dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
resourceloader: Add $context to static functions in ResourceLoader
[lhc/web/wiklou.git] / includes / resourceloader / ResourceLoader.php
1 <?php
2 /**
3 * Base class for resource loading system.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @author Roan Kattouw
22 * @author Trevor Parscal
23 */
24
25 use MediaWiki\MediaWikiServices;
26 use Psr\Log\LoggerAwareInterface;
27 use Psr\Log\LoggerInterface;
28 use Psr\Log\NullLogger;
29 use Wikimedia\Rdbms\DBConnectionError;
30 use Wikimedia\WrappedString;
31
32 /**
33 * Dynamic JavaScript and CSS resource loading system.
34 *
35 * Most of the documentation is on the MediaWiki documentation wiki starting at:
36 * https://www.mediawiki.org/wiki/ResourceLoader
37 */
38 class ResourceLoader implements LoggerAwareInterface {
39 /** @var Config $config */
40 protected $config;
41 /** @var MessageBlobStore */
42 protected $blobStore;
43
44 /** @var LoggerInterface */
45 private $logger;
46
47 /** @var ResourceLoaderModule[] Map of (module name => ResourceLoaderModule) */
48 protected $modules = [];
49 /** @var array[] Map of (module name => associative info array) */
50 protected $moduleInfos = [];
51 /**
52 * Associative array mapping framework ids to a list of names of test suite modules
53 * like [ 'qunit' => [ 'mediawiki.tests.qunit.suites', 'ext.foo.tests', ... ], ... ]
54 * @var array
55 */
56 protected $testModuleNames = [];
57 /** @var string[] List of module names that contain QUnit test suites */
58 protected $testSuiteModuleNames = [];
59
60 /** @var array Map of (source => path); E.g. [ 'source-id' => 'http://.../load.php' ] */
61 protected $sources = [];
62 /** @var array Errors accumulated during current respond() call */
63 protected $errors = [];
64 /** @var string[] Extra HTTP response headers from modules loaded in makeModuleResponse() */
65 protected $extraHeaders = [];
66
67 /** @var bool */
68 protected static $debugMode = null;
69
70 /** @var int */
71 const CACHE_VERSION = 8;
72
73 /** @var string JavaScript / CSS pragma to disable minification. * */
74 const FILTER_NOMIN = '/*@nomin*/';
75
76 /**
77 * Load information stored in the database about modules.
78 *
79 * This method grabs modules dependencies from the database and updates modules
80 * objects.
81 *
82 * This is not inside the module code because it is much faster to
83 * request all of the information at once than it is to have each module
84 * requests its own information. This sacrifice of modularity yields a substantial
85 * performance improvement.
86 *
87 * @param array $moduleNames List of module names to preload information for
88 * @param ResourceLoaderContext $context Context to load the information within
89 */
90 public function preloadModuleInfo( array $moduleNames, ResourceLoaderContext $context ) {
91 if ( !$moduleNames ) {
92 // Or else Database*::select() will explode, plus it's cheaper!
93 return;
94 }
95 $dbr = wfGetDB( DB_REPLICA );
96 $lang = $context->getLanguage();
97
98 // Batched version of ResourceLoaderModule::getFileDependencies
99 $vary = ResourceLoaderModule::getVary( $context );
100 $res = $dbr->select( 'module_deps', [ 'md_module', 'md_deps' ], [
101 'md_module' => $moduleNames,
102 'md_skin' => $vary,
103 ], __METHOD__
104 );
105
106 // Prime in-object cache for file dependencies
107 $modulesWithDeps = [];
108 foreach ( $res as $row ) {
109 $module = $this->getModule( $row->md_module );
110 if ( $module ) {
111 $module->setFileDependencies( $context, ResourceLoaderModule::expandRelativePaths(
112 json_decode( $row->md_deps, true )
113 ) );
114 $modulesWithDeps[] = $row->md_module;
115 }
116 }
117 // Register the absence of a dependency row too
118 foreach ( array_diff( $moduleNames, $modulesWithDeps ) as $name ) {
119 $module = $this->getModule( $name );
120 if ( $module ) {
121 $this->getModule( $name )->setFileDependencies( $context, [] );
122 }
123 }
124
125 // Batched version of ResourceLoaderWikiModule::getTitleInfo
126 ResourceLoaderWikiModule::preloadTitleInfo( $context, $dbr, $moduleNames );
127
128 // Prime in-object cache for message blobs for modules with messages
129 $modules = [];
130 foreach ( $moduleNames as $name ) {
131 $module = $this->getModule( $name );
132 if ( $module && $module->getMessages() ) {
133 $modules[$name] = $module;
134 }
135 }
136 $store = $this->getMessageBlobStore();
137 $blobs = $store->getBlobs( $modules, $lang );
138 foreach ( $blobs as $name => $blob ) {
139 $modules[$name]->setMessageBlob( $blob, $lang );
140 }
141 }
142
143 /**
144 * Run JavaScript or CSS data through a filter, caching the filtered result for future calls.
145 *
146 * Available filters are:
147 *
148 * - minify-js \see JavaScriptMinifier::minify
149 * - minify-css \see CSSMin::minify
150 *
151 * If $data is empty, only contains whitespace or the filter was unknown,
152 * $data is returned unmodified.
153 *
154 * @param string $filter Name of filter to run
155 * @param string $data Text to filter, such as JavaScript or CSS text
156 * @param array $options Keys:
157 * - (bool) cache: Whether to allow caching this data. Default: true.
158 * @return string Filtered data, or a comment containing an error message
159 */
160 public static function filter( $filter, $data, array $options = [] ) {
161 if ( strpos( $data, self::FILTER_NOMIN ) !== false ) {
162 return $data;
163 }
164
165 if ( isset( $options['cache'] ) && $options['cache'] === false ) {
166 return self::applyFilter( $filter, $data );
167 }
168
169 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
170 $cache = ObjectCache::getLocalServerInstance( CACHE_ANYTHING );
171
172 $key = $cache->makeGlobalKey(
173 'resourceloader-filter',
174 $filter,
175 self::CACHE_VERSION,
176 md5( $data )
177 );
178
179 $result = $cache->get( $key );
180 if ( $result === false ) {
181 $stats->increment( "resourceloader_cache.$filter.miss" );
182 $result = self::applyFilter( $filter, $data );
183 $cache->set( $key, $result, 24 * 3600 );
184 } else {
185 $stats->increment( "resourceloader_cache.$filter.hit" );
186 }
187 if ( $result === null ) {
188 // Cached failure
189 $result = $data;
190 }
191
192 return $result;
193 }
194
195 private static function applyFilter( $filter, $data ) {
196 $data = trim( $data );
197 if ( $data ) {
198 try {
199 $data = ( $filter === 'minify-css' )
200 ? CSSMin::minify( $data )
201 : JavaScriptMinifier::minify( $data );
202 } catch ( Exception $e ) {
203 MWExceptionHandler::logException( $e );
204 return null;
205 }
206 }
207 return $data;
208 }
209
210 /**
211 * Register core modules and runs registration hooks.
212 * @param Config|null $config
213 * @param LoggerInterface|null $logger [optional]
214 */
215 public function __construct( Config $config = null, LoggerInterface $logger = null ) {
216 $this->logger = $logger ?: new NullLogger();
217
218 if ( !$config ) {
219 wfDeprecated( __METHOD__ . ' without a Config instance', '1.34' );
220 $config = MediaWikiServices::getInstance()->getMainConfig();
221 }
222 $this->config = $config;
223
224 // Add 'local' source first
225 $this->addSource( 'local', $config->get( 'LoadScript' ) );
226
227 // Special module that always exists
228 $this->register( 'startup', [ 'class' => ResourceLoaderStartUpModule::class ] );
229
230 $this->setMessageBlobStore( new MessageBlobStore( $this, $this->logger ) );
231 }
232
233 /**
234 * @return Config
235 */
236 public function getConfig() {
237 return $this->config;
238 }
239
240 /**
241 * @since 1.26
242 * @param LoggerInterface $logger
243 */
244 public function setLogger( LoggerInterface $logger ) {
245 $this->logger = $logger;
246 }
247
248 /**
249 * @since 1.27
250 * @return LoggerInterface
251 */
252 public function getLogger() {
253 return $this->logger;
254 }
255
256 /**
257 * @since 1.26
258 * @return MessageBlobStore
259 */
260 public function getMessageBlobStore() {
261 return $this->blobStore;
262 }
263
264 /**
265 * @since 1.25
266 * @param MessageBlobStore $blobStore
267 */
268 public function setMessageBlobStore( MessageBlobStore $blobStore ) {
269 $this->blobStore = $blobStore;
270 }
271
272 /**
273 * Register a module with the ResourceLoader system.
