dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Log entries can be rendered with parentheses in HTML"
[lhc/web/wiklou.git] / includes / resourceloader / ResourceLoader.php
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
17 *
18 * @file
19 * @author Roan Kattouw
20 * @author Trevor Parscal
21 */
22
23 use MediaWiki\MediaWikiServices;
24 use Psr\Log\LoggerAwareInterface;
25 use Psr\Log\LoggerInterface;
26 use Psr\Log\NullLogger;
27 use Wikimedia\Rdbms\DBConnectionError;
28 use Wikimedia\WrappedString;
29
30 /**
31 * @defgroup ResourceLoader ResourceLoader
32 *
33 * For higher level documentation, see <https://www.mediawiki.org/wiki/ResourceLoader/Architecture>.
34 */
35
36 /**
37 * ResourceLoader is a loading system for JavaScript and CSS resources.
38 *
39 * For higher level documentation, see <https://www.mediawiki.org/wiki/ResourceLoader/Architecture>.
40 *
41 * @ingroup ResourceLoader
42 * @since 1.17
43 */
44 class ResourceLoader implements LoggerAwareInterface {
45 /** @var Config */
46 protected $config;
47 /** @var MessageBlobStore */
48 protected $blobStore;
49
50 /** @var LoggerInterface */
51 private $logger;
52
53 /** @var ResourceLoaderModule[] Map of (module name => ResourceLoaderModule) */
54 protected $modules = [];
55 /** @var array[] Map of (module name => associative info array) */
56 protected $moduleInfos = [];
57 /**
58 * Associative array mapping framework ids to a list of names of test suite modules
59 * like [ 'qunit' => [ 'mediawiki.tests.qunit.suites', 'ext.foo.tests', ... ], ... ]
60 * @var array
61 */
62 protected $testModuleNames = [];
63 /** @var string[] List of module names that contain QUnit test suites */
64 protected $testSuiteModuleNames = [];
65
66 /** @var array Map of (source => path); E.g. [ 'source-id' => 'http://.../load.php' ] */
67 protected $sources = [];
68 /** @var array Errors accumulated during current respond() call */
69 protected $errors = [];
70 /** @var string[] Extra HTTP response headers from modules loaded in makeModuleResponse() */
71 protected $extraHeaders = [];
72
73 /** @var bool */
74 protected static $debugMode = null;
75
76 /** @var int */
77 const CACHE_VERSION = 8;
78
79 /** @var string JavaScript / CSS pragma to disable minification. * */
80 const FILTER_NOMIN = '/*@nomin*/';
81
82 /**
83 * Load information stored in the database about modules.
84 *
85 * This method grabs modules dependencies from the database and updates modules
86 * objects.
87 *
88 * This is not inside the module code because it is much faster to
89 * request all of the information at once than it is to have each module
90 * requests its own information. This sacrifice of modularity yields a substantial
91 * performance improvement.
92 *
93 * @param array $moduleNames List of module names to preload information for
94 * @param ResourceLoaderContext $context Context to load the information within
95 */
96 public function preloadModuleInfo( array $moduleNames, ResourceLoaderContext $context ) {
97 if ( !$moduleNames ) {
98 // Or else Database*::select() will explode, plus it's cheaper!
99 return;
100 }
101 $dbr = wfGetDB( DB_REPLICA );
102 $lang = $context->getLanguage();
103
104 // Batched version of ResourceLoaderModule::getFileDependencies
105 $vary = ResourceLoaderModule::getVary( $context );
106 $res = $dbr->select( 'module_deps', [ 'md_module', 'md_deps' ], [
107 'md_module' => $moduleNames,
108 'md_skin' => $vary,
109 ], __METHOD__
110 );
111
112 // Prime in-object cache for file dependencies
113 $modulesWithDeps = [];
114 foreach ( $res as $row ) {
115 $module = $this->getModule( $row->md_module );
116 if ( $module ) {
117 $module->setFileDependencies( $context, ResourceLoaderModule::expandRelativePaths(
118 json_decode( $row->md_deps, true )
119 ) );
120 $modulesWithDeps[] = $row->md_module;
121 }
122 }
123 // Register the absence of a dependency row too
124 foreach ( array_diff( $moduleNames, $modulesWithDeps ) as $name ) {
125 $module = $this->getModule( $name );
126 if ( $module ) {
127 $this->getModule( $name )->setFileDependencies( $context, [] );
128 }
129 }
130
131 // Batched version of ResourceLoaderWikiModule::getTitleInfo
132 ResourceLoaderWikiModule::preloadTitleInfo( $context, $dbr, $moduleNames );
133
134 // Prime in-object cache for message blobs for modules with messages
135 $modules = [];
136 foreach ( $moduleNames as $name ) {
137 $module = $this->getModule( $name );
138 if ( $module && $module->getMessages() ) {
139 $modules[$name] = $module;
140 }
141 }
142 $store = $this->getMessageBlobStore();
143 $blobs = $store->getBlobs( $modules, $lang );
144 foreach ( $blobs as $name => $blob ) {
145 $modules[$name]->setMessageBlob( $blob, $lang );
146 }
147 }
148
149 /**
150 * Run JavaScript or CSS data through a filter, caching the filtered result for future calls.
