since 1.25
272 * @param MessageBlobStore $blobStore
273 */
274 public function setMessageBlobStore( MessageBlobStore $blobStore ) {
275 $this->blobStore = $blobStore;
276 }
277
278 /**
279 * Register a module with the ResourceLoader system.
280 *
281 * @param string|array[] $name Module name as a string or, array of module info arrays
282 * keyed by name.
283 * @param array|null $info Module info array. When using the first parameter to register
284 * multiple modules at once, this parameter is optional.
285 * @throws MWException If a duplicate module registration is attempted
286 * @throws MWException If a module name contains illegal characters (pipes or commas)
287 * @throws InvalidArgumentException If the module info is not an array
288 */
289 public function register( $name, $info = null ) {
290 $moduleSkinStyles = $this->config->get( 'ResourceModuleSkinStyles' );
291
292 // Allow multiple modules to be registered in one call
293 $registrations = is_array( $name ) ? $name : [ $name => $info ];
294 foreach ( $registrations as $name => $info ) {
295 // Warn on duplicate registrations
296 if ( isset( $this->moduleInfos[$name] ) ) {
297 // A module has already been registered by this name
298 $this->logger->warning(
299 'ResourceLoader duplicate registration warning. ' .
300 'Another module has already been registered as ' . $name
301 );
302 }
303
304 // Check validity
305 if ( !self::isValidModuleName( $name ) ) {
306 throw new MWException( "ResourceLoader module name '$name' is invalid, "
307 . "see ResourceLoader::isValidModuleName()" );
308 }
309 if ( !is_array( $info ) ) {
310 throw new InvalidArgumentException(
311 'Invalid module info for "' . $name . '": expected array, got ' . gettype( $info )
312 );
313 }
314
315 // Attach module
316 $this->moduleInfos[$name] = $info;
317
318 // Last-minute changes
319 // Apply custom skin-defined styles to existing modules.
320 if ( $this->isFileModule( $name ) ) {
321 foreach ( $moduleSkinStyles as $skinName => $skinStyles ) {
322 // If this module already defines skinStyles for this skin, ignore $wgResourceModuleSkinStyles.
323 if ( isset( $this->moduleInfos[$name]['skinStyles'][$skinName] ) ) {
324 continue;
325 }
326
327 // If $name is preceded with a '+', the defined style files will be added to 'default'
328 // skinStyles, otherwise 'default' will be ignored as it normally would be.
329 if ( isset( $skinStyles[$name] ) ) {
330 $paths = (array)$skinStyles[$name];
331 $styleFiles = [];
332 } elseif ( isset( $skinStyles['+' . $name] ) ) {
333 $paths = (array)$skinStyles['+' . $name];
334 $styleFiles = isset( $this->moduleInfos[$name]['skinStyles']['default'] ) ?
335 (array)$this->moduleInfos[$name]['skinStyles']['default'] :
336 [];
337 } else {
338 continue;
339 }
340
341 // Add new file paths, remapping them to refer to our directories and not use settings
342 // from the module we're modifying, which come from the base definition.
343 list( $localBasePath, $remoteBasePath ) =
344 ResourceLoaderFileModule::extractBasePaths( $skinStyles );
345
346 foreach ( $paths as $path ) {
347 $styleFiles[] = new ResourceLoaderFilePath( $path, $localBasePath, $remoteBasePath );
348 }
349
350 $this->moduleInfos[$name]['skinStyles'][$skinName] = $styleFiles;
351 }
352 }
353 }
354 }
355
356 /**
357 * @internal For use by ServiceWiring only
358 * @codeCoverageIgnore
359 */
360 public function registerTestModules() {
361 global $IP;
362
363 if ( $this->config->get( 'EnableJavaScriptTest' ) !== true ) {
364 throw new MWException( 'Attempt to register JavaScript test modules '
365 . 'but <code>$wgEnableJavaScriptTest</code> is false. '
366 . 'Edit your <code>LocalSettings.php</code> to enable it.' );
367 }
368
369 // This has a 'qunit' key for compat with the below hook.
370 $testModulesMeta = [ 'qunit' => [] ];
371
372 // Get test suites from extensions
373 // Avoid PHP 7.1 warning from passing $this by reference
374 $rl = $this;
375 Hooks::run( 'ResourceLoaderTestModules', [ &$testModulesMeta, &$rl ] );
376 $extRegistry = ExtensionRegistry::getInstance();
377 // In case of conflict, the deprecated hook has precedence.
378 $testModules = $testModulesMeta['qunit'] + $extRegistry->getAttribute( 'QUnitTestModules' );
379
380 $testSuiteModuleNames = [];
381 foreach ( $testModules as $name => &$module ) {
382 // Turn any single-module dependency into an array
383 if ( isset( $module['dependencies'] ) && is_string( $module['dependencies'] ) ) {
384 $module['dependencies'] = [ $module['dependencies'] ];
385 }
386
387 // Ensure the testrunner loads before any test suites
388 $module['dependencies'][] = 'test.mediawiki.qunit.testrunner';
389
390 // Keep track of the test suites to load on SpecialJavaScriptTest
391 $testSuiteModuleNames[] = $name;
392 }
393
394 // Core test suites (their names have further precedence).
395 $testModules = ( include "$IP/tests/qunit/QUnitTestResources.php" ) + $testModules;
396 $testSuiteModuleNames[] = 'test.mediawiki.qunit.suites';
397
398 $this->register( $testModules );
399 $this->testSuiteModuleNames = $testSuiteModuleNames;
400 }
401
402 /**
403 * Add a foreign source of modules.
404 *
405 * Source IDs are typically the same as the Wiki ID or database name (e.g. lowercase a-z).
406 *
407 * @param array|string $id Source ID (string), or [ id1 => loadUrl, id2 => loadUrl, ... ]
408 * @param string|array|null $loadUrl load.php url (string), or array with loadUrl key for
409 * backwards-compatibility.
410 * @throws MWException
411 */
412 public function addSource( $id, $loadUrl = null ) {
413 // Allow multiple sources to be registered in one call
414 if ( is_array( $id ) ) {
415 foreach ( $id as $key => $value ) {
416 $this->addSource( $key, $value );
417 }
418 return;
419 }
420
421 // Disallow duplicates
422 if ( isset( $this->sources[$id] ) ) {
423 throw new MWException(
424 'ResourceLoader duplicate source addition error. ' .
425 'Another source has already been registered as ' . $id
426 );
427 }
428
429 // Pre 1.24 backwards-compatibility
430 if ( is_array( $loadUrl ) ) {
431 if ( !isset( $loadUrl['loadScript'] ) ) {
432 throw new MWException(
433 __METHOD__ . ' was passed an array with no "loadScript" key.'
434 );
435 }
436
437 $loadUrl = $loadUrl['loadScript'];
438 }
439
440 $this->sources[$id] = $loadUrl;
441 }
442
443 /**
444 * Get a list of module names.
445 *
446 * @return array List of module names
447 */
448 public function getModuleNames() {
449 return array_keys( $this->moduleInfos );
450 }
451
452 /**
453 * Get a list of module names with QUnit test suites.
454 *
455 * @internal For use by SpecialJavaScriptTest only
456 * @return array
457 * @codeCoverageIgnore
458 */
459 public function getTestSuiteModuleNames() {
460 return $this->testSuiteModuleNames;
461 }
462
463 /**
464 * Check whether a ResourceLoader module is registered
465 *
466 * @since 1.25
467 * @param string $name
468 * @return bool
469 */
470 public function isModuleRegistered( $name ) {
471 return isset( $this->moduleInfos[$name] );
472 }
473
474 /**
475 * Get the ResourceLoaderModule object for a given module name.