274 *
275 * @param string|array[] $name Module name as a string or, array of module info arrays
276 * keyed by name.
277 * @param array|null $info Module info array. When using the first parameter to register
278 * multiple modules at once, this parameter is optional.
279 * @throws MWException If a duplicate module registration is attempted
280 * @throws MWException If a module name contains illegal characters (pipes or commas)
281 * @throws InvalidArgumentException If the module info is not an array
282 */
283 public function register( $name, $info = null ) {
284 $moduleSkinStyles = $this->config->get( 'ResourceModuleSkinStyles' );
285
286 // Allow multiple modules to be registered in one call
287 $registrations = is_array( $name ) ? $name : [ $name => $info ];
288 foreach ( $registrations as $name => $info ) {
289 // Warn on duplicate registrations
290 if ( isset( $this->moduleInfos[$name] ) ) {
291 // A module has already been registered by this name
292 $this->logger->warning(
293 'ResourceLoader duplicate registration warning. ' .
294 'Another module has already been registered as ' . $name
295 );
296 }
297
298 // Check validity
299 if ( !self::isValidModuleName( $name ) ) {
300 throw new MWException( "ResourceLoader module name '$name' is invalid, "
301 . "see ResourceLoader::isValidModuleName()" );
302 }
303 if ( !is_array( $info ) ) {
304 throw new InvalidArgumentException(
305 'Invalid module info for "' . $name . '": expected array, got ' . gettype( $info )
306 );
307 }
308
309 // Attach module
310 $this->moduleInfos[$name] = $info;
311
312 // Last-minute changes
313 // Apply custom skin-defined styles to existing modules.
314 if ( $this->isFileModule( $name ) ) {
315 foreach ( $moduleSkinStyles as $skinName => $skinStyles ) {
316 // If this module already defines skinStyles for this skin, ignore $wgResourceModuleSkinStyles.
317 if ( isset( $this->moduleInfos[$name]['skinStyles'][$skinName] ) ) {
318 continue;
319 }
320
321 // If $name is preceded with a '+', the defined style files will be added to 'default'
322 // skinStyles, otherwise 'default' will be ignored as it normally would be.
323 if ( isset( $skinStyles[$name] ) ) {
324 $paths = (array)$skinStyles[$name];
325 $styleFiles = [];
326 } elseif ( isset( $skinStyles['+' . $name] ) ) {
327 $paths = (array)$skinStyles['+' . $name];
328 $styleFiles = isset( $this->moduleInfos[$name]['skinStyles']['default'] ) ?
329 (array)$this->moduleInfos[$name]['skinStyles']['default'] :
330 [];
331 } else {
332 continue;
333 }
334
335 // Add new file paths, remapping them to refer to our directories and not use settings
336 // from the module we're modifying, which come from the base definition.
337 list( $localBasePath, $remoteBasePath ) =
338 ResourceLoaderFileModule::extractBasePaths( $skinStyles );
339
340 foreach ( $paths as $path ) {
341 $styleFiles[] = new ResourceLoaderFilePath( $path, $localBasePath, $remoteBasePath );
342 }
343
344 $this->moduleInfos[$name]['skinStyles'][$skinName] = $styleFiles;
345 }
346 }
347 }
348 }
349
350 /**
351 * @internal For use by ServiceWiring only
352 * @codeCoverageIgnore
353 */
354 public function registerTestModules() {
355 global $IP;
356
357 if ( $this->config->get( 'EnableJavaScriptTest' ) !== true ) {
358 throw new MWException( 'Attempt to register JavaScript test modules '
359 . 'but <code>$wgEnableJavaScriptTest</code> is false. '
360 . 'Edit your <code>LocalSettings.php</code> to enable it.' );
361 }
362
363 // This has a 'qunit' key for compat with the below hook.
364 $testModulesMeta = [ 'qunit' => [] ];
365
366 // Get test suites from extensions
367 // Avoid PHP 7.1 warning from passing $this by reference
368 $rl = $this;
369 Hooks::run( 'ResourceLoaderTestModules', [ &$testModulesMeta, &$rl ] );
370 $extRegistry = ExtensionRegistry::getInstance();
371 // In case of conflict, the deprecated hook has precedence.
372 $testModules = $testModulesMeta['qunit'] + $extRegistry->getAttribute( 'QUnitTestModules' );
373
374 $testSuiteModuleNames = [];
375 foreach ( $testModules as $name => &$module ) {
376 // Turn any single-module dependency into an array
377 if ( isset( $module['dependencies'] ) && is_string( $module['dependencies'] ) ) {
378 $module['dependencies'] = [ $module['dependencies'] ];
379 }
380
381 // Ensure the testrunner loads before any test suites
382 $module['dependencies'][] = 'test.mediawiki.qunit.testrunner';
383
384 // Keep track of the test suites to load on SpecialJavaScriptTest
385 $testSuiteModuleNames[] = $name;
386 }
387
388 // Core test suites (their names have further precedence).
389 $testModules = ( include "$IP/tests/qunit/QUnitTestResources.php" ) + $testModules;
390 $testSuiteModuleNames[] = 'test.mediawiki.qunit.suites';
391
392 $this->register( $testModules );
393 $this->testSuiteModuleNames = $testSuiteModuleNames;
394 }
395
396 /**
397 * Add a foreign source of modules.
398 *
399 * Source IDs are typically the same as the Wiki ID or database name (e.g. lowercase a-z).
400 *
401 * @param array|string $id Source ID (string), or [ id1 => loadUrl, id2 => loadUrl, ... ]
402 * @param string|array|null $loadUrl load.php url (string), or array with loadUrl key for
403 * backwards-compatibility.
404 * @throws MWException
405 */
406 public function addSource( $id, $loadUrl = null ) {
407 // Allow multiple sources to be registered in one call
408 if ( is_array( $id ) ) {
409 foreach ( $id as $key => $value ) {
410 $this->addSource( $key, $value );
411 }
412 return;
413 }
414
415 // Disallow duplicates
416 if ( isset( $this->sources[$id] ) ) {
417 throw new MWException(
418 'ResourceLoader duplicate source addition error. ' .
419 'Another source has already been registered as ' . $id
420 );
421 }
422
423 // Pre 1.24 backwards-compatibility
424 if ( is_array( $loadUrl ) ) {
425 if ( !isset( $loadUrl['loadScript'] ) ) {
426 throw new MWException(
427 __METHOD__ . ' was passed an array with no "loadScript" key.'
428 );
429 }
430
431 $loadUrl = $loadUrl['loadScript'];
432 }
433
434 $this->sources[$id] = $loadUrl;
435 }
436
437 /**
438 * Get a list of module names.
439 *
440 * @return array List of module names
441 */
442 public function getModuleNames() {
443 return array_keys( $this->moduleInfos );
444 }
445
446 /**
447 * Get a list of module names with QUnit test suites.
448 *
449 * @internal For use by SpecialJavaScriptTest only
450 * @return array
451 * @codeCoverageIgnore
452 */
453 public function getTestSuiteModuleNames() {
454 return $this->testSuiteModuleNames;
455 }
456
457 /**
458 * Check whether a ResourceLoader module is registered
459 *
460 * @since 1.25
461 * @param string $name
462 * @return bool
463 */
464 public function isModuleRegistered( $name ) {
465 return isset( $this->moduleInfos[$name] );
466 }
467
468 /**
469 * Get the ResourceLoaderModule object for a given module name.
470 *
471 * If an array of module parameters exists but a ResourceLoaderModule object has not
472 * yet been instantiated, this method will instantiate and cache that object such that
473 * subsequent calls simply return the same object.
474 *
475 * @param string $name Module name
476 * @return ResourceLoaderModule|null If module has been registered, return a
477 * ResourceLoaderModule instance. Otherwise, return null.