151 *
152 * Available filters are:
153 *
154 * - minify-js \see JavaScriptMinifier::minify
155 * - minify-css \see CSSMin::minify
156 *
157 * If $data is empty, only contains whitespace or the filter was unknown,
158 * $data is returned unmodified.
159 *
160 * @param string $filter Name of filter to run
161 * @param string $data Text to filter, such as JavaScript or CSS text
162 * @param array $options Keys:
163 * - (bool) cache: Whether to allow caching this data. Default: true.
164 * @return string Filtered data, or a comment containing an error message
165 */
166 public static function filter( $filter, $data, array $options = [] ) {
167 if ( strpos( $data, self::FILTER_NOMIN ) !== false ) {
168 return $data;
169 }
170
171 if ( isset( $options['cache'] ) && $options['cache'] === false ) {
172 return self::applyFilter( $filter, $data );
173 }
174
175 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
176 $cache = ObjectCache::getLocalServerInstance( CACHE_ANYTHING );
177
178 $key = $cache->makeGlobalKey(
179 'resourceloader-filter',
180 $filter,
181 self::CACHE_VERSION,
182 md5( $data )
183 );
184
185 $result = $cache->get( $key );
186 if ( $result === false ) {
187 $stats->increment( "resourceloader_cache.$filter.miss" );
188 $result = self::applyFilter( $filter, $data );
189 $cache->set( $key, $result, 24 * 3600 );
190 } else {
191 $stats->increment( "resourceloader_cache.$filter.hit" );
192 }
193 if ( $result === null ) {
194 // Cached failure
195 $result = $data;
196 }
197
198 return $result;
199 }
200
201 private static function applyFilter( $filter, $data ) {
202 $data = trim( $data );
203 if ( $data ) {
204 try {
205 $data = ( $filter === 'minify-css' )
206 ? CSSMin::minify( $data )
207 : JavaScriptMinifier::minify( $data );
208 } catch ( Exception $e ) {
209 MWExceptionHandler::logException( $e );
210 return null;
211 }
212 }
213 return $data;
214 }
215
216 /**
217 * Register core modules and runs registration hooks.
218 * @param Config|null $config
219 * @param LoggerInterface|null $logger [optional]
220 */
221 public function __construct( Config $config = null, LoggerInterface $logger = null ) {
222 $this->logger = $logger ?: new NullLogger();
223
224 if ( !$config ) {
225 wfDeprecated( __METHOD__ . ' without a Config instance', '1.34' );
226 $config = MediaWikiServices::getInstance()->getMainConfig();
227 }
228 $this->config = $config;
229
230 // Add 'local' source first
231 $this->addSource( 'local', $config->get( 'LoadScript' ) );
232
233 // Special module that always exists
234 $this->register( 'startup', [ 'class' => ResourceLoaderStartUpModule::class ] );
235
236 $this->setMessageBlobStore( new MessageBlobStore( $this, $this->logger ) );
237 }
238
239 /**
240 * @return Config
241 */
242 public function getConfig() {
243 return $this->config;
244 }
245
246 /**
247 * @since 1.26
248 * @param LoggerInterface $logger
249 */
250 public function setLogger( LoggerInterface $logger ) {
251 $this->logger = $logger;
252 }
253
254 /**
255 * @since 1.27
256 * @return LoggerInterface
257 */
258 public function getLogger() {
259 return $this->logger;
260 }
261
262 /**
263 * @since 1.26
264 * @return MessageBlobStore
265 */
266 public function getMessageBlobStore() {
267 return $this->blobStore;
268 }
269
270 /**
271 * @since 1.25
272 * @param MessageBlobStore $blobStore
273 */
274 public function setMessageBlobStore( MessageBlobStore $blobStore ) {
275 $this->blobStore = $blobStore;
276 }
277
278 /**
279 * Register a module with the ResourceLoader system.