476 *
477 * If an array of module parameters exists but a ResourceLoaderModule object has not
478 * yet been instantiated, this method will instantiate and cache that object such that
479 * subsequent calls simply return the same object.
480 *
481 * @param string $name Module name
482 * @return ResourceLoaderModule|null If module has been registered, return a
483 * ResourceLoaderModule instance. Otherwise, return null.
484 */
485 public function getModule( $name ) {
486 if ( !isset( $this->modules[$name] ) ) {
487 if ( !isset( $this->moduleInfos[$name] ) ) {
488 // No such module
489 return null;
490 }
491 // Construct the requested module object
492 $info = $this->moduleInfos[$name];
493 if ( isset( $info['factory'] ) ) {
494 /** @var ResourceLoaderModule $object */
495 $object = call_user_func( $info['factory'], $info );
496 } else {
497 $class = $info['class'] ?? ResourceLoaderFileModule::class;
498 /** @var ResourceLoaderModule $object */
499 $object = new $class( $info );
500 }
501 $object->setConfig( $this->getConfig() );
502 $object->setLogger( $this->logger );
503 $object->setName( $name );
504 $this->modules[$name] = $object;
505 }
506
507 return $this->modules[$name];
508 }
509
510 /**
511 * Whether the module is a ResourceLoaderFileModule (including subclasses).
512 *
513 * @param string $name Module name
514 * @return bool
515 */
516 protected function isFileModule( $name ) {
517 if ( !isset( $this->moduleInfos[$name] ) ) {
518 return false;
519 }
520 $info = $this->moduleInfos[$name];
521 return !isset( $info['factory'] ) && (
522 // The implied default for 'class' is ResourceLoaderFileModule
523 !isset( $info['class'] ) ||
524 // Explicit default
525 $info['class'] === ResourceLoaderFileModule::class ||
526 is_subclass_of( $info['class'], ResourceLoaderFileModule::class )
527 );
528 }
529
530 /**
531 * Get the list of sources.
532 *
533 * @return array Like [ id => load.php url, ... ]
534 */
535 public function getSources() {
536 return $this->sources;
537 }
538
539 /**
540 * Get the URL to the load.php endpoint for the given
541 * ResourceLoader source
542 *
543 * @since 1.24
544 * @param string $source
545 * @throws MWException On an invalid $source name
546 * @return string
547 */
548 public function getLoadScript( $source ) {
549 if ( !isset( $this->sources[$source] ) ) {
550 throw new MWException( "The $source source was never registered in ResourceLoader." );
551 }
552 return $this->sources[$source];
553 }
554
555 /**
556 * @internal For use by ResourceLoaderStartUpModule only.
557 */
558 const HASH_LENGTH = 5;
559
560 /**
561 * Create a hash for module versioning purposes.
562 *
563 * This hash is used in three ways:
564 *
565 * - To differentiate between the current version and a past version
566 * of a module by the same name.
567 *
568 * In the cache key of localStorage in the browser (mw.loader.store).
569 * This store keeps only one version of any given module. As long as the
570 * next version the client encounters has a different hash from the last
571 * version it saw, it will correctly discard it in favour of a network fetch.
572 *
573 * A browser may evict a site's storage container for any reason (e.g. when
574 * the user hasn't visited a site for some time, and/or when the device is
575 * low on storage space). Anecdotally it seems devices rarely keep unused
576 * storage beyond 2 weeks on mobile devices and 4 weeks on desktop.
577 * But, there is no hard limit or expiration on localStorage.
578 * ResourceLoader's Client also clears localStorage when the user changes
579 * their language preference or when they (temporarily) use Debug Mode.
580 *
581 * The only hard factors that reduce the range of possible versions are
582 * 1) the name and existence of a given module, and
583 * 2) the TTL for mw.loader.store, and
584 * 3) the `$wgResourceLoaderStorageVersion` configuration variable.
585 *
586 * - To identify a batch response of modules from load.php in an HTTP cache.
587 *
588 * When fetching modules in a batch from load.php, a combined hash
589 * is created by the JS code, and appended as query parameter.
590 *
591 * In cache proxies (e.g. Varnish, Nginx) and in the browser's HTTP cache,
592 * these urls are used to identify other previously cached responses.
593 * The range of possible versions a given version has to be unique amongst
594 * is determined by the maximum duration each response is stored for, which
595 * is controlled by `$wgResourceLoaderMaxage['versioned']`.
596 *
597 * - To detect race conditions between multiple web servers in a MediaWiki
598 * deployment of which some have the newer version and some still the older
599 * version.
600 *
601 * An HTTP request from a browser for the Startup manifest may be responded
602 * to by a server with the newer version. The browser may then use that to
603 * request a given module, which may then be responded to by a server with
604 * the older version. To avoid caching this for too long (which would pollute
605 * all other users without repairing itself), the combined hash that the JS
606 * client adds to the url is verified by the server (in ::sendResponseHeaders).
607 * If they don't match, we instruct cache proxies and clients to not cache
608 * this response as long as they normally would. This is also the reason
609 * that the algorithm used here in PHP must match the one used in JS.
610 *
611 * The fnv132 digest creates a 32-bit integer, which goes upto 4 Giga and
612 * needs up to 7 chars in base 36.
613 * Within 7 characters, base 36 can count up to 78,364,164,096 (78 Giga),
614 * (but with fnv132 we'd use very little of this range, mostly padding).
615 * Within 6 characters, base 36 can count up to 2,176,782,336 (2 Giga).
616 * Within 5 characters, base 36 can count up to 60,466,176 (60 Mega).
617 *
618 * @since 1.26
619 * @param string $value
620 * @return string Hash
621 */
622 public static function makeHash( $value ) {
623 $hash = hash( 'fnv132', $value );
624 // The base_convert will pad it (if too short),
625 // then substr() will trim it (if too long).
626 return substr(
627 Wikimedia\base_convert( $hash, 16, 36, self::HASH_LENGTH ),
628 0,
629 self::HASH_LENGTH
630 );
631 }
632
633 /**
634 * Add an error to the 'errors' array and log it.
635 *
636 * @private For internal use by ResourceLoader and ResourceLoaderStartUpModule.
637 * @since 1.29
638 * @param Exception $e
639 * @param string $msg
640 * @param array $context
641 */
642 public function outputErrorAndLog( Exception $e, $msg, array $context = [] ) {
643 MWExceptionHandler::logException( $e );
644 $this->logger->warning(
645 $msg,
646 $context + [ 'exception' => $e ]
647 );
648 $this->errors[] = self::formatExceptionNoComment( $e );
649 }
650
651 /**
652 * Helper method to get and combine versions of multiple modules.
653 *
654 * @since 1.26
655 * @param ResourceLoaderContext $context
656 * @param string[] $moduleNames List of known module names
657 * @return string Hash
658 */
659 public function getCombinedVersion( ResourceLoaderContext $context, array $moduleNames ) {
660 if ( !$moduleNames ) {
661 return '';
662 }
663 $hashes = array_map( function ( $module ) use ( $context ) {
664 try {
665 return $this->getModule( $module )->getVersionHash( $context );
666 } catch ( Exception $e ) {
667 // If modules fail to compute a version, don't fail the request (T152266)
668 // and still compute versions of other modules.