478 */
479 public function getModule( $name ) {
480 if ( !isset( $this->modules[$name] ) ) {
481 if ( !isset( $this->moduleInfos[$name] ) ) {
482 // No such module
483 return null;
484 }
485 // Construct the requested module object
486 $info = $this->moduleInfos[$name];
487 if ( isset( $info['factory'] ) ) {
488 /** @var ResourceLoaderModule $object */
489 $object = call_user_func( $info['factory'], $info );
490 } else {
491 $class = $info['class'] ?? ResourceLoaderFileModule::class;
492 /** @var ResourceLoaderModule $object */
493 $object = new $class( $info );
494 }
495 $object->setConfig( $this->getConfig() );
496 $object->setLogger( $this->logger );
497 $object->setName( $name );
498 $this->modules[$name] = $object;
499 }
500
501 return $this->modules[$name];
502 }
503
504 /**
505 * Whether the module is a ResourceLoaderFileModule (including subclasses).
506 *
507 * @param string $name Module name
508 * @return bool
509 */
510 protected function isFileModule( $name ) {
511 if ( !isset( $this->moduleInfos[$name] ) ) {
512 return false;
513 }
514 $info = $this->moduleInfos[$name];
515 return !isset( $info['factory'] ) && (
516 // The implied default for 'class' is ResourceLoaderFileModule
517 !isset( $info['class'] ) ||
518 // Explicit default
519 $info['class'] === ResourceLoaderFileModule::class ||
520 is_subclass_of( $info['class'], ResourceLoaderFileModule::class )
521 );
522 }
523
524 /**
525 * Get the list of sources.
526 *
527 * @return array Like [ id => load.php url, ... ]
528 */
529 public function getSources() {
530 return $this->sources;
531 }
532
533 /**
534 * Get the URL to the load.php endpoint for the given
535 * ResourceLoader source
536 *
537 * @since 1.24
538 * @param string $source
539 * @throws MWException On an invalid $source name
540 * @return string
541 */
542 public function getLoadScript( $source ) {
543 if ( !isset( $this->sources[$source] ) ) {
544 throw new MWException( "The $source source was never registered in ResourceLoader." );
545 }
546 return $this->sources[$source];
547 }
548
549 /**
550 * @internal For use by ResourceLoaderStartUpModule only.
551 */
552 const HASH_LENGTH = 5;
553
554 /**
555 * Create a hash for module versioning purposes.
556 *
557 * This hash is used in three ways:
558 *
559 * - To differentiate between the current version and a past version
560 * of a module by the same name.
561 *
562 * In the cache key of localStorage in the browser (mw.loader.store).
563 * This store keeps only one version of any given module. As long as the
564 * next version the client encounters has a different hash from the last
565 * version it saw, it will correctly discard it in favour of a network fetch.
566 *
567 * A browser may evict a site's storage container for any reason (e.g. when
568 * the user hasn't visited a site for some time, and/or when the device is
569 * low on storage space). Anecdotally it seems devices rarely keep unused
570 * storage beyond 2 weeks on mobile devices and 4 weeks on desktop.
571 * But, there is no hard limit or expiration on localStorage.
572 * ResourceLoader's Client also clears localStorage when the user changes
573 * their language preference or when they (temporarily) use Debug Mode.
574 *
575 * The only hard factors that reduce the range of possible versions are
576 * 1) the name and existence of a given module, and
577 * 2) the TTL for mw.loader.store, and
578 * 3) the `$wgResourceLoaderStorageVersion` configuration variable.
579 *
580 * - To identify a batch response of modules from load.php in an HTTP cache.
581 *
582 * When fetching modules in a batch from load.php, a combined hash
583 * is created by the JS code, and appended as query parameter.
584 *
585 * In cache proxies (e.g. Varnish, Nginx) and in the browser's HTTP cache,
586 * these urls are used to identify other previously cached responses.
587 * The range of possible versions a given version has to be unique amongst
588 * is determined by the maximum duration each response is stored for, which
589 * is controlled by `$wgResourceLoaderMaxage['versioned']`.
590 *
591 * - To detect race conditions between multiple web servers in a MediaWiki
592 * deployment of which some have the newer version and some still the older
593 * version.
594 *
595 * An HTTP request from a browser for the Startup manifest may be responded
596 * to by a server with the newer version. The browser may then use that to
597 * request a given module, which may then be responded to by a server with
598 * the older version. To avoid caching this for too long (which would pollute
599 * all other users without repairing itself), the combined hash that the JS
600 * client adds to the url is verified by the server (in ::sendResponseHeaders).
601 * If they don't match, we instruct cache proxies and clients to not cache
602 * this response as long as they normally would. This is also the reason
603 * that the algorithm used here in PHP must match the one used in JS.
604 *
605 * The fnv132 digest creates a 32-bit integer, which goes upto 4 Giga and
606 * needs up to 7 chars in base 36.
607 * Within 7 characters, base 36 can count up to 78,364,164,096 (78 Giga),
608 * (but with fnv132 we'd use very little of this range, mostly padding).
609 * Within 6 characters, base 36 can count up to 2,176,782,336 (2 Giga).
610 * Within 5 characters, base 36 can count up to 60,466,176 (60 Mega).
611 *
612 * @since 1.26
613 * @param string $value
614 * @return string Hash
615 */
616 public static function makeHash( $value ) {
617 $hash = hash( 'fnv132', $value );
618 // The base_convert will pad it (if too short),
619 // then substr() will trim it (if too long).
620 return substr(
621 Wikimedia\base_convert( $hash, 16, 36, self::HASH_LENGTH ),
622 0,
623 self::HASH_LENGTH
624 );
625 }
626
627 /**
628 * Add an error to the 'errors' array and log it.
629 *
630 * @private For internal use by ResourceLoader and ResourceLoaderStartUpModule.
631 * @since 1.29
632 * @param Exception $e
633 * @param string $msg
634 * @param array $context
635 */
636 public function outputErrorAndLog( Exception $e, $msg, array $context = [] ) {
637 MWExceptionHandler::logException( $e );
638 $this->logger->warning(
639 $msg,
640 $context + [ 'exception' => $e ]
641 );
642 $this->errors[] = self::formatExceptionNoComment( $e );
643 }
644
645 /**
646 * Helper method to get and combine versions of multiple modules.
647 *
648 * @since 1.26
649 * @param ResourceLoaderContext $context
650 * @param string[] $moduleNames List of known module names
651 * @return string Hash
652 */
653 public function getCombinedVersion( ResourceLoaderContext $context, array $moduleNames ) {
654 if ( !$moduleNames ) {
655 return '';
656 }
657 $hashes = array_map( function ( $module ) use ( $context ) {
658 try {
659 return $this->getModule( $module )->getVersionHash( $context );
660 } catch ( Exception $e ) {
661 // If modules fail to compute a version, don't fail the request (T152266)
662 // and still compute versions of other modules.
663 $this->outputErrorAndLog( $e,
664 'Calculating version for "{module}" failed: {exception}',
665 [
666 'module' => $module,
667 ]
668 );
669 return '';
670 }
671 }, $moduleNames );
672 return self::makeHash( implode( '', $hashes ) );
673 }
674
675 /**
676 * Get the expected value of the 'version' query parameter.
677 *
678 * This is used by respond() to set a short Cache-Control header for requests with
679 * information newer than the current server has. This avoids pollution of edge caches.
680 * Typically during deployment. (T117587)
681 *
682 * This MUST match return value of `mw.loader#getCombinedVersion()` client-side.
683 *
684 * @since 1.28
685 * @param ResourceLoaderContext $context
686 * @return string Hash
687 */
688 public function makeVersionQuery( ResourceLoaderContext $context ) {
689 // As of MediaWiki 1.28, the server and client use the same algorithm for combining
690 // version hashes. There is no technical reason for this to be same, and for years the
691 // implementations differed. If getCombinedVersion in PHP (used for StartupModule and
692 // E-Tag headers) differs in the future from getCombinedVersion in JS (used for 'version'
693 // query parameter), then this method must continue to match the JS one.
694 $moduleNames = [];
695 foreach ( $context->getModules() as $name ) {
696 if ( !$this->getModule( $name ) ) {
697 // If a versioned request contains a missing module, the version is a mismatch
698 // as the client considered a module (and version) we don't have.
699 return '';
700 }
701 $moduleNames[] = $name;
702 }
703 return $this->getCombinedVersion( $context, $moduleNames );
704 }
705
706 /**
707 * Output a response to a load request, including the content-type header.
708 *
709 * @param ResourceLoaderContext $context Context in which a response should be formed
710 */
711 public function respond( ResourceLoaderContext $context ) {
712 // Buffer output to catch warnings. Normally we'd use ob_clean() on the
713 // top-level output buffer to clear warnings, but that breaks when ob_gzhandler
714 // is used: ob_clean() will clear the GZIP header in that case and it won't come
715 // back for subsequent output, resulting in invalid GZIP. So we have to wrap
716 // the whole thing in our own output buffer to be sure the active buffer
717 // doesn't use ob_gzhandler.