280 *
281 * @param string|array[] $name Module name as a string or, array of module info arrays
282 * keyed by name.
283 * @param array|null $info Module info array. When using the first parameter to register
284 * multiple modules at once, this parameter is optional.
285 * @throws MWException If a duplicate module registration is attempted
286 * @throws MWException If a module name contains illegal characters (pipes or commas)
287 * @throws InvalidArgumentException If the module info is not an array
288 */
289 public function register( $name, $info = null ) {
290 $moduleSkinStyles = $this->config->get( 'ResourceModuleSkinStyles' );
291
292 // Allow multiple modules to be registered in one call
293 $registrations = is_array( $name ) ? $name : [ $name => $info ];
294 foreach ( $registrations as $name => $info ) {
295 // Warn on duplicate registrations
296 if ( isset( $this->moduleInfos[$name] ) ) {
297 // A module has already been registered by this name
298 $this->logger->warning(
299 'ResourceLoader duplicate registration warning. ' .
300 'Another module has already been registered as ' . $name
301 );
302 }
303
304 // Check validity
305 if ( !self::isValidModuleName( $name ) ) {
306 throw new MWException( "ResourceLoader module name '$name' is invalid, "
307 . "see ResourceLoader::isValidModuleName()" );
308 }
309 if ( !is_array( $info ) ) {
310 throw new InvalidArgumentException(
311 'Invalid module info for "' . $name . '": expected array, got ' . gettype( $info )
312 );
313 }
314
315 // Attach module
316 $this->moduleInfos[$name] = $info;
317
318 // Last-minute changes
319 // Apply custom skin-defined styles to existing modules.
320 if ( $this->isFileModule( $name ) ) {
321 foreach ( $moduleSkinStyles as $skinName => $skinStyles ) {
322 // If this module already defines skinStyles for this skin, ignore $wgResourceModuleSkinStyles.
323 if ( isset( $this->moduleInfos[$name]['skinStyles'][$skinName] ) ) {
324 continue;
325 }
326
327 // If $name is preceded with a '+', the defined style files will be added to 'default'
328 // skinStyles, otherwise 'default' will be ignored as it normally would be.
329 if ( isset( $skinStyles[$name] ) ) {
330 $paths = (array)$skinStyles[$name];
331 $styleFiles = [];
332 } elseif ( isset( $skinStyles['+' . $name] ) ) {
333 $paths = (array)$skinStyles['+' . $name];
334 $styleFiles = isset( $this->moduleInfos[$name]['skinStyles']['default'] ) ?
335 (array)$this->moduleInfos[$name]['skinStyles']['default'] :
336 [];
337 } else {
338 continue;
339 }
340
341 // Add new file paths, remapping them to refer to our directories and not use settings
342 // from the module we're modifying, which come from the base definition.
343 list( $localBasePath, $remoteBasePath ) =
344 ResourceLoaderFileModule::extractBasePaths( $skinStyles );
345
346 foreach ( $paths as $path ) {
347 $styleFiles[] = new ResourceLoaderFilePath( $path, $localBasePath, $remoteBasePath );
348 }
349
350 $this->moduleInfos[$name]['skinStyles'][$skinName] = $styleFiles;
351 }
352 }
353 }
354 }
355
356 /**
357 * @internal For use by ServiceWiring only
358 * @codeCoverageIgnore
359 */
360 public function registerTestModules() {
361 global $IP;
362
363 if ( $this->config->get( 'EnableJavaScriptTest' ) !== true ) {
364 throw new MWException( 'Attempt to register JavaScript test modules '
365 . 'but <code>$wgEnableJavaScriptTest</code> is false. '
366 . 'Edit your <code>LocalSettings.php</code> to enable it.' );
367 }
368
369 // This has a 'qunit' key for compat with the below hook.
370 $testModulesMeta = [ 'qunit' => [] ];
371
372 // Get test suites from extensions
373 // Avoid PHP 7.1 warning from passing $this by reference
374 $rl = $this;
375 Hooks::run( 'ResourceLoaderTestModules', [ &$testModulesMeta, &$rl ] );
376 $extRegistry = ExtensionRegistry::getInstance();
377 // In case of conflict, the deprecated hook has precedence.