669 $this->outputErrorAndLog( $e,
670 'Calculating version for "{module}" failed: {exception}',
671 [
672 'module' => $module,
673 ]
674 );
675 return '';
676 }
677 }, $moduleNames );
678 return self::makeHash( implode( '', $hashes ) );
679 }
680
681 /**
682 * Get the expected value of the 'version' query parameter.
683 *
684 * This is used by respond() to set a short Cache-Control header for requests with
685 * information newer than the current server has. This avoids pollution of edge caches.
686 * Typically during deployment. (T117587)
687 *
688 * This MUST match return value of `mw.loader#getCombinedVersion()` client-side.
689 *
690 * @since 1.28
691 * @param ResourceLoaderContext $context
692 * @param string[]|null $modules
693 * @return string Hash
694 */
695 public function makeVersionQuery( ResourceLoaderContext $context, array $modules = null ) {
696 if ( $modules === null ) {
697 wfDeprecated( __METHOD__ . ' without $modules', '1.34' );
698 $modules = $context->getModules();
699 }
700 // As of MediaWiki 1.28, the server and client use the same algorithm for combining
701 // version hashes. There is no technical reason for this to be same, and for years the
702 // implementations differed. If getCombinedVersion in PHP (used for StartupModule and
703 // E-Tag headers) differs in the future from getCombinedVersion in JS (used for 'version'
704 // query parameter), then this method must continue to match the JS one.
705 $filtered = [];
706 foreach ( $modules as $name ) {
707 if ( !$this->getModule( $name ) ) {
708 // If a versioned request contains a missing module, the version is a mismatch
709 // as the client considered a module (and version) we don't have.
710 return '';
711 }
712 $filtered[] = $name;
713 }
714 return $this->getCombinedVersion( $context, $filtered );
715 }
716
717 /**
718 * Output a response to a load request, including the content-type header.
719 *
720 * @param ResourceLoaderContext $context Context in which a response should be formed
721 */
722 public function respond( ResourceLoaderContext $context ) {
723 // Buffer output to catch warnings. Normally we'd use ob_clean() on the
724 // top-level output buffer to clear warnings, but that breaks when ob_gzhandler
725 // is used: ob_clean() will clear the GZIP header in that case and it won't come
726 // back for subsequent output, resulting in invalid GZIP. So we have to wrap
727 // the whole thing in our own output buffer to be sure the active buffer
728 // doesn't use ob_gzhandler.
729 // See https://bugs.php.net/bug.php?id=36514
730 ob_start();
731
732 $this->measureResponseTime( RequestContext::getMain()->getTiming() );
733
734 // Find out which modules are missing and instantiate the others
735 $modules = [];
736 $missing = [];
737 foreach ( $context->getModules() as $name ) {
738 $module = $this->getModule( $name );
739 if ( $module ) {
740 // Do not allow private modules to be loaded from the web.
741 // This is a security issue, see T36907.
742 if ( $module->getGroup() === 'private' ) {
743 // Not a serious error, just means something is trying to access it (T101806)
744 $this->logger->debug( "Request for private module '$name' denied" );
745 $this->errors[] = "Cannot build private module \"$name\"";
746 continue;
747 }
748 $modules[$name] = $module;
749 } else {
750 $missing[] = $name;
751 }
752 }
753
754 try {
755 // Preload for getCombinedVersion() and for batch makeModuleResponse()
756 $this->preloadModuleInfo( array_keys( $modules ), $context );
757 } catch ( Exception $e ) {
758 $this->outputErrorAndLog( $e, 'Preloading module info failed: {exception}' );
759 }
760
761 // Combine versions to propagate cache invalidation
762 $versionHash = '';
763 try {
764 $versionHash = $this->getCombinedVersion( $context, array_keys( $modules ) );
765 } catch ( Exception $e ) {
766 $this->outputErrorAndLog( $e, 'Calculating version hash failed: {exception}' );
767 }
768
769 // See RFC 2616 § 3.11 Entity Tags
770 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11
771 $etag = 'W/"' . $versionHash . '"';
772
773 // Try the client-side cache first
774 if ( $this->tryRespondNotModified( $context, $etag ) ) {
775 return; // output handled (buffers cleared)
776 }
777
778 // Use file cache if enabled and available...
779 if ( $this->config->get( 'UseFileCache' ) ) {
780 $fileCache = ResourceFileCache::newFromContext( $context );
781 if ( $this->tryRespondFromFileCache( $fileCache, $context, $etag ) ) {
782 return; // output handled
783 }
784 } else {
785 $fileCache = null;
786 }
787
788 // Generate a response
789 $response = $this->makeModuleResponse( $context, $modules, $missing );
790
791 // Capture any PHP warnings from the output buffer and append them to the
792 // error list if we're in debug mode.
793 if ( $context->getDebug() ) {
794 $warnings = ob_get_contents();
795 if ( strlen( $warnings ) ) {
796 $this->errors[] = $warnings;
797 }
798 }
799
800 // Consider saving the response to file cache (unless there are errors).
801 if ( $fileCache &&
802 !$this->errors &&
803 $missing === [] &&
804 ResourceFileCache::useFileCache( $context )
805 ) {
806 if ( $fileCache->isCacheWorthy() ) {
807 // There were enough hits, save the response to the cache
808 $fileCache->saveText( $response );
809 } else {
810 $fileCache->incrMissesRecent( $context->getRequest() );
811 }
812 }
813
814 $this->sendResponseHeaders( $context, $etag, (bool)$this->errors, $this->extraHeaders );
815
816 // Remove the output buffer and output the response
817 ob_end_clean();
818
819 if ( $context->getImageObj() && $this->errors ) {
820 // We can't show both the error messages and the response when it's an image.
821 $response = implode( "\n\n", $this->errors );
822 } elseif ( $this->errors ) {
823 $errorText = implode( "\n\n", $this->errors );
824 $errorResponse = self::makeComment( $errorText );
825 if ( $context->shouldIncludeScripts() ) {
826 $errorResponse .= 'if (window.console && console.error) { console.error('
827 . $context->encodeJson( $errorText )
828 . "); }\n";
829 }
830
831 // Prepend error info to the response
832 $response = $errorResponse . $response;
833 }
834
835 $this->errors = [];
836 echo $response;
837 }
838
839 protected function measureResponseTime( Timing $timing ) {
840 DeferredUpdates::addCallableUpdate( function () use ( $timing ) {
841 $measure = $timing->measure( 'responseTime', 'requestStart', 'requestShutdown' );
842 if ( $measure !== false ) {
843 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
844 $stats->timing( 'resourceloader.responseTime', $measure['duration'] * 1000 );
845 }
846 } );
847 }
848
849 /**
850 * Send main response headers to the client.
851 *
852 * Deals with Content-Type, CORS (for stylesheets), and caching.