718 // See https://bugs.php.net/bug.php?id=36514
719 ob_start();
720
721 $this->measureResponseTime( RequestContext::getMain()->getTiming() );
722
723 // Find out which modules are missing and instantiate the others
724 $modules = [];
725 $missing = [];
726 foreach ( $context->getModules() as $name ) {
727 $module = $this->getModule( $name );
728 if ( $module ) {
729 // Do not allow private modules to be loaded from the web.
730 // This is a security issue, see T36907.
731 if ( $module->getGroup() === 'private' ) {
732 // Not a serious error, just means something is trying to access it (T101806)
733 $this->logger->debug( "Request for private module '$name' denied" );
734 $this->errors[] = "Cannot build private module \"$name\"";
735 continue;
736 }
737 $modules[$name] = $module;
738 } else {
739 $missing[] = $name;
740 }
741 }
742
743 try {
744 // Preload for getCombinedVersion() and for batch makeModuleResponse()
745 $this->preloadModuleInfo( array_keys( $modules ), $context );
746 } catch ( Exception $e ) {
747 $this->outputErrorAndLog( $e, 'Preloading module info failed: {exception}' );
748 }
749
750 // Combine versions to propagate cache invalidation
751 $versionHash = '';
752 try {
753 $versionHash = $this->getCombinedVersion( $context, array_keys( $modules ) );
754 } catch ( Exception $e ) {
755 $this->outputErrorAndLog( $e, 'Calculating version hash failed: {exception}' );
756 }
757
758 // See RFC 2616 § 3.11 Entity Tags
759 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11
760 $etag = 'W/"' . $versionHash . '"';
761
762 // Try the client-side cache first
763 if ( $this->tryRespondNotModified( $context, $etag ) ) {
764 return; // output handled (buffers cleared)
765 }
766
767 // Use file cache if enabled and available...
768 if ( $this->config->get( 'UseFileCache' ) ) {
769 $fileCache = ResourceFileCache::newFromContext( $context );
770 if ( $this->tryRespondFromFileCache( $fileCache, $context, $etag ) ) {
771 return; // output handled
772 }
773 } else {
774 $fileCache = null;
775 }
776
777 // Generate a response
778 $response = $this->makeModuleResponse( $context, $modules, $missing );
779
780 // Capture any PHP warnings from the output buffer and append them to the
781 // error list if we're in debug mode.
782 if ( $context->getDebug() ) {
783 $warnings = ob_get_contents();
784 if ( strlen( $warnings ) ) {
785 $this->errors[] = $warnings;
786 }
787 }
788
789 // Consider saving the response to file cache (unless there are errors).
790 if ( $fileCache &&
791 !$this->errors &&
792 $missing === [] &&
793 ResourceFileCache::useFileCache( $context )
794 ) {
795 if ( $fileCache->isCacheWorthy() ) {
796 // There were enough hits, save the response to the cache
797 $fileCache->saveText( $response );
798 } else {
799 $fileCache->incrMissesRecent( $context->getRequest() );
800 }
801 }
802
803 $this->sendResponseHeaders( $context, $etag, (bool)$this->errors, $this->extraHeaders );
804
805 // Remove the output buffer and output the response
806 ob_end_clean();
807
808 if ( $context->getImageObj() && $this->errors ) {
809 // We can't show both the error messages and the response when it's an image.
810 $response = implode( "\n\n", $this->errors );
811 } elseif ( $this->errors ) {
812 $errorText = implode( "\n\n", $this->errors );
813 $errorResponse = self::makeComment( $errorText );
814 if ( $context->shouldIncludeScripts() ) {
815 $errorResponse .= 'if (window.console && console.error) { console.error('
816 . $context->encodeJson( $errorText )
817 . "); }\n";
818 }
819
820 // Prepend error info to the response
821 $response = $errorResponse . $response;
822 }
823
824 $this->errors = [];
825 echo $response;
826 }
827
828 protected function measureResponseTime( Timing $timing ) {
829 DeferredUpdates::addCallableUpdate( function () use ( $timing ) {
830 $measure = $timing->measure( 'responseTime', 'requestStart', 'requestShutdown' );
831 if ( $measure !== false ) {
832 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
833 $stats->timing( 'resourceloader.responseTime', $measure['duration'] * 1000 );
834 }
835 } );
836 }
837
838 /**
839 * Send main response headers to the client.
840 *
841 * Deals with Content-Type, CORS (for stylesheets), and caching.
842 *
843 * @param ResourceLoaderContext $context
844 * @param string $etag ETag header value
845 * @param bool $errors Whether there are errors in the response
846 * @param string[] $extra Array of extra HTTP response headers
847 * @return void
848 */
849 protected function sendResponseHeaders(
850 ResourceLoaderContext $context, $etag, $errors, array $extra = []
851 ) {
852 \MediaWiki\HeaderCallback::warnIfHeadersSent();
853 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
854 // Use a short cache expiry so that updates propagate to clients quickly, if:
855 // - No version specified (shared resources, e.g. stylesheets)
856 // - There were errors (recover quickly)
857 // - Version mismatch (T117587, T47877)
858 if ( is_null( $context->getVersion() )
859 || $errors
860 || $context->getVersion() !== $this->makeVersionQuery( $context )
861 ) {
862 $maxage = $rlMaxage['unversioned']['client'];
863 $smaxage = $rlMaxage['unversioned']['server'];
864 // If a version was specified we can use a longer expiry time since changing
865 // version numbers causes cache misses
866 } else {
867 $maxage = $rlMaxage['versioned']['client'];
868 $smaxage = $rlMaxage['versioned']['server'];
869 }
870 if ( $context->getImageObj() ) {
871 // Output different headers if we're outputting textual errors.
872 if ( $errors ) {
873 header( 'Content-Type: text/plain; charset=utf-8' );
874 } else {
875 $context->getImageObj()->sendResponseHeaders( $context );
876 }
877 } elseif ( $context->getOnly() === 'styles' ) {
878 header( 'Content-Type: text/css; charset=utf-8' );
879 header( 'Access-Control-Allow-Origin: *' );
880 } else {
881 header( 'Content-Type: text/javascript; charset=utf-8' );
882 }
883 // See RFC 2616 § 14.19 ETag
884 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.19
885 header( 'ETag: ' . $etag );
886 if ( $context->getDebug() ) {
887 // Do not cache debug responses
888 header( 'Cache-Control: private, no-cache, must-revalidate' );
889 header( 'Pragma: no-cache' );
890 } else {
891 header( "Cache-Control: public, max-age=$maxage, s-maxage=$smaxage" );
892 $exp = min( $maxage, $smaxage );
893 header( 'Expires: ' . wfTimestamp( TS_RFC2822, $exp + time() ) );
894 }
895 foreach ( $extra as $header ) {
896 header( $header );
897 }
898 }
899
900 /**
901 * Respond with HTTP 304 Not Modified if appropiate.
902 *
903 * If there's an If-None-Match header, respond with a 304 appropriately
904 * and clear out the output buffer. If the client cache is too old then do nothing.
905 *
906 * @param ResourceLoaderContext $context
907 * @param string $etag ETag header value
908 * @return bool True if HTTP 304 was sent and output handled
909 */
910 protected function tryRespondNotModified( ResourceLoaderContext $context, $etag ) {
911 // See RFC 2616 § 14.26 If-None-Match
912 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26
913 $clientKeys = $context->getRequest()->getHeader( 'If-None-Match', WebRequest::GETHEADER_LIST );
914 // Never send 304s in debug mode
915 if ( $clientKeys !== false && !$context->getDebug() && in_array( $etag, $clientKeys ) ) {
916 // There's another bug in ob_gzhandler (see also the comment at
917 // the top of this function) that causes it to gzip even empty
918 // responses, meaning it's impossible to produce a truly empty
919 // response (because the gzip header is always there). This is
920 // a problem because 304 responses have to be completely empty
921 // per the HTTP spec, and Firefox behaves buggily when they're not.
922 // See also https://bugs.php.net/bug.php?id=51579
923 // To work around this, we tear down all output buffering before
924 // sending the 304.
925 wfResetOutputBuffers( /* $resetGzipEncoding = */ true );
926
927 HttpStatus::header( 304 );
928
929 $this->sendResponseHeaders( $context, $etag, false );
930 return true;
931 }
932 return false;
933 }
934
935 /**
936 * Send out code for a response from file cache if possible.