378 $testModules = $testModulesMeta['qunit'] + $extRegistry->getAttribute( 'QUnitTestModules' );
379
380 $testSuiteModuleNames = [];
381 foreach ( $testModules as $name => &$module ) {
382 // Turn any single-module dependency into an array
383 if ( isset( $module['dependencies'] ) && is_string( $module['dependencies'] ) ) {
384 $module['dependencies'] = [ $module['dependencies'] ];
385 }
386
387 // Ensure the testrunner loads before any test suites
388 $module['dependencies'][] = 'test.mediawiki.qunit.testrunner';
389
390 // Keep track of the test suites to load on SpecialJavaScriptTest
391 $testSuiteModuleNames[] = $name;
392 }
393
394 // Core test suites (their names have further precedence).
395 $testModules = ( include "$IP/tests/qunit/QUnitTestResources.php" ) + $testModules;
396 $testSuiteModuleNames[] = 'test.mediawiki.qunit.suites';
397
398 $this->register( $testModules );
399 $this->testSuiteModuleNames = $testSuiteModuleNames;
400 }
401
402 /**
403 * Add a foreign source of modules.
404 *
405 * Source IDs are typically the same as the Wiki ID or database name (e.g. lowercase a-z).
406 *
407 * @param array|string $id Source ID (string), or [ id1 => loadUrl, id2 => loadUrl, ... ]
408 * @param string|array|null $loadUrl load.php url (string), or array with loadUrl key for
409 * backwards-compatibility.
410 * @throws MWException
411 */
412 public function addSource( $id, $loadUrl = null ) {
413 // Allow multiple sources to be registered in one call
414 if ( is_array( $id ) ) {
415 foreach ( $id as $key => $value ) {
416 $this->addSource( $key, $value );
417 }
418 return;
419 }
420
421 // Disallow duplicates
422 if ( isset( $this->sources[$id] ) ) {
423 throw new MWException(
424 'ResourceLoader duplicate source addition error. ' .
425 'Another source has already been registered as ' . $id
426 );
427 }
428
429 // Pre 1.24 backwards-compatibility
430 if ( is_array( $loadUrl ) ) {
431 if ( !isset( $loadUrl['loadScript'] ) ) {
432 throw new MWException(
433 __METHOD__ . ' was passed an array with no "loadScript" key.'
434 );
435 }
436
437 $loadUrl = $loadUrl['loadScript'];
438 }
439
440 $this->sources[$id] = $loadUrl;
441 }
442
443 /**
444 * Get a list of module names.
445 *
446 * @return array List of module names
447 */
448 public function getModuleNames() {
449 return array_keys( $this->moduleInfos );
450 }
451
452 /**
453 * Get a list of module names with QUnit test suites.
454 *
455 * @internal For use by SpecialJavaScriptTest only
456 * @return array
457 * @codeCoverageIgnore
458 */
459 public function getTestSuiteModuleNames() {
460 return $this->testSuiteModuleNames;
461 }
462
463 /**
464 * Check whether a ResourceLoader module is registered
465 *
466 * @since 1.25
467 * @param string $name
468 * @return bool
469 */
470 public function isModuleRegistered( $name ) {
471 return isset( $this->moduleInfos[$name] );
472 }
473
474 /**
475 * Get the ResourceLoaderModule object for a given module name.
476 *
477 * If an array of module parameters exists but a ResourceLoaderModule object has not
478 * yet been instantiated, this method will instantiate and cache that object such that
479 * subsequent calls simply return the same object.
480 *
481 * @param string $name Module name
482 * @return ResourceLoaderModule|null If module has been registered, return a
483 * ResourceLoaderModule instance. Otherwise, return null.
484 */
485 public function getModule( $name ) {
486 if ( !isset( $this->modules[$name] ) ) {
487 if ( !isset( $this->moduleInfos[$name] ) ) {
488 // No such module
489 return null;
490 }
491 // Construct the requested module object
492 $info = $this->moduleInfos[$name];
493 if ( isset( $info['factory'] ) ) {
494 /** @var ResourceLoaderModule $object */
495 $object = call_user_func( $info['factory'], $info );
496 } else {
497 $class = $info['class'] ?? ResourceLoaderFileModule::class;
498 /** @var ResourceLoaderModule $object */
499 $object = new $class( $info );
500 }
501 $object->setConfig( $this->getConfig() );
502 $object->setLogger( $this->logger );
503 $object->setName( $name );
504 $this->modules[$name] = $object;
505 }
506
507 return $this->modules[$name];
508 }
509
510 /**
511 * Whether the module is a ResourceLoaderFileModule (including subclasses).