853 *
854 * @param ResourceLoaderContext $context
855 * @param string $etag ETag header value
856 * @param bool $errors Whether there are errors in the response
857 * @param string[] $extra Array of extra HTTP response headers
858 * @return void
859 */
860 protected function sendResponseHeaders(
861 ResourceLoaderContext $context, $etag, $errors, array $extra = []
862 ) {
863 \MediaWiki\HeaderCallback::warnIfHeadersSent();
864 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
865 // Use a short cache expiry so that updates propagate to clients quickly, if:
866 // - No version specified (shared resources, e.g. stylesheets)
867 // - There were errors (recover quickly)
868 // - Version mismatch (T117587, T47877)
869 if ( is_null( $context->getVersion() )
870 || $errors
871 || $context->getVersion() !== $this->makeVersionQuery( $context, $context->getModules() )
872 ) {
873 $maxage = $rlMaxage['unversioned']['client'];
874 $smaxage = $rlMaxage['unversioned']['server'];
875 // If a version was specified we can use a longer expiry time since changing
876 // version numbers causes cache misses
877 } else {
878 $maxage = $rlMaxage['versioned']['client'];
879 $smaxage = $rlMaxage['versioned']['server'];
880 }
881 if ( $context->getImageObj() ) {
882 // Output different headers if we're outputting textual errors.
883 if ( $errors ) {
884 header( 'Content-Type: text/plain; charset=utf-8' );
885 } else {
886 $context->getImageObj()->sendResponseHeaders( $context );
887 }
888 } elseif ( $context->getOnly() === 'styles' ) {
889 header( 'Content-Type: text/css; charset=utf-8' );
890 header( 'Access-Control-Allow-Origin: *' );
891 } else {
892 header( 'Content-Type: text/javascript; charset=utf-8' );
893 }
894 // See RFC 2616 § 14.19 ETag
895 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.19
896 header( 'ETag: ' . $etag );
897 if ( $context->getDebug() ) {
898 // Do not cache debug responses
899 header( 'Cache-Control: private, no-cache, must-revalidate' );
900 header( 'Pragma: no-cache' );
901 } else {
902 header( "Cache-Control: public, max-age=$maxage, s-maxage=$smaxage" );
903 $exp = min( $maxage, $smaxage );
904 header( 'Expires: ' . wfTimestamp( TS_RFC2822, $exp + time() ) );
905 }
906 foreach ( $extra as $header ) {
907 header( $header );
908 }
909 }
910
911 /**
912 * Respond with HTTP 304 Not Modified if appropiate.
913 *
914 * If there's an If-None-Match header, respond with a 304 appropriately
915 * and clear out the output buffer. If the client cache is too old then do nothing.
916 *
917 * @param ResourceLoaderContext $context
918 * @param string $etag ETag header value
919 * @return bool True if HTTP 304 was sent and output handled
920 */
921 protected function tryRespondNotModified( ResourceLoaderContext $context, $etag ) {
922 // See RFC 2616 § 14.26 If-None-Match
923 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26
924 $clientKeys = $context->getRequest()->getHeader( 'If-None-Match', WebRequest::GETHEADER_LIST );
925 // Never send 304s in debug mode
926 if ( $clientKeys !== false && !$context->getDebug() && in_array( $etag, $clientKeys ) ) {
927 // There's another bug in ob_gzhandler (see also the comment at
928 // the top of this function) that causes it to gzip even empty
929 // responses, meaning it's impossible to produce a truly empty
930 // response (because the gzip header is always there). This is
931 // a problem because 304 responses have to be completely empty
932 // per the HTTP spec, and Firefox behaves buggily when they're not.
933 // See also https://bugs.php.net/bug.php?id=51579
934 // To work around this, we tear down all output buffering before
935 // sending the 304.
936 wfResetOutputBuffers( /* $resetGzipEncoding = */ true );
937
938 HttpStatus::header( 304 );
939
940 $this->sendResponseHeaders( $context, $etag, false );
941 return true;
942 }
943 return false;
944 }
945
946 /**
947 * Send out code for a response from file cache if possible.
948 *
949 * @param ResourceFileCache $fileCache Cache object for this request URL
950 * @param ResourceLoaderContext $context Context in which to generate a response
951 * @param string $etag ETag header value
952 * @return bool If this found a cache file and handled the response
953 */
954 protected function tryRespondFromFileCache(
955 ResourceFileCache $fileCache,
956 ResourceLoaderContext $context,
957 $etag
958 ) {
959 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
960 // Buffer output to catch warnings.
961 ob_start();
962 // Get the maximum age the cache can be
963 $maxage = is_null( $context->getVersion() )
964 ? $rlMaxage['unversioned']['server']
965 : $rlMaxage['versioned']['server'];
966 // Minimum timestamp the cache file must have
967 $good = $fileCache->isCacheGood( wfTimestamp( TS_MW, time() - $maxage ) );
968 if ( !$good ) {
969 try { // RL always hits the DB on file cache miss...
970 wfGetDB( DB_REPLICA );
971 } catch ( DBConnectionError $e ) { // ...check if we need to fallback to cache
972 $good = $fileCache->isCacheGood(); // cache existence check
973 }
974 }
975 if ( $good ) {
976 $ts = $fileCache->cacheTimestamp();
977 // Send content type and cache headers
978 $this->sendResponseHeaders( $context, $etag, false );
979 $response = $fileCache->fetchText();
980 // Capture any PHP warnings from the output buffer and append them to the
981 // response in a comment if we're in debug mode.
982 if ( $context->getDebug() ) {
983 $warnings = ob_get_contents();
984 if ( strlen( $warnings ) ) {
985 $response = self::makeComment( $warnings ) . $response;
986 }
987 }
988 // Remove the output buffer and output the response
989 ob_end_clean();
990 echo $response . "\n/* Cached {$ts} */";
991 return true; // cache hit
992 }
993 // Clear buffer
994 ob_end_clean();
995
996 return false; // cache miss
997 }
998
999 /**
1000 * Generate a CSS or JS comment block.
1001 *
1002 * Only use this for public data, not error message details.
1003 *
1004 * @param string $text
1005 * @return string
1006 */
1007 public static function makeComment( $text ) {
1008 $encText = str_replace( '*/', '* /', $text );
1009 return "/*\n$encText\n*/\n";
1010 }
1011
1012 /**
1013 * Handle exception display.
1014 *
1015 * @param Exception $e Exception to be shown to the user
1016 * @return string Sanitized text in a CSS/JS comment that can be returned to the user
1017 */
1018 public static function formatException( $e ) {
1019 return self::makeComment( self::formatExceptionNoComment( $e ) );
1020 }
1021
1022 /**
1023 * Handle exception display.
1024 *
1025 * @since 1.25
1026 * @param Exception $e Exception to be shown to the user
1027 * @return string Sanitized text that can be returned to the user
1028 */
1029 protected static function formatExceptionNoComment( $e ) {
1030 global $wgShowExceptionDetails;
1031
1032 if ( !$wgShowExceptionDetails ) {
1033 return MWExceptionHandler::getPublicLogMessage( $e );
1034 }
1035
1036 return MWExceptionHandler::getLogMessage( $e ) .
1037 "\nBacktrace:\n" .
1038 MWExceptionHandler::getRedactedTraceAsString( $e );
1039 }
1040
1041 /**
1042 * Generate code for a response.
1043 *
1044 * Calling this method also populates the `errors` and `headers` members,
1045 * later used by respond().