937 *
938 * @param ResourceFileCache $fileCache Cache object for this request URL
939 * @param ResourceLoaderContext $context Context in which to generate a response
940 * @param string $etag ETag header value
941 * @return bool If this found a cache file and handled the response
942 */
943 protected function tryRespondFromFileCache(
944 ResourceFileCache $fileCache,
945 ResourceLoaderContext $context,
946 $etag
947 ) {
948 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
949 // Buffer output to catch warnings.
950 ob_start();
951 // Get the maximum age the cache can be
952 $maxage = is_null( $context->getVersion() )
953 ? $rlMaxage['unversioned']['server']
954 : $rlMaxage['versioned']['server'];
955 // Minimum timestamp the cache file must have
956 $good = $fileCache->isCacheGood( wfTimestamp( TS_MW, time() - $maxage ) );
957 if ( !$good ) {
958 try { // RL always hits the DB on file cache miss...
959 wfGetDB( DB_REPLICA );
960 } catch ( DBConnectionError $e ) { // ...check if we need to fallback to cache
961 $good = $fileCache->isCacheGood(); // cache existence check
962 }
963 }
964 if ( $good ) {
965 $ts = $fileCache->cacheTimestamp();
966 // Send content type and cache headers
967 $this->sendResponseHeaders( $context, $etag, false );
968 $response = $fileCache->fetchText();
969 // Capture any PHP warnings from the output buffer and append them to the
970 // response in a comment if we're in debug mode.
971 if ( $context->getDebug() ) {
972 $warnings = ob_get_contents();
973 if ( strlen( $warnings ) ) {
974 $response = self::makeComment( $warnings ) . $response;
975 }
976 }
977 // Remove the output buffer and output the response
978 ob_end_clean();
979 echo $response . "\n/* Cached {$ts} */";
980 return true; // cache hit
981 }
982 // Clear buffer
983 ob_end_clean();
984
985 return false; // cache miss
986 }
987
988 /**
989 * Generate a CSS or JS comment block.
990 *
991 * Only use this for public data, not error message details.
992 *
993 * @param string $text
994 * @return string
995 */
996 public static function makeComment( $text ) {
997 $encText = str_replace( '*/', '* /', $text );
998 return "/*\n$encText\n*/\n";
999 }
1000
1001 /**
1002 * Handle exception display.
1003 *
1004 * @param Exception $e Exception to be shown to the user
1005 * @return string Sanitized text in a CSS/JS comment that can be returned to the user
1006 */
1007 public static function formatException( $e ) {
1008 return self::makeComment( self::formatExceptionNoComment( $e ) );
1009 }
1010
1011 /**
1012 * Handle exception display.
1013 *
1014 * @since 1.25
1015 * @param Exception $e Exception to be shown to the user
1016 * @return string Sanitized text that can be returned to the user
1017 */
1018 protected static function formatExceptionNoComment( $e ) {
1019 global $wgShowExceptionDetails;
1020
1021 if ( !$wgShowExceptionDetails ) {
1022 return MWExceptionHandler::getPublicLogMessage( $e );
1023 }
1024
1025 return MWExceptionHandler::getLogMessage( $e ) .
1026 "\nBacktrace:\n" .
1027 MWExceptionHandler::getRedactedTraceAsString( $e );
1028 }
1029
1030 /**
1031 * Generate code for a response.
1032 *
1033 * Calling this method also populates the `errors` and `headers` members,
1034 * later used by respond().
1035 *
1036 * @param ResourceLoaderContext $context Context in which to generate a response
1037 * @param ResourceLoaderModule[] $modules List of module objects keyed by module name
1038 * @param string[] $missing List of requested module names that are unregistered (optional)
1039 * @return string Response data
1040 */
1041 public function makeModuleResponse( ResourceLoaderContext $context,
1042 array $modules, array $missing = []
1043 ) {
1044 $out = '';
1045 $states = [];
1046
1047 if ( $modules === [] && $missing === [] ) {
1048 return <<<MESSAGE
1049 /* This file is the Web entry point for MediaWiki's ResourceLoader:
1050 <https://www.mediawiki.org/wiki/ResourceLoader>. In this request,
1051 no modules were requested. Max made me put this here. */
1052 MESSAGE;
1053 }
1054
1055 $image = $context->getImageObj();
1056 if ( $image ) {
1057 $data = $image->getImageData( $context );
1058 if ( $data === false ) {
1059 $data = '';
1060 $this->errors[] = 'Image generation failed';
1061 }
1062 return $data;
1063 }
1064
1065 foreach ( $missing as $name ) {
1066 $states[$name] = 'missing';
1067 }
1068
1069 $filter = $context->getOnly() === 'styles' ? 'minify-css' : 'minify-js';
1070
1071 foreach ( $modules as $name => $module ) {
1072 try {
1073 $content = $module->getModuleContent( $context );
1074 $implementKey = $name . '@' . $module->getVersionHash( $context );
1075 $strContent = '';
1076
1077 if ( isset( $content['headers'] ) ) {
1078 $this->extraHeaders = array_merge( $this->extraHeaders, $content['headers'] );
1079 }
1080
1081 // Append output
1082 switch ( $context->getOnly() ) {
1083 case 'scripts':
1084 $scripts = $content['scripts'];
1085 if ( is_string( $scripts ) ) {
1086 // Load scripts raw...
1087 $strContent = $scripts;
1088 } elseif ( is_array( $scripts ) ) {
1089 // ...except when $scripts is an array of URLs or an associative array
1090 $strContent = self::makeLoaderImplementScript(
1091 $context,
1092 $implementKey,
1093 $scripts,
1094 [],
1095 [],
1096 []
1097 );
1098 }
1099 break;
1100 case 'styles':
1101 $styles = $content['styles'];
1102 // We no longer separate into media, they are all combined now with
1103 // custom media type groups into @media .. {} sections as part of the css string.
1104 // Module returns either an empty array or a numerical array with css strings.
1105 $strContent = isset( $styles['css'] ) ? implode( '', $styles['css'] ) : '';
1106 break;
1107 default:
1108 $scripts = $content['scripts'] ?? '';
1109 if ( is_string( $scripts ) ) {
1110 if ( $name === 'site' || $name === 'user' ) {
1111 // Legacy scripts that run in the global scope without a closure.
1112 // mw.loader.implement will use globalEval if scripts is a string.
1113 // Minify manually here, because general response minification is
1114 // not effective due it being a string literal, not a function.
1115 if ( !$context->getDebug() ) {
1116 $scripts = self::filter( 'minify-js', $scripts ); // T107377
1117 }
1118 } else {
1119 $scripts = new XmlJsCode( $scripts );
1120 }
1121 }
1122 $strContent = self::makeLoaderImplementScript(
1123 $context,
1124 $implementKey,
1125 $scripts,
1126 $content['styles'] ?? [],
1127 isset( $content['messagesBlob'] ) ? new XmlJsCode( $content['messagesBlob'] ) : [],
1128 $content['templates'] ?? []
1129 );
1130 break;
1131 }
1132
1133 if ( !$context->getDebug() ) {
1134 $strContent = self::filter( $filter, $strContent );
1135 } else {
1136 // In debug mode, separate each response by a new line.
1137 // For example, between 'mw.loader.implement();' statements.
1138 $strContent = $this->ensureNewline( $strContent );
1139 }
1140
1141 if ( $context->getOnly() === 'scripts' ) {
1142 // Use a linebreak between module scripts (T162719)
1143 $out .= $this->ensureNewline( $strContent );
1144 } else {
1145 $out .= $strContent;
1146 }
1147
1148 } catch ( Exception $e ) {
1149 $this->outputErrorAndLog( $e, 'Generating module package failed: {exception}' );
1150
1151 // Respond to client with error-state instead of module implementation
1152 $states[$name] = 'error';
1153 unset( $modules[$name] );
1154 }
1155 }
1156
1157 // Update module states
1158 if ( $context->shouldIncludeScripts() && !$context->getRaw() ) {
1159 if ( $modules && $context->getOnly() === 'scripts' ) {
1160 // Set the state of modules loaded as only scripts to ready as
1161 // they don't have an mw.loader.implement wrapper that sets the state
1162 foreach ( $modules as $name => $module ) {
1163 $states[$name] = 'ready';
1164 }
1165 }
1166
1167 // Set the state of modules we didn't respond to with mw.loader.implement
1168 if ( $states ) {
1169 $stateScript = self::makeLoaderStateScript( $context, $states );
1170 if ( !$context->getDebug() ) {
1171 $stateScript = self::filter( 'minify-js', $stateScript );
1172 }
1173 // Use a linebreak between module script and state script (T162719)
1174 $out = $this->ensureNewline( $out ) . $stateScript;
1175 }
1176 } elseif ( $states ) {
1177 $this->errors[] = 'Problematic modules: '
1178 . $context->encodeJson( $states );
1179 }
1180
1181 return $out;
1182 }
1183
1184 /**
1185 * Ensure the string is either empty or ends in a line break
1186 * @param string $str
1187 * @return string
1188 */
1189 private function ensureNewline( $str ) {
1190 $end = substr( $str, -1 );
1191 if ( $end === false || $end === '' || $end === "\n" ) {
1192 return $str;
1193 }
1194 return $str . "\n";
1195 }
1196
1197 /**
1198 * Get names of modules that use a certain message.