512 *
513 * @param string $name Module name
514 * @return bool
515 */
516 protected function isFileModule( $name ) {
517 if ( !isset( $this->moduleInfos[$name] ) ) {
518 return false;
519 }
520 $info = $this->moduleInfos[$name];
521 return !isset( $info['factory'] ) && (
522 // The implied default for 'class' is ResourceLoaderFileModule
523 !isset( $info['class'] ) ||
524 // Explicit default
525 $info['class'] === ResourceLoaderFileModule::class ||
526 is_subclass_of( $info['class'], ResourceLoaderFileModule::class )
527 );
528 }
529
530 /**
531 * Get the list of sources.
532 *
533 * @return array Like [ id => load.php url, ... ]
534 */
535 public function getSources() {
536 return $this->sources;
537 }
538
539 /**
540 * Get the URL to the load.php endpoint for the given
541 * ResourceLoader source
542 *
543 * @since 1.24
544 * @param string $source
545 * @throws MWException On an invalid $source name
546 * @return string
547 */
548 public function getLoadScript( $source ) {
549 if ( !isset( $this->sources[$source] ) ) {
550 throw new MWException( "The $source source was never registered in ResourceLoader." );
551 }
552 return $this->sources[$source];
553 }
554
555 /**
556 * @internal For use by ResourceLoaderStartUpModule only.
557 */
558 const HASH_LENGTH = 5;
559
560 /**
561 * Create a hash for module versioning purposes.
562 *
563 * This hash is used in three ways:
564 *
565 * - To differentiate between the current version and a past version
566 * of a module by the same name.
567 *
568 * In the cache key of localStorage in the browser (mw.loader.store).
569 * This store keeps only one version of any given module. As long as the
570 * next version the client encounters has a different hash from the last
571 * version it saw, it will correctly discard it in favour of a network fetch.
572 *
573 * A browser may evict a site's storage container for any reason (e.g. when
574 * the user hasn't visited a site for some time, and/or when the device is
575 * low on storage space). Anecdotally it seems devices rarely keep unused
576 * storage beyond 2 weeks on mobile devices and 4 weeks on desktop.
577 * But, there is no hard limit or expiration on localStorage.
578 * ResourceLoader's Client also clears localStorage when the user changes
579 * their language preference or when they (temporarily) use Debug Mode.
580 *
581 * The only hard factors that reduce the range of possible versions are
582 * 1) the name and existence of a given module, and
583 * 2) the TTL for mw.loader.store, and
584 * 3) the `$wgResourceLoaderStorageVersion` configuration variable.
585 *
586 * - To identify a batch response of modules from load.php in an HTTP cache.
587 *
588 * When fetching modules in a batch from load.php, a combined hash
589 * is created by the JS code, and appended as query parameter.
590 *
591 * In cache proxies (e.g. Varnish, Nginx) and in the browser's HTTP cache,
592 * these urls are used to identify other previously cached responses.
593 * The range of possible versions a given version has to be unique amongst
594 * is determined by the maximum duration each response is stored for, which
595 * is controlled by `$wgResourceLoaderMaxage['versioned']`.
596 *
597 * - To detect race conditions between multiple web servers in a MediaWiki
598 * deployment of which some have the newer version and some still the older
599 * version.
600 *
601 * An HTTP request from a browser for the Startup manifest may be responded
602 * to by a server with the newer version. The browser may then use that to
603 * request a given module, which may then be responded to by a server with
604 * the older version. To avoid caching this for too long (which would pollute
605 * all other users without repairing itself), the combined hash that the JS
606 * client adds to the url is verified by the server (in ::sendResponseHeaders).
607 * If they don't match, we instruct cache proxies and clients to not cache
608 * this response as long as they normally would. This is also the reason
609 * that the algorithm used here in PHP must match the one used in JS.
610 *
611 * The fnv132 digest creates a 32-bit integer, which goes upto 4 Giga and
612 * needs up to 7 chars in base 36.
613 * Within 7 characters, base 36 can count up to 78,364,164,096 (78 Giga),
614 * (but with fnv132 we'd use very little of this range, mostly padding).
615 * Within 6 characters, base 36 can count up to 2,176,782,336 (2 Giga).
616 * Within 5 characters, base 36 can count up to 60,466,176 (60 Mega).
617 *
618 * @since 1.26
619 * @param string $value
620 * @return string Hash
621 */
622 public static function makeHash( $value ) {
623 $hash = hash( 'fnv132', $value );
624 // The base_convert will pad it (if too short),
625 // then substr() will trim it (if too long).
626 return substr(
627 Wikimedia\base_convert( $hash, 16, 36, self::HASH_LENGTH ),
628 0,
629 self::HASH_LENGTH
630 );
631 }
632
633 /**
634 * Add an error to the 'errors' array and log it.