1046 *
1047 * @param ResourceLoaderContext $context Context in which to generate a response
1048 * @param ResourceLoaderModule[] $modules List of module objects keyed by module name
1049 * @param string[] $missing List of requested module names that are unregistered (optional)
1050 * @return string Response data
1051 */
1052 public function makeModuleResponse( ResourceLoaderContext $context,
1053 array $modules, array $missing = []
1054 ) {
1055 $out = '';
1056 $states = [];
1057
1058 if ( $modules === [] && $missing === [] ) {
1059 return <<<MESSAGE
1060 /* This file is the Web entry point for MediaWiki's ResourceLoader:
1061 <https://www.mediawiki.org/wiki/ResourceLoader>. In this request,
1062 no modules were requested. Max made me put this here. */
1063 MESSAGE;
1064 }
1065
1066 $image = $context->getImageObj();
1067 if ( $image ) {
1068 $data = $image->getImageData( $context );
1069 if ( $data === false ) {
1070 $data = '';
1071 $this->errors[] = 'Image generation failed';
1072 }
1073 return $data;
1074 }
1075
1076 foreach ( $missing as $name ) {
1077 $states[$name] = 'missing';
1078 }
1079
1080 $filter = $context->getOnly() === 'styles' ? 'minify-css' : 'minify-js';
1081
1082 foreach ( $modules as $name => $module ) {
1083 try {
1084 $content = $module->getModuleContent( $context );
1085 $implementKey = $name . '@' . $module->getVersionHash( $context );
1086 $strContent = '';
1087
1088 if ( isset( $content['headers'] ) ) {
1089 $this->extraHeaders = array_merge( $this->extraHeaders, $content['headers'] );
1090 }
1091
1092 // Append output
1093 switch ( $context->getOnly() ) {
1094 case 'scripts':
1095 $scripts = $content['scripts'];
1096 if ( is_string( $scripts ) ) {
1097 // Load scripts raw...
1098 $strContent = $scripts;
1099 } elseif ( is_array( $scripts ) ) {
1100 // ...except when $scripts is an array of URLs or an associative array
1101 $strContent = self::makeLoaderImplementScript(
1102 $context,
1103 $implementKey,
1104 $scripts,
1105 [],
1106 [],
1107 []
1108 );
1109 }
1110 break;
1111 case 'styles':
1112 $styles = $content['styles'];
1113 // We no longer separate into media, they are all combined now with
1114 // custom media type groups into @media .. {} sections as part of the css string.
1115 // Module returns either an empty array or a numerical array with css strings.
1116 $strContent = isset( $styles['css'] ) ? implode( '', $styles['css'] ) : '';
1117 break;
1118 default:
1119 $scripts = $content['scripts'] ?? '';
1120 if ( is_string( $scripts ) ) {
1121 if ( $name === 'site' || $name === 'user' ) {
1122 // Legacy scripts that run in the global scope without a closure.
1123 // mw.loader.implement will use globalEval if scripts is a string.
1124 // Minify manually here, because general response minification is
1125 // not effective due it being a string literal, not a function.
1126 if ( !$context->getDebug() ) {
1127 $scripts = self::filter( 'minify-js', $scripts ); // T107377
1128 }
1129 } else {
1130 $scripts = new XmlJsCode( $scripts );
1131 }
1132 }
1133 $strContent = self::makeLoaderImplementScript(
1134 $context,
1135 $implementKey,
1136 $scripts,
1137 $content['styles'] ?? [],
1138 isset( $content['messagesBlob'] ) ? new XmlJsCode( $content['messagesBlob'] ) : [],
1139 $content['templates'] ?? []
1140 );
1141 break;
1142 }
1143
1144 if ( !$context->getDebug() ) {
1145 $strContent = self::filter( $filter, $strContent );
1146 } else {
1147 // In debug mode, separate each response by a new line.
1148 // For example, between 'mw.loader.implement();' statements.
1149 $strContent = $this->ensureNewline( $strContent );
1150 }
1151
1152 if ( $context->getOnly() === 'scripts' ) {
1153 // Use a linebreak between module scripts (T162719)
1154 $out .= $this->ensureNewline( $strContent );
1155 } else {
1156 $out .= $strContent;
1157 }
1158
1159 } catch ( Exception $e ) {
1160 $this->outputErrorAndLog( $e, 'Generating module package failed: {exception}' );
1161
1162 // Respond to client with error-state instead of module implementation
1163 $states[$name] = 'error';
1164 unset( $modules[$name] );
1165 }
1166 }
1167
1168 // Update module states
1169 if ( $context->shouldIncludeScripts() && !$context->getRaw() ) {
1170 if ( $modules && $context->getOnly() === 'scripts' ) {
1171 // Set the state of modules loaded as only scripts to ready as
1172 // they don't have an mw.loader.implement wrapper that sets the state
1173 foreach ( $modules as $name => $module ) {
1174 $states[$name] = 'ready';
1175 }
1176 }
1177
1178 // Set the state of modules we didn't respond to with mw.loader.implement
1179 if ( $states ) {
1180 $stateScript = self::makeLoaderStateScript( $context, $states );
1181 if ( !$context->getDebug() ) {
1182 $stateScript = self::filter( 'minify-js', $stateScript );
1183 }
1184 // Use a linebreak between module script and state script (T162719)
1185 $out = $this->ensureNewline( $out ) . $stateScript;
1186 }
1187 } elseif ( $states ) {
1188 $this->errors[] = 'Problematic modules: '
1189 . $context->encodeJson( $states );
1190 }
1191
1192 return $out;
1193 }
1194
1195 /**
1196 * Ensure the string is either empty or ends in a line break
1197 * @param string $str
1198 * @return string
1199 */
1200 private function ensureNewline( $str ) {
1201 $end = substr( $str, -1 );
1202 if ( $end === false || $end === '' || $end === "\n" ) {
1203 return $str;
1204 }
1205 return $str . "\n";
1206 }
1207
1208 /**
1209 * Get names of modules that use a certain message.
1210 *
1211 * @param string $messageKey
1212 * @return array List of module names
1213 */
1214 public function getModulesByMessage( $messageKey ) {
1215 $moduleNames = [];
1216 foreach ( $this->getModuleNames() as $moduleName ) {
1217 $module = $this->getModule( $moduleName );
1218 if ( in_array( $messageKey, $module->getMessages() ) ) {
1219 $moduleNames[] = $moduleName;
1220 }
1221 }
1222 return $moduleNames;
1223 }
1224
1225 /**
1226 * Return JS code that calls mw.loader.implement with given module properties.
1227 *
1228 * @param ResourceLoaderContext $context
1229 * @param string $name Module name or implement key (format "`[name]@[version]`")
1230 * @param XmlJsCode|array|string $scripts Code as XmlJsCode (to be wrapped in a closure),
1231 * list of URLs to JavaScript files, string of JavaScript for `$.globalEval`, or array with
1232 * 'files' and 'main' properties (see ResourceLoaderModule::getScript())
1233 * @param mixed $styles Array of CSS strings keyed by media type, or an array of lists of URLs
1234 * to CSS files keyed by media type
1235 * @param mixed $messages List of messages associated with this module. May either be an
1236 * associative array mapping message key to value, or a JSON-encoded message blob containing
1237 * the same data, wrapped in an XmlJsCode object.
1238 * @param array $templates Keys are name of templates and values are the source of
1239 * the template.