1199 *
1200 * @param string $messageKey
1201 * @return array List of module names
1202 */
1203 public function getModulesByMessage( $messageKey ) {
1204 $moduleNames = [];
1205 foreach ( $this->getModuleNames() as $moduleName ) {
1206 $module = $this->getModule( $moduleName );
1207 if ( in_array( $messageKey, $module->getMessages() ) ) {
1208 $moduleNames[] = $moduleName;
1209 }
1210 }
1211 return $moduleNames;
1212 }
1213
1214 /**
1215 * Return JS code that calls mw.loader.implement with given module properties.
1216 *
1217 * @param ResourceLoaderContext $context
1218 * @param string $name Module name or implement key (format "`[name]@[version]`")
1219 * @param XmlJsCode|array|string $scripts Code as XmlJsCode (to be wrapped in a closure),
1220 * list of URLs to JavaScript files, string of JavaScript for `$.globalEval`, or array with
1221 * 'files' and 'main' properties (see ResourceLoaderModule::getScript())
1222 * @param mixed $styles Array of CSS strings keyed by media type, or an array of lists of URLs
1223 * to CSS files keyed by media type
1224 * @param mixed $messages List of messages associated with this module. May either be an
1225 * associative array mapping message key to value, or a JSON-encoded message blob containing
1226 * the same data, wrapped in an XmlJsCode object.
1227 * @param array $templates Keys are name of templates and values are the source of
1228 * the template.
1229 * @throws MWException
1230 * @return string JavaScript code
1231 */
1232 private static function makeLoaderImplementScript(
1233 ResourceLoaderContext $context, $name, $scripts, $styles, $messages, $templates
1234 ) {
1235 if ( $scripts instanceof XmlJsCode ) {
1236 if ( $scripts->value === '' ) {
1237 $scripts = null;
1238 } elseif ( $context->getDebug() ) {
1239 $scripts = new XmlJsCode( "function ( $, jQuery, require, module ) {\n{$scripts->value}\n}" );
1240 } else {
1241 $scripts = new XmlJsCode( 'function($,jQuery,require,module){' . $scripts->value . '}' );
1242 }
1243 } elseif ( is_array( $scripts ) && isset( $scripts['files'] ) ) {
1244 $files = $scripts['files'];
1245 foreach ( $files as $path => &$file ) {
1246 // $file is changed (by reference) from a descriptor array to the content of the file
1247 // All of these essentially do $file = $file['content'];, some just have wrapping around it
1248 if ( $file['type'] === 'script' ) {
1249 // Multi-file modules only get two parameters ($ and jQuery are being phased out)
1250 if ( $context->getDebug() ) {
1251 $file = new XmlJsCode( "function ( require, module ) {\n{$file['content']}\n}" );
1252 } else {
1253 $file = new XmlJsCode( 'function(require,module){' . $file['content'] . '}' );
1254 }
1255 } else {
1256 $file = $file['content'];
1257 }
1258 }
1259 $scripts = XmlJsCode::encodeObject( [
1260 'main' => $scripts['main'],
1261 'files' => XmlJsCode::encodeObject( $files, $context->getDebug() )
1262 ], $context->getDebug() );
1263 } elseif ( !is_string( $scripts ) && !is_array( $scripts ) ) {
1264 throw new MWException( 'Invalid scripts error. Array of URLs or string of code expected.' );
1265 }
1266
1267 // mw.loader.implement requires 'styles', 'messages' and 'templates' to be objects (not
1268 // arrays). json_encode considers empty arrays to be numerical and outputs "[]" instead
1269 // of "{}". Force them to objects.
1270 $module = [
1271 $name,
1272 $scripts,
1273 (object)$styles,
1274 (object)$messages,
1275 (object)$templates
1276 ];
1277 self::trimArray( $module );
1278
1279 return Xml::encodeJsCall( 'mw.loader.implement', $module, $context->getDebug() );
1280 }
1281
1282 /**
1283 * Returns JS code which, when called, will register a given list of messages.
1284 *
1285 * @param mixed $messages Associative array mapping message key to value.
1286 * @return string JavaScript code
1287 */
1288 public static function makeMessageSetScript( $messages ) {
1289 return 'mw.messages.set('
1290 . self::encodeJsonForScript( (object)$messages )
1291 . ');';
1292 }
1293
1294 /**
1295 * Combines an associative array mapping media type to CSS into a
1296 * single stylesheet with "@media" blocks.
1297 *
1298 * @param array $stylePairs Array keyed by media type containing (arrays of) CSS strings
1299 * @return array
1300 */
1301 public static function makeCombinedStyles( array $stylePairs ) {
1302 $out = [];
1303 foreach ( $stylePairs as $media => $styles ) {
1304 // ResourceLoaderFileModule::getStyle can return the styles
1305 // as a string or an array of strings. This is to allow separation in
1306 // the front-end.
1307 $styles = (array)$styles;
1308 foreach ( $styles as $style ) {
1309 $style = trim( $style );
1310 // Don't output an empty "@media print { }" block (T42498)
1311 if ( $style !== '' ) {
1312 // Transform the media type based on request params and config
1313 // The way that this relies on $wgRequest to propagate request params is slightly evil
1314 $media = OutputPage::transformCssMedia( $media );
1315
1316 if ( $media === '' || $media == 'all' ) {
1317 $out[] = $style;
1318 } elseif ( is_string( $media ) ) {
1319 $out[] = "@media $media {\n" . str_replace( "\n", "\n\t", "\t" . $style ) . "}";
1320 }
1321 // else: skip
1322 }
1323 }
1324 }
1325 return $out;
1326 }
1327
1328 /**
1329 * Wrapper around json_encode that avoids needless escapes,
1330 * and pretty-prints in debug mode.
1331 *
1332 * @internal
1333 * @since 1.32
1334 * @param mixed $data
1335 * @return string|false JSON string, false on error
1336 */
1337 public static function encodeJsonForScript( $data ) {
1338 // Keep output as small as possible by disabling needless escape modes
1339 // that PHP uses by default.
1340 // However, while most module scripts are only served on HTTP responses
1341 // for JavaScript, some modules can also be embedded in the HTML as inline
1342 // scripts. This, and the fact that we sometimes need to export strings
1343 // containing user-generated content and labels that may genuinely contain
1344 // a sequences like "</script>", we need to encode either '/' or '<'.
1345 // By default PHP escapes '/'. Let's escape '<' instead which is less common
1346 // and allows URLs to mostly remain readable.
1347 $jsonFlags = JSON_UNESCAPED_SLASHES |
1348 JSON_UNESCAPED_UNICODE |
1349 JSON_HEX_TAG |
1350 JSON_HEX_AMP;
1351 if ( self::inDebugMode() ) {
1352 $jsonFlags |= JSON_PRETTY_PRINT;
1353 }
1354 return json_encode( $data, $jsonFlags );
1355 }
1356
1357 /**
1358 * Returns a JS call to mw.loader.state, which sets the state of one
1359 * ore more modules to a given value. Has two calling conventions:
1360 *
1361 * - ResourceLoader::makeLoaderStateScript( $context, $name, $state ):
1362 * Set the state of a single module called $name to $state
1363 *
1364 * - ResourceLoader::makeLoaderStateScript( $context, [ $name => $state, ... ] ):
1365 * Set the state of modules with the given names to the given states
1366 *
1367 * @internal
1368 * @param ResourceLoaderContext $context
1369 * @param array|string $states
1370 * @param string|null $state
1371 * @return string JavaScript code
1372 */
1373 public static function makeLoaderStateScript(
1374 ResourceLoaderContext $context, $states, $state = null
1375 ) {
1376 if ( !is_array( $states ) ) {
1377 $states = [ $states => $state ];
1378 }
1379 return 'mw.loader.state('
1380 . $context->encodeJson( $states )
1381 . ');';
1382 }
1383
1384 private static function isEmptyObject( stdClass $obj ) {
1385 foreach ( $obj as $key => $value ) {
1386 return false;
1387 }
1388 return true;
1389 }
1390
1391 /**
1392 * Remove empty values from the end of an array.