635 *
636 * @private For internal use by ResourceLoader and ResourceLoaderStartUpModule.
637 * @since 1.29
638 * @param Exception $e
639 * @param string $msg
640 * @param array $context
641 */
642 public function outputErrorAndLog( Exception $e, $msg, array $context = [] ) {
643 MWExceptionHandler::logException( $e );
644 $this->logger->warning(
645 $msg,
646 $context + [ 'exception' => $e ]
647 );
648 $this->errors[] = self::formatExceptionNoComment( $e );
649 }
650
651 /**
652 * Helper method to get and combine versions of multiple modules.
653 *
654 * @since 1.26
655 * @param ResourceLoaderContext $context
656 * @param string[] $moduleNames List of known module names
657 * @return string Hash
658 */
659 public function getCombinedVersion( ResourceLoaderContext $context, array $moduleNames ) {
660 if ( !$moduleNames ) {
661 return '';
662 }
663 $hashes = array_map( function ( $module ) use ( $context ) {
664 try {
665 return $this->getModule( $module )->getVersionHash( $context );
666 } catch ( Exception $e ) {
667 // If modules fail to compute a version, don't fail the request (T152266)
668 // and still compute versions of other modules.
669 $this->outputErrorAndLog( $e,
670 'Calculating version for "{module}" failed: {exception}',
671 [
672 'module' => $module,
673 ]
674 );
675 return '';
676 }
677 }, $moduleNames );
678 return self::makeHash( implode( '', $hashes ) );
679 }
680
681 /**
682 * Get the expected value of the 'version' query parameter.
683 *
684 * This is used by respond() to set a short Cache-Control header for requests with
685 * information newer than the current server has. This avoids pollution of edge caches.
686 * Typically during deployment. (T117587)
687 *
688 * This MUST match return value of `mw.loader#getCombinedVersion()` client-side.
689 *
690 * @since 1.28
691 * @param ResourceLoaderContext $context
692 * @return string Hash
693 */
694 public function makeVersionQuery( ResourceLoaderContext $context ) {
695 // As of MediaWiki 1.28, the server and client use the same algorithm for combining
696 // version hashes. There is no technical reason for this to be same, and for years the
697 // implementations differed. If getCombinedVersion in PHP (used for StartupModule and
698 // E-Tag headers) differs in the future from getCombinedVersion in JS (used for 'version'
699 // query parameter), then this method must continue to match the JS one.
700 $moduleNames = [];
701 foreach ( $context->getModules() as $name ) {
702 if ( !$this->getModule( $name ) ) {
703 // If a versioned request contains a missing module, the version is a mismatch
704 // as the client considered a module (and version) we don't have.
705 return '';
706 }
707 $moduleNames[] = $name;
708 }
709 return $this->getCombinedVersion( $context, $moduleNames );
710 }
711
712 /**
713 * Output a response to a load request, including the content-type header.
714 *
715 * @param ResourceLoaderContext $context Context in which a response should be formed
716 */
717 public function respond( ResourceLoaderContext $context ) {
718 // Buffer output to catch warnings. Normally we'd use ob_clean() on the
719 // top-level output buffer to clear warnings, but that breaks when ob_gzhandler
720 // is used: ob_clean() will clear the GZIP header in that case and it won't come
721 // back for subsequent output, resulting in invalid GZIP. So we have to wrap
722 // the whole thing in our own output buffer to be sure the active buffer
723 // doesn't use ob_gzhandler.
724 // See https://bugs.php.net/bug.php?id=36514
725 ob_start();
726
727 $this->measureResponseTime( RequestContext::getMain()->getTiming() );
728
729 // Find out which modules are missing and instantiate the others
730 $modules = [];
731 $missing = [];
732 foreach ( $context->getModules() as $name ) {
733 $module = $this->getModule( $name );
734 if ( $module ) {
735 // Do not allow private modules to be loaded from the web.
736 // This is a security issue, see T36907.