1240 * @throws MWException
1241 * @return string JavaScript code
1242 */
1243 private static function makeLoaderImplementScript(
1244 ResourceLoaderContext $context, $name, $scripts, $styles, $messages, $templates
1245 ) {
1246 if ( $scripts instanceof XmlJsCode ) {
1247 if ( $scripts->value === '' ) {
1248 $scripts = null;
1249 } elseif ( $context->getDebug() ) {
1250 $scripts = new XmlJsCode( "function ( $, jQuery, require, module ) {\n{$scripts->value}\n}" );
1251 } else {
1252 $scripts = new XmlJsCode( 'function($,jQuery,require,module){' . $scripts->value . '}' );
1253 }
1254 } elseif ( is_array( $scripts ) && isset( $scripts['files'] ) ) {
1255 $files = $scripts['files'];
1256 foreach ( $files as $path => &$file ) {
1257 // $file is changed (by reference) from a descriptor array to the content of the file
1258 // All of these essentially do $file = $file['content'];, some just have wrapping around it
1259 if ( $file['type'] === 'script' ) {
1260 // Multi-file modules only get two parameters ($ and jQuery are being phased out)
1261 if ( $context->getDebug() ) {
1262 $file = new XmlJsCode( "function ( require, module ) {\n{$file['content']}\n}" );
1263 } else {
1264 $file = new XmlJsCode( 'function(require,module){' . $file['content'] . '}' );
1265 }
1266 } else {
1267 $file = $file['content'];
1268 }
1269 }
1270 $scripts = XmlJsCode::encodeObject( [
1271 'main' => $scripts['main'],
1272 'files' => XmlJsCode::encodeObject( $files, $context->getDebug() )
1273 ], $context->getDebug() );
1274 } elseif ( !is_string( $scripts ) && !is_array( $scripts ) ) {
1275 throw new MWException( 'Invalid scripts error. Array of URLs or string of code expected.' );
1276 }
1277
1278 // mw.loader.implement requires 'styles', 'messages' and 'templates' to be objects (not
1279 // arrays). json_encode considers empty arrays to be numerical and outputs "[]" instead
1280 // of "{}". Force them to objects.
1281 $module = [
1282 $name,
1283 $scripts,
1284 (object)$styles,
1285 (object)$messages,
1286 (object)$templates
1287 ];
1288 self::trimArray( $module );
1289
1290 return Xml::encodeJsCall( 'mw.loader.implement', $module, $context->getDebug() );
1291 }
1292
1293 /**
1294 * Returns JS code which, when called, will register a given list of messages.
1295 *
1296 * @param mixed $messages Associative array mapping message key to value.
1297 * @return string JavaScript code
1298 */
1299 public static function makeMessageSetScript( $messages ) {
1300 return 'mw.messages.set('
1301 . self::encodeJsonForScript( (object)$messages )
1302 . ');';
1303 }
1304
1305 /**
1306 * Combines an associative array mapping media type to CSS into a
1307 * single stylesheet with "@media" blocks.
1308 *
1309 * @param array $stylePairs Array keyed by media type containing (arrays of) CSS strings
1310 * @return array
1311 */
1312 public static function makeCombinedStyles( array $stylePairs ) {
1313 $out = [];
1314 foreach ( $stylePairs as $media => $styles ) {
1315 // ResourceLoaderFileModule::getStyle can return the styles
1316 // as a string or an array of strings. This is to allow separation in
1317 // the front-end.
1318 $styles = (array)$styles;
1319 foreach ( $styles as $style ) {
1320 $style = trim( $style );
1321 // Don't output an empty "@media print { }" block (T42498)
1322 if ( $style !== '' ) {
1323 // Transform the media type based on request params and config
1324 // The way that this relies on $wgRequest to propagate request params is slightly evil
1325 $media = OutputPage::transformCssMedia( $media );
1326
1327 if ( $media === '' || $media == 'all' ) {
1328 $out[] = $style;
1329 } elseif ( is_string( $media ) ) {
1330 $out[] = "@media $media {\n" . str_replace( "\n", "\n\t", "\t" . $style ) . "}";
1331 }
1332 // else: skip
1333 }
1334 }
1335 }
1336 return $out;
1337 }
1338
1339 /**
1340 * Wrapper around json_encode that avoids needless escapes,
1341 * and pretty-prints in debug mode.
1342 *
1343 * @internal
1344 * @since 1.32
1345 * @param mixed $data
1346 * @return string|false JSON string, false on error
1347 */
1348 public static function encodeJsonForScript( $data ) {
1349 // Keep output as small as possible by disabling needless escape modes
1350 // that PHP uses by default.
1351 // However, while most module scripts are only served on HTTP responses
1352 // for JavaScript, some modules can also be embedded in the HTML as inline
1353 // scripts. This, and the fact that we sometimes need to export strings
1354 // containing user-generated content and labels that may genuinely contain
1355 // a sequences like "</script>", we need to encode either '/' or '<'.
1356 // By default PHP escapes '/'. Let's escape '<' instead which is less common
1357 // and allows URLs to mostly remain readable.
1358 $jsonFlags = JSON_UNESCAPED_SLASHES |
1359 JSON_UNESCAPED_UNICODE |
1360 JSON_HEX_TAG |
1361 JSON_HEX_AMP;
1362 if ( self::inDebugMode() ) {
1363 $jsonFlags |= JSON_PRETTY_PRINT;
1364 }
1365 return json_encode( $data, $jsonFlags );
1366 }
1367
1368 /**
1369 * Returns a JS call to mw.loader.state, which sets the state of one
1370 * ore more modules to a given value. Has two calling conventions:
1371 *
1372 * - ResourceLoader::makeLoaderStateScript( $context, $name, $state ):
1373 * Set the state of a single module called $name to $state
1374 *
1375 * - ResourceLoader::makeLoaderStateScript( $context, [ $name => $state, ... ] ):
1376 * Set the state of modules with the given names to the given states
1377 *
1378 * @internal
1379 * @param ResourceLoaderContext $context
1380 * @param array|string $states
1381 * @param string|null $state
1382 * @return string JavaScript code
1383 */
1384 public static function makeLoaderStateScript(
1385 ResourceLoaderContext $context, $states, $state = null
1386 ) {
1387 if ( !is_array( $states ) ) {
1388 $states = [ $states => $state ];
1389 }
1390 return 'mw.loader.state('
1391 . $context->encodeJson( $states )
1392 . ');';
1393 }
1394
1395 private static function isEmptyObject( stdClass $obj ) {
1396 foreach ( $obj as $key => $value ) {
1397 return false;
1398 }
1399 return true;
1400 }
1401
1402 /**
1403 * Remove empty values from the end of an array.
1404 *
1405 * Values considered empty:
1406 *
1407 * - null
1408 * - []
1409 * - new XmlJsCode( '{}' )
1410 * - new stdClass() // (object) []
1411 *
1412 * @param array $array
1413 */
1414 private static function trimArray( array &$array ) {
1415 $i = count( $array );
1416 while ( $i-- ) {
1417 if ( $array[$i] === null
1418 || $array[$i] === []
1419 || ( $array[$i] instanceof XmlJsCode && $array[$i]->value === '{}' )
1420 || ( $array[$i] instanceof stdClass && self::isEmptyObject( $array[$i] ) )
1421 ) {
1422 unset( $array[$i] );
1423 } else {
1424 break;
1425 }
1426 }
1427 }
1428
1429 /**
1430 * Returns JS code which calls mw.loader.register with the given
1431 * parameter.
1432 *
1433 * @par Example
1434 * @code
1435 *
1436 * ResourceLoader::makeLoaderRegisterScript( $context, [
1437 * [ $name1, $version1, $dependencies1, $group1, $source1, $skip1 ],
1438 * [ $name2, $version2, $dependencies1, $group2, $source2, $skip2 ],
1439 * ...