1393 *
1394 * Values considered empty:
1395 *
1396 * - null
1397 * - []
1398 * - new XmlJsCode( '{}' )
1399 * - new stdClass() // (object) []
1400 *
1401 * @param array $array
1402 */
1403 private static function trimArray( array &$array ) {
1404 $i = count( $array );
1405 while ( $i-- ) {
1406 if ( $array[$i] === null
1407 || $array[$i] === []
1408 || ( $array[$i] instanceof XmlJsCode && $array[$i]->value === '{}' )
1409 || ( $array[$i] instanceof stdClass && self::isEmptyObject( $array[$i] ) )
1410 ) {
1411 unset( $array[$i] );
1412 } else {
1413 break;
1414 }
1415 }
1416 }
1417
1418 /**
1419 * Returns JS code which calls mw.loader.register with the given
1420 * parameter.
1421 *
1422 * @par Example
1423 * @code
1424 *
1425 * ResourceLoader::makeLoaderRegisterScript( $context, [
1426 * [ $name1, $version1, $dependencies1, $group1, $source1, $skip1 ],
1427 * [ $name2, $version2, $dependencies1, $group2, $source2, $skip2 ],
1428 * ...
1429 * ] ):
1430 * @endcode
1431 *
1432 * @internal For use by ResourceLoaderStartUpModule only
1433 * @param ResourceLoaderContext $context
1434 * @param array $modules Array of module registration arrays, each containing
1435 * - string: module name
1436 * - string: module version
1437 * - array|null: List of dependencies (optional)
1438 * - string|null: Module group (optional)
1439 * - string|null: Name of foreign module source, or 'local' (optional)
1440 * - string|null: Script body of a skip function (optional)
1441 * @return string JavaScript code
1442 */
1443 public static function makeLoaderRegisterScript(
1444 ResourceLoaderContext $context, array $modules
1445 ) {
1446 // Optimisation: Transform dependency names into indexes when possible
1447 // to produce smaller output. They are expanded by mw.loader.register on
1448 // the other end using resolveIndexedDependencies().
1449 $index = [];
1450 foreach ( $modules as $i => &$module ) {
1451 // Build module name index
1452 $index[$module[0]] = $i;
1453 }
1454 foreach ( $modules as &$module ) {
1455 if ( isset( $module[2] ) ) {
1456 foreach ( $module[2] as &$dependency ) {
1457 if ( isset( $index[$dependency] ) ) {
1458 // Replace module name in dependency list with index
1459 $dependency = $index[$dependency];
1460 }
1461 }
1462 }
1463 }
1464
1465 array_walk( $modules, [ self::class, 'trimArray' ] );
1466
1467 return 'mw.loader.register('
1468 . $context->encodeJson( $modules )
1469 . ');';
1470 }
1471
1472 /**
1473 * Returns JS code which calls mw.loader.addSource() with the given
1474 * parameters. Has two calling conventions:
1475 *
1476 * - ResourceLoader::makeLoaderSourcesScript( $context, $id, $properties ):
1477 * Register a single source
1478 *
1479 * - ResourceLoader::makeLoaderSourcesScript( $context,
1480 * [ $id1 => $loadUrl, $id2 => $loadUrl, ... ]
1481 * );
1482 * Register sources with the given IDs and properties.
1483 *
1484 * @internal For use by ResourceLoaderStartUpModule only
1485 * @param ResourceLoaderContext $context
1486 * @param string|array $sources Source ID
1487 * @param string|null $loadUrl load.php url
1488 * @return string JavaScript code
1489 */
1490 public static function makeLoaderSourcesScript(
1491 ResourceLoaderContext $context, $sources, $loadUrl = null
1492 ) {
1493 if ( !is_array( $sources ) ) {
1494 $sources = [ $sources => $loadUrl ];
1495 }
1496 return 'mw.loader.addSource('
1497 . $context->encodeJson( $sources )
1498 . ');';
1499 }
1500
1501 /**
1502 * Wraps JavaScript code to run after the startup module.
1503 *
1504 * @param string $script JavaScript code
1505 * @return string JavaScript code
1506 */
1507 public static function makeLoaderConditionalScript( $script ) {
1508 // Adds a function to lazy-created RLQ
1509 return '(RLQ=window.RLQ||[]).push(function(){' .
1510 trim( $script ) . '});';
1511 }
1512
1513 /**
1514 * Wraps JavaScript code to run after a required module.
1515 *
1516 * @since 1.32
1517 * @param string|string[] $modules Module name(s)
1518 * @param string $script JavaScript code
1519 * @return string JavaScript code
1520 */
1521 public static function makeInlineCodeWithModule( $modules, $script ) {
1522 // Adds an array to lazy-created RLQ
1523 return '(RLQ=window.RLQ||[]).push(['
1524 . self::encodeJsonForScript( $modules ) . ','
1525 . 'function(){' . trim( $script ) . '}'
1526 . ']);';
1527 }
1528
1529 /**
1530 * Returns an HTML script tag that runs given JS code after startup and base modules.
1531 *
1532 * The code will be wrapped in a closure, and it will be executed by ResourceLoader's
1533 * startup module if the client has adequate support for MediaWiki JavaScript code.
1534 *
1535 * @param string $script JavaScript code
1536 * @param string|null $nonce [optional] Content-Security-Policy nonce
1537 * (from OutputPage::getCSPNonce)
1538 * @return string|WrappedString HTML
1539 */
1540 public static function makeInlineScript( $script, $nonce = null ) {
1541 $js = self::makeLoaderConditionalScript( $script );
1542 $escNonce = '';
1543 if ( $nonce === null ) {
1544 wfWarn( __METHOD__ . " did not get nonce. Will break CSP" );
1545 } elseif ( $nonce !== false ) {
1546 // If it was false, CSP is disabled, so no nonce attribute.
1547 // Nonce should be only base64 characters, so should be safe,
1548 // but better to be safely escaped than sorry.
1549 $escNonce = ' nonce="' . htmlspecialchars( $nonce ) . '"';
1550 }
1551
1552 return new WrappedString(
1553 Html::inlineScript( $js, $nonce ),
1554 "<script$escNonce>(RLQ=window.RLQ||[]).push(function(){",
1555 '});</script>'
1556 );
1557 }
1558
1559 /**
1560 * Returns JS code which will set the MediaWiki configuration array to
1561 * the given value.
1562 *
1563 * @param array $configuration List of configuration values keyed by variable name
1564 * @return string JavaScript code
1565 * @throws Exception
1566 */
1567 public static function makeConfigSetScript( array $configuration ) {
1568 $json = self::encodeJsonForScript( $configuration );
1569 if ( $json === false ) {
1570 $e = new Exception(
1571 'JSON serialization of config data failed. ' .
1572 'This usually means the config data is not valid UTF-8.'
1573 );
1574 MWExceptionHandler::logException( $e );
1575 return 'mw.log.error(' . self::encodeJsonForScript( $e->__toString() ) . ');';
1576 }
1577 return "mw.config.set($json);";
1578 }
1579
1580 /**
1581 * Convert an array of module names to a packed query string.
1582 *
1583 * For example, `[ 'foo.bar', 'foo.baz', 'bar.baz', 'bar.quux' ]`
1584 * becomes `'foo.bar,baz|bar.baz,quux'`.
1585 *
1586 * This process is reversed by ResourceLoader::expandModuleNames().
1587 * See also mw.loader#buildModulesString() which is a port of this, used
1588 * on the client-side.