737 if ( $module->getGroup() === 'private' ) {
738 // Not a serious error, just means something is trying to access it (T101806)
739 $this->logger->debug( "Request for private module '$name' denied" );
740 $this->errors[] = "Cannot build private module \"$name\"";
741 continue;
742 }
743 $modules[$name] = $module;
744 } else {
745 $missing[] = $name;
746 }
747 }
748
749 try {
750 // Preload for getCombinedVersion() and for batch makeModuleResponse()
751 $this->preloadModuleInfo( array_keys( $modules ), $context );
752 } catch ( Exception $e ) {
753 $this->outputErrorAndLog( $e, 'Preloading module info failed: {exception}' );
754 }
755
756 // Combine versions to propagate cache invalidation
757 $versionHash = '';
758 try {
759 $versionHash = $this->getCombinedVersion( $context, array_keys( $modules ) );
760 } catch ( Exception $e ) {
761 $this->outputErrorAndLog( $e, 'Calculating version hash failed: {exception}' );
762 }
763
764 // See RFC 2616 § 3.11 Entity Tags
765 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11
766 $etag = 'W/"' . $versionHash . '"';
767
768 // Try the client-side cache first
769 if ( $this->tryRespondNotModified( $context, $etag ) ) {
770 return; // output handled (buffers cleared)
771 }
772
773 // Use file cache if enabled and available...
774 if ( $this->config->get( 'UseFileCache' ) ) {
775 $fileCache = ResourceFileCache::newFromContext( $context );
776 if ( $this->tryRespondFromFileCache( $fileCache, $context, $etag ) ) {
777 return; // output handled
778 }
779 } else {
780 $fileCache = null;
781 }
782
783 // Generate a response
784 $response = $this->makeModuleResponse( $context, $modules, $missing );
785
786 // Capture any PHP warnings from the output buffer and append them to the
787 // error list if we're in debug mode.
788 if ( $context->getDebug() ) {
789 $warnings = ob_get_contents();
790 if ( strlen( $warnings ) ) {
791 $this->errors[] = $warnings;
792 }
793 }
794
795 // Consider saving the response to file cache (unless there are errors).
796 if ( $fileCache &&
797 !$this->errors &&
798 $missing === [] &&
799 ResourceFileCache::useFileCache( $context )
800 ) {
801 if ( $fileCache->isCacheWorthy() ) {
802 // There were enough hits, save the response to the cache
803 $fileCache->saveText( $response );
804 } else {
805 $fileCache->incrMissesRecent( $context->getRequest() );
806 }
807 }
808
809 $this->sendResponseHeaders( $context, $etag, (bool)$this->errors, $this->extraHeaders );
810
811 // Remove the output buffer and output the response
812 ob_end_clean();
813
814 if ( $context->getImageObj() && $this->errors ) {
815 // We can't show both the error messages and the response when it's an image.
816 $response = implode( "\n\n", $this->errors );
817 } elseif ( $this->errors ) {
818 $errorText = implode( "\n\n", $this->errors );
819 $errorResponse = self::makeComment( $errorText );
820 if ( $context->shouldIncludeScripts() ) {
821 $errorResponse .= 'if (window.console && console.error) { console.error('
822 . self::encodeJsonForScript( $errorText )
823 . "); }\n";
824 }
825
826 // Prepend error info to the response
827 $response = $errorResponse . $response;
828 }
829
830 $this->errors = [];
831 echo $response;
832 }
833
834 protected function measureResponseTime( Timing $timing ) {
835 DeferredUpdates::addCallableUpdate( function () use ( $timing ) {
836 $measure = $timing->measure( 'responseTime', 'requestStart', 'requestShutdown' );
837 if ( $measure !== false ) {
838 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
839 $stats->timing( 'resourceloader.responseTime', $measure['duration'] * 1000 );
840 }
841 } );
842 }
843
844 /**
845 * Send main response headers to the client.
846 *
847 * Deals with Content-Type, CORS (for stylesheets), and caching.
848 *
849 * @param ResourceLoaderContext $context
850 * @param string $etag ETag header value
851 * @param bool $errors Whether there are errors in the response
852 * @param string[] $extra Array of extra HTTP response headers
853 * @return void
854 */
855 protected function sendResponseHeaders(
856 ResourceLoaderContext $context, $etag, $errors, array $extra = []
857 ) {
858 \MediaWiki\HeaderCallback::warnIfHeadersSent();
859 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
860 // Use a short cache expiry so that updates propagate to clients quickly, if:
861 // - No version specified (shared resources, e.g. stylesheets)
862 // - There were errors (recover quickly)
863 // - Version mismatch (T117587, T47877)
864 if ( is_null( $context->getVersion() )
865 || $errors
866 || $context->getVersion() !== $this->makeVersionQuery( $context )
867 ) {
868 $maxage = $rlMaxage['unversioned']['client'];
869 $smaxage = $rlMaxage['unversioned']['server'];
870 // If a version was specified we can use a longer expiry time since changing
871 // version numbers causes cache misses
872 } else {
873 $maxage = $rlMaxage['versioned']['client'];
874 $smaxage = $rlMaxage['versioned']['server'];
875 }
876 if ( $context->getImageObj() ) {
877 // Output different headers if we're outputting textual errors.