1440 * ] ):
1441 * @endcode
1442 *
1443 * @internal For use by ResourceLoaderStartUpModule only
1444 * @param ResourceLoaderContext $context
1445 * @param array $modules Array of module registration arrays, each containing
1446 * - string: module name
1447 * - string: module version
1448 * - array|null: List of dependencies (optional)
1449 * - string|null: Module group (optional)
1450 * - string|null: Name of foreign module source, or 'local' (optional)
1451 * - string|null: Script body of a skip function (optional)
1452 * @return string JavaScript code
1453 */
1454 public static function makeLoaderRegisterScript(
1455 ResourceLoaderContext $context, array $modules
1456 ) {
1457 // Optimisation: Transform dependency names into indexes when possible
1458 // to produce smaller output. They are expanded by mw.loader.register on
1459 // the other end using resolveIndexedDependencies().
1460 $index = [];
1461 foreach ( $modules as $i => &$module ) {
1462 // Build module name index
1463 $index[$module[0]] = $i;
1464 }
1465 foreach ( $modules as &$module ) {
1466 if ( isset( $module[2] ) ) {
1467 foreach ( $module[2] as &$dependency ) {
1468 if ( isset( $index[$dependency] ) ) {
1469 // Replace module name in dependency list with index
1470 $dependency = $index[$dependency];
1471 }
1472 }
1473 }
1474 }
1475
1476 array_walk( $modules, [ self::class, 'trimArray' ] );
1477
1478 return 'mw.loader.register('
1479 . $context->encodeJson( $modules )
1480 . ');';
1481 }
1482
1483 /**
1484 * Returns JS code which calls mw.loader.addSource() with the given
1485 * parameters. Has two calling conventions:
1486 *
1487 * - ResourceLoader::makeLoaderSourcesScript( $context, $id, $properties ):
1488 * Register a single source
1489 *
1490 * - ResourceLoader::makeLoaderSourcesScript( $context,
1491 * [ $id1 => $loadUrl, $id2 => $loadUrl, ... ]
1492 * );
1493 * Register sources with the given IDs and properties.
1494 *
1495 * @internal For use by ResourceLoaderStartUpModule only
1496 * @param ResourceLoaderContext $context
1497 * @param string|array $sources Source ID
1498 * @param string|null $loadUrl load.php url
1499 * @return string JavaScript code
1500 */
1501 public static function makeLoaderSourcesScript(
1502 ResourceLoaderContext $context, $sources, $loadUrl = null
1503 ) {
1504 if ( !is_array( $sources ) ) {
1505 $sources = [ $sources => $loadUrl ];
1506 }
1507 return 'mw.loader.addSource('
1508 . $context->encodeJson( $sources )
1509 . ');';
1510 }
1511
1512 /**
1513 * Wraps JavaScript code to run after the startup module.
1514 *
1515 * @param string $script JavaScript code
1516 * @return string JavaScript code
1517 */
1518 public static function makeLoaderConditionalScript( $script ) {
1519 // Adds a function to lazy-created RLQ
1520 return '(RLQ=window.RLQ||[]).push(function(){' .
1521 trim( $script ) . '});';
1522 }
1523
1524 /**
1525 * Wraps JavaScript code to run after a required module.
1526 *
1527 * @since 1.32
1528 * @param string|string[] $modules Module name(s)
1529 * @param string $script JavaScript code
1530 * @return string JavaScript code
1531 */
1532 public static function makeInlineCodeWithModule( $modules, $script ) {
1533 // Adds an array to lazy-created RLQ
1534 return '(RLQ=window.RLQ||[]).push(['
1535 . self::encodeJsonForScript( $modules ) . ','
1536 . 'function(){' . trim( $script ) . '}'
1537 . ']);';
1538 }
1539
1540 /**
1541 * Returns an HTML script tag that runs given JS code after startup and base modules.
1542 *
1543 * The code will be wrapped in a closure, and it will be executed by ResourceLoader's
1544 * startup module if the client has adequate support for MediaWiki JavaScript code.
1545 *
1546 * @param string $script JavaScript code
1547 * @param string|null $nonce [optional] Content-Security-Policy nonce
1548 * (from OutputPage::getCSPNonce)
1549 * @return string|WrappedString HTML
1550 */
1551 public static function makeInlineScript( $script, $nonce = null ) {
1552 $js = self::makeLoaderConditionalScript( $script );
1553 $escNonce = '';
1554 if ( $nonce === null ) {
1555 wfWarn( __METHOD__ . " did not get nonce. Will break CSP" );
1556 } elseif ( $nonce !== false ) {
1557 // If it was false, CSP is disabled, so no nonce attribute.
1558 // Nonce should be only base64 characters, so should be safe,
1559 // but better to be safely escaped than sorry.
1560 $escNonce = ' nonce="' . htmlspecialchars( $nonce ) . '"';
1561 }
1562
1563 return new WrappedString(
1564 Html::inlineScript( $js, $nonce ),
1565 "<script$escNonce>(RLQ=window.RLQ||[]).push(function(){",
1566 '});</script>'
1567 );
1568 }
1569
1570 /**
1571 * Returns JS code which will set the MediaWiki configuration array to
1572 * the given value.
1573 *
1574 * @param array $configuration List of configuration values keyed by variable name
1575 * @return string JavaScript code
1576 * @throws Exception
1577 */
1578 public static function makeConfigSetScript( array $configuration ) {
1579 $json = self::encodeJsonForScript( $configuration );
1580 if ( $json === false ) {
1581 $e = new Exception(
1582 'JSON serialization of config data failed. ' .
1583 'This usually means the config data is not valid UTF-8.'
1584 );
1585 MWExceptionHandler::logException( $e );
1586 return 'mw.log.error(' . self::encodeJsonForScript( $e->__toString() ) . ');';
1587 }
1588 return "mw.config.set($json);";
1589 }
1590
1591 /**
1592 * Convert an array of module names to a packed query string.
1593 *
1594 * For example, `[ 'foo.bar', 'foo.baz', 'bar.baz', 'bar.quux' ]`
1595 * becomes `'foo.bar,baz|bar.baz,quux'`.
1596 *
1597 * This process is reversed by ResourceLoader::expandModuleNames().
1598 * See also mw.loader#buildModulesString() which is a port of this, used
1599 * on the client-side.
1600 *
1601 * @param array $modules List of module names (strings)
1602 * @return string Packed query string
1603 */
1604 public static function makePackedModulesString( $modules ) {
1605 $moduleMap = []; // [ prefix => [ suffixes ] ]
1606 foreach ( $modules as $module ) {
1607 $pos = strrpos( $module, '.' );
1608 $prefix = $pos === false ? '' : substr( $module, 0, $pos );
1609 $suffix = $pos === false ? $module : substr( $module, $pos + 1 );
1610 $moduleMap[$prefix][] = $suffix;
1611 }
1612
1613 $arr = [];
1614 foreach ( $moduleMap as $prefix => $suffixes ) {
1615 $p = $prefix === '' ? '' : $prefix . '.';
1616 $arr[] = $p . implode( ',', $suffixes );
1617 }
1618 return implode( '|', $arr );
1619 }
1620
1621 /**
1622 * Expand a string of the form `jquery.foo,bar|jquery.ui.baz,quux` to
1623 * an array of module names like `[ 'jquery.foo', 'jquery.bar',
1624 * 'jquery.ui.baz', 'jquery.ui.quux' ]`.
1625 *
1626 * This process is reversed by ResourceLoader::makePackedModulesString().