1589 *
1590 * @param array $modules List of module names (strings)
1591 * @return string Packed query string
1592 */
1593 public static function makePackedModulesString( $modules ) {
1594 $moduleMap = []; // [ prefix => [ suffixes ] ]
1595 foreach ( $modules as $module ) {
1596 $pos = strrpos( $module, '.' );
1597 $prefix = $pos === false ? '' : substr( $module, 0, $pos );
1598 $suffix = $pos === false ? $module : substr( $module, $pos + 1 );
1599 $moduleMap[$prefix][] = $suffix;
1600 }
1601
1602 $arr = [];
1603 foreach ( $moduleMap as $prefix => $suffixes ) {
1604 $p = $prefix === '' ? '' : $prefix . '.';
1605 $arr[] = $p . implode( ',', $suffixes );
1606 }
1607 return implode( '|', $arr );
1608 }
1609
1610 /**
1611 * Expand a string of the form `jquery.foo,bar|jquery.ui.baz,quux` to
1612 * an array of module names like `[ 'jquery.foo', 'jquery.bar',
1613 * 'jquery.ui.baz', 'jquery.ui.quux' ]`.
1614 *
1615 * This process is reversed by ResourceLoader::makePackedModulesString().
1616 *
1617 * @since 1.33
1618 * @param string $modules Packed module name list
1619 * @return array Array of module names
1620 */
1621 public static function expandModuleNames( $modules ) {
1622 $retval = [];
1623 $exploded = explode( '|', $modules );
1624 foreach ( $exploded as $group ) {
1625 if ( strpos( $group, ',' ) === false ) {
1626 // This is not a set of modules in foo.bar,baz notation
1627 // but a single module
1628 $retval[] = $group;
1629 } else {
1630 // This is a set of modules in foo.bar,baz notation
1631 $pos = strrpos( $group, '.' );
1632 if ( $pos === false ) {
1633 // Prefixless modules, i.e. without dots
1634 $retval = array_merge( $retval, explode( ',', $group ) );
1635 } else {
1636 // We have a prefix and a bunch of suffixes
1637 $prefix = substr( $group, 0, $pos ); // 'foo'
1638 $suffixes = explode( ',', substr( $group, $pos + 1 ) ); // [ 'bar', 'baz' ]
1639 foreach ( $suffixes as $suffix ) {
1640 $retval[] = "$prefix.$suffix";
1641 }
1642 }
1643 }
1644 }
1645 return $retval;
1646 }
1647
1648 /**
1649 * Determine whether debug mode was requested
1650 * Order of priority is 1) request param, 2) cookie, 3) $wg setting
1651 * @return bool
1652 */
1653 public static function inDebugMode() {
1654 if ( self::$debugMode === null ) {
1655 global $wgRequest, $wgResourceLoaderDebug;
1656 self::$debugMode = $wgRequest->getFuzzyBool( 'debug',
1657 $wgRequest->getCookie( 'resourceLoaderDebug', '', $wgResourceLoaderDebug )
1658 );
1659 }
1660 return self::$debugMode;
1661 }
1662
1663 /**
1664 * Reset static members used for caching.
1665 *
1666 * Global state and $wgRequest are evil, but we're using it right
1667 * now and sometimes we need to be able to force ResourceLoader to
1668 * re-evaluate the context because it has changed (e.g. in the test suite).
1669 *
1670 * @internal For use by unit tests
1671 * @codeCoverageIgnore
1672 */
1673 public static function clearCache() {
1674 self::$debugMode = null;
1675 }
1676
1677 /**
1678 * Build a load.php URL
1679 *
1680 * @since 1.24
1681 * @param string $source Name of the ResourceLoader source
1682 * @param ResourceLoaderContext $context
1683 * @param array $extraQuery
1684 * @return string URL to load.php. May be protocol-relative if $wgLoadScript is, too.
1685 */
1686 public function createLoaderURL( $source, ResourceLoaderContext $context,
1687 $extraQuery = []
1688 ) {
1689 $query = self::createLoaderQuery( $context, $extraQuery );
1690 $script = $this->getLoadScript( $source );
1691
1692 return wfAppendQuery( $script, $query );
1693 }
1694
1695 /**
1696 * Helper for createLoaderURL()
1697 *
1698 * @since 1.24
1699 * @see makeLoaderQuery
1700 * @param ResourceLoaderContext $context
1701 * @param array $extraQuery
1702 * @return array
1703 */
1704 protected static function createLoaderQuery( ResourceLoaderContext $context, $extraQuery = [] ) {
1705 return self::makeLoaderQuery(
1706 $context->getModules(),
1707 $context->getLanguage(),
1708 $context->getSkin(),
1709 $context->getUser(),
1710 $context->getVersion(),
1711 $context->getDebug(),
1712 $context->getOnly(),
1713 $context->getRequest()->getBool( 'printable' ),
1714 $context->getRequest()->getBool( 'handheld' ),
1715 $extraQuery
1716 );
1717 }
1718
1719 /**
1720 * Build a query array (array representation of query string) for load.php. Helper
1721 * function for createLoaderURL().
1722 *
1723 * @param array $modules
1724 * @param string $lang
1725 * @param string $skin
1726 * @param string|null $user
1727 * @param string|null $version
1728 * @param bool $debug
1729 * @param string|null $only
1730 * @param bool $printable
1731 * @param bool $handheld
1732 * @param array $extraQuery
1733 * @return array
1734 */
1735 public static function makeLoaderQuery( $modules, $lang, $skin, $user = null,
1736 $version = null, $debug = false, $only = null, $printable = false,
1737 $handheld = false, $extraQuery = []
1738 ) {
1739 $query = [
1740 'modules' => self::makePackedModulesString( $modules ),
1741 ];
1742 // Keep urls short by omitting query parameters that
1743 // match the defaults assumed by ResourceLoaderContext.
1744 // Note: This relies on the defaults either being insignificant or forever constant,
1745 // as otherwise cached urls could change in meaning when the defaults change.
1746 if ( $lang !== ResourceLoaderContext::DEFAULT_LANG ) {
1747 $query['lang'] = $lang;
1748 }
1749 if ( $skin !== ResourceLoaderContext::DEFAULT_SKIN ) {
1750 $query['skin'] = $skin;
1751 }
1752 if ( $debug === true ) {
1753 $query['debug'] = 'true';
1754 }
1755 if ( $user !== null ) {
1756 $query['user'] = $user;
1757 }
1758 if ( $version !== null ) {
1759 $query['version'] = $version;
1760 }
1761 if ( $only !== null ) {
1762 $query['only'] = $only;
1763 }
1764 if ( $printable ) {
1765 $query['printable'] = 1;
1766 }
1767 if ( $handheld ) {
1768 $query['handheld'] = 1;
1769 }
1770 $query += $extraQuery;
1771
1772 // Make queries uniform in order
1773 ksort( $query );
1774 return $query;
1775 }
1776
1777 /**
1778 * Check a module name for validity.
1779 *
1780 * Module names may not contain pipes (|), commas (,) or exclamation marks (!) and can be
1781 * at most 255 bytes.
1782 *
1783 * @param string $moduleName Module name to check
1784 * @return bool Whether $moduleName is a valid module name
1785 */
1786 public static function isValidModuleName( $moduleName ) {
1787 return strcspn( $moduleName, '!,|', 0, 255 ) === strlen( $moduleName );
1788 }
1789
1790 /**
1791 * Returns LESS compiler set up for use with MediaWiki
1792 *
1793 * @since 1.27
1794 * @param array $vars Associative array of variables that should be used
1795 * for compilation. Since 1.32, this method no longer automatically includes
1796 * global LESS vars from ResourceLoader::getLessVars (T191937).
1797 * @throws MWException
1798 * @return Less_Parser
1799 */
1800 public function getLessCompiler( $vars = [] ) {
1801 global $IP;
1802 // When called from the installer, it is possible that a required PHP extension
1803 // is missing (at least for now; see T49564). If this is the case, throw an
1804 // exception (caught by the installer) to prevent a fatal error later on.
1805 if ( !class_exists( 'Less_Parser' ) ) {
1806 throw new MWException( 'MediaWiki requires the less.php parser' );
1807 }
1808
1809 $parser = new Less_Parser;
1810 $parser->ModifyVars( $vars );
1811 $parser->SetImportDirs( [
1812 "$IP/resources/src/mediawiki.less/" => '',
1813 ] );
1814 $parser->SetOption( 'relativeUrls', false );
1815
1816 return $parser;
1817 }
1818
1819 /**
1820 * Get global LESS variables.
1821 *
1822 * @since 1.27
1823 * @deprecated since 1.32 Use ResourceLoderModule::getLessVars() instead.
1824 * @return array Map of variable names to string CSS values.
1825 */
1826 public function getLessVars() {
1827 return [];
1828 }
1829 }
Wiklou, le Wiki du Wiklou