1627 *
1628 * @since 1.33
1629 * @param string $modules Packed module name list
1630 * @return array Array of module names
1631 */
1632 public static function expandModuleNames( $modules ) {
1633 $retval = [];
1634 $exploded = explode( '|', $modules );
1635 foreach ( $exploded as $group ) {
1636 if ( strpos( $group, ',' ) === false ) {
1637 // This is not a set of modules in foo.bar,baz notation
1638 // but a single module
1639 $retval[] = $group;
1640 } else {
1641 // This is a set of modules in foo.bar,baz notation
1642 $pos = strrpos( $group, '.' );
1643 if ( $pos === false ) {
1644 // Prefixless modules, i.e. without dots
1645 $retval = array_merge( $retval, explode( ',', $group ) );
1646 } else {
1647 // We have a prefix and a bunch of suffixes
1648 $prefix = substr( $group, 0, $pos ); // 'foo'
1649 $suffixes = explode( ',', substr( $group, $pos + 1 ) ); // [ 'bar', 'baz' ]
1650 foreach ( $suffixes as $suffix ) {
1651 $retval[] = "$prefix.$suffix";
1652 }
1653 }
1654 }
1655 }
1656 return $retval;
1657 }
1658
1659 /**
1660 * Determine whether debug mode was requested
1661 * Order of priority is 1) request param, 2) cookie, 3) $wg setting
1662 * @return bool
1663 */
1664 public static function inDebugMode() {
1665 if ( self::$debugMode === null ) {
1666 global $wgRequest, $wgResourceLoaderDebug;
1667 self::$debugMode = $wgRequest->getFuzzyBool( 'debug',
1668 $wgRequest->getCookie( 'resourceLoaderDebug', '', $wgResourceLoaderDebug )
1669 );
1670 }
1671 return self::$debugMode;
1672 }
1673
1674 /**
1675 * Reset static members used for caching.
1676 *
1677 * Global state and $wgRequest are evil, but we're using it right
1678 * now and sometimes we need to be able to force ResourceLoader to
1679 * re-evaluate the context because it has changed (e.g. in the test suite).
1680 *
1681 * @internal For use by unit tests
1682 * @codeCoverageIgnore
1683 */
1684 public static function clearCache() {
1685 self::$debugMode = null;
1686 }
1687
1688 /**
1689 * Build a load.php URL
1690 *
1691 * @since 1.24
1692 * @param string $source Name of the ResourceLoader source
1693 * @param ResourceLoaderContext $context
1694 * @param array $extraQuery
1695 * @return string URL to load.php. May be protocol-relative if $wgLoadScript is, too.
1696 */
1697 public function createLoaderURL( $source, ResourceLoaderContext $context,
1698 $extraQuery = []
1699 ) {
1700 $query = self::createLoaderQuery( $context, $extraQuery );
1701 $script = $this->getLoadScript( $source );
1702
1703 return wfAppendQuery( $script, $query );
1704 }
1705
1706 /**
1707 * Helper for createLoaderURL()
1708 *
1709 * @since 1.24
1710 * @see makeLoaderQuery
1711 * @param ResourceLoaderContext $context
1712 * @param array $extraQuery
1713 * @return array
1714 */
1715 protected static function createLoaderQuery( ResourceLoaderContext $context, $extraQuery = [] ) {
1716 return self::makeLoaderQuery(
1717 $context->getModules(),
1718 $context->getLanguage(),
1719 $context->getSkin(),
1720 $context->getUser(),
1721 $context->getVersion(),
1722 $context->getDebug(),
1723 $context->getOnly(),
1724 $context->getRequest()->getBool( 'printable' ),
1725 $context->getRequest()->getBool( 'handheld' ),
1726 $extraQuery
1727 );
1728 }
1729
1730 /**
1731 * Build a query array (array representation of query string) for load.php. Helper
1732 * function for createLoaderURL().
1733 *
1734 * @param array $modules
1735 * @param string $lang
1736 * @param string $skin
1737 * @param string|null $user
1738 * @param string|null $version
1739 * @param bool $debug
1740 * @param string|null $only
1741 * @param bool $printable
1742 * @param bool $handheld
1743 * @param array $extraQuery
1744 * @return array
1745 */
1746 public static function makeLoaderQuery( $modules, $lang, $skin, $user = null,
1747 $version = null, $debug = false, $only = null, $printable = false,
1748 $handheld = false, $extraQuery = []
1749 ) {
1750 $query = [
1751 'modules' => self::makePackedModulesString( $modules ),
1752 ];
1753 // Keep urls short by omitting query parameters that
1754 // match the defaults assumed by ResourceLoaderContext.
1755 // Note: This relies on the defaults either being insignificant or forever constant,
1756 // as otherwise cached urls could change in meaning when the defaults change.
1757 if ( $lang !== ResourceLoaderContext::DEFAULT_LANG ) {
1758 $query['lang'] = $lang;
1759 }
1760 if ( $skin !== ResourceLoaderContext::DEFAULT_SKIN ) {
1761 $query['skin'] = $skin;
1762 }
1763 if ( $debug === true ) {
1764 $query['debug'] = 'true';
1765 }
1766 if ( $user !== null ) {
1767 $query['user'] = $user;
1768 }
1769 if ( $version !== null ) {
1770 $query['version'] = $version;
1771 }
1772 if ( $only !== null ) {
1773 $query['only'] = $only;
1774 }
1775 if ( $printable ) {
1776 $query['printable'] = 1;
1777 }
1778 if ( $handheld ) {
1779 $query['handheld'] = 1;
1780 }
1781 $query += $extraQuery;
1782
1783 // Make queries uniform in order
1784 ksort( $query );
1785 return $query;
1786 }
1787
1788 /**
1789 * Check a module name for validity.
1790 *
1791 * Module names may not contain pipes (|), commas (,) or exclamation marks (!) and can be
1792 * at most 255 bytes.
1793 *
1794 * @param string $moduleName Module name to check
1795 * @return bool Whether $moduleName is a valid module name
1796 */
1797 public static function isValidModuleName( $moduleName ) {
1798 return strcspn( $moduleName, '!,|', 0, 255 ) === strlen( $moduleName );
1799 }
1800
1801 /**
1802 * Returns LESS compiler set up for use with MediaWiki
1803 *
1804 * @since 1.27
1805 * @param array $vars Associative array of variables that should be used
1806 * for compilation. Since 1.32, this method no longer automatically includes
1807 * global LESS vars from ResourceLoader::getLessVars (T191937).
1808 * @throws MWException
1809 * @return Less_Parser
1810 */
1811 public function getLessCompiler( $vars = [] ) {
1812 global $IP;
1813 // When called from the installer, it is possible that a required PHP extension
1814 // is missing (at least for now; see T49564). If this is the case, throw an
1815 // exception (caught by the installer) to prevent a fatal error later on.
1816 if ( !class_exists( 'Less_Parser' ) ) {
1817 throw new MWException( 'MediaWiki requires the less.php parser' );
1818 }
1819
1820 $parser = new Less_Parser;
1821 $parser->ModifyVars( $vars );
1822 $parser->SetImportDirs( [
1823 "$IP/resources/src/mediawiki.less/" => '',
1824 ] );
1825 $parser->SetOption( 'relativeUrls', false );
1826
1827 return $parser;
1828 }
1829
1830 /**
1831 * Get global LESS variables.
1832 *
1833 * @since 1.27
1834 * @deprecated since 1.32 Use ResourceLoderModule::getLessVars() instead.
1835 * @return array Map of variable names to string CSS values.
1836 */
1837 public function getLessVars() {
1838 return [];
1839 }
1840 }
Wiklou, le Wiki du Wiklou