878 if ( $errors ) {
879 header( 'Content-Type: text/plain; charset=utf-8' );
880 } else {
881 $context->getImageObj()->sendResponseHeaders( $context );
882 }
883 } elseif ( $context->getOnly() === 'styles' ) {
884 header( 'Content-Type: text/css; charset=utf-8' );
885 header( 'Access-Control-Allow-Origin: *' );
886 } else {
887 header( 'Content-Type: text/javascript; charset=utf-8' );
888 }
889 // See RFC 2616 § 14.19 ETag
890 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.19
891 header( 'ETag: ' . $etag );
892 if ( $context->getDebug() ) {
893 // Do not cache debug responses
894 header( 'Cache-Control: private, no-cache, must-revalidate' );
895 header( 'Pragma: no-cache' );
896 } else {
897 header( "Cache-Control: public, max-age=$maxage, s-maxage=$smaxage" );
898 $exp = min( $maxage, $smaxage );
899 header( 'Expires: ' . wfTimestamp( TS_RFC2822, $exp + time() ) );
900 }
901 foreach ( $extra as $header ) {
902 header( $header );
903 }
904 }
905
906 /**
907 * Respond with HTTP 304 Not Modified if appropiate.
908 *
909 * If there's an If-None-Match header, respond with a 304 appropriately
910 * and clear out the output buffer. If the client cache is too old then do nothing.
911 *
912 * @param ResourceLoaderContext $context
913 * @param string $etag ETag header value
914 * @return bool True if HTTP 304 was sent and output handled
915 */
916 protected function tryRespondNotModified( ResourceLoaderContext $context, $etag ) {
917 // See RFC 2616 § 14.26 If-None-Match
918 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26
919 $clientKeys = $context->getRequest()->getHeader( 'If-None-Match', WebRequest::GETHEADER_LIST );
920 // Never send 304s in debug mode
921 if ( $clientKeys !== false && !$context->getDebug() && in_array( $etag, $clientKeys ) ) {
922 // There's another bug in ob_gzhandler (see also the comment at
923 // the top of this function) that causes it to gzip even empty
924 // responses, meaning it's impossible to produce a truly empty
925 // response (because the gzip header is always there). This is
926 // a problem because 304 responses have to be completely empty
927 // per the HTTP spec, and Firefox behaves buggily when they're not.
928 // See also https://bugs.php.net/bug.php?id=51579
929 // To work around this, we tear down all output buffering before
930 // sending the 304.
931 wfResetOutputBuffers( /* $resetGzipEncoding = */ true );
932
933 HttpStatus::header( 304 );
934
935 $this->sendResponseHeaders( $context, $etag, false );
936 return true;
937 }
938 return false;
939 }
940
941 /**
942 * Send out code for a response from file cache if possible.
943 *
944 * @param ResourceFileCache $fileCache Cache object for this request URL
945 * @param ResourceLoaderContext $context Context in which to generate a response
946 * @param string $etag ETag header value
947 * @return bool If this found a cache file and handled the response
948 */
949 protected function tryRespondFromFileCache(
950 ResourceFileCache $fileCache,
951 ResourceLoaderContext $context,
952 $etag
953 ) {
954 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
955 // Buffer output to catch warnings.
956 ob_start();
957 // Get the maximum age the cache can be
958 $maxage = is_null( $context->getVersion() )
959 ? $rlMaxage['unversioned']['server']
960 : $rlMaxage['versioned']['server'];
961 // Minimum timestamp the cache file must have
962 $good = $fileCache->isCacheGood( wfTimestamp( TS_MW, time() - $maxage ) );
963 if ( !$good ) {
964 try { // RL always hits the DB on file cache miss...
965 wfGetDB( DB_REPLICA );
966 } catch ( DBConnectionError $e ) { // ...check if we need to fallback to cache
967 $good = $fileCache->isCacheGood(); // cache existence check
968 }
969 }
970 if ( $good ) {
971 $ts = $fileCache->cacheTimestamp();
972 // Send content type and cache headers
973 $this->sendResponseHeaders( $context, $etag, false );
974 $response = $fileCache->fetchText();
975 // Capture any PHP warnings from the output buffer and append them to the
976 // response in a comment if we're in debug mode.
977 if ( $context->getDebug() ) {
978 $warnings = ob_get_contents();
979 if ( strlen( $warnings ) ) {
980 $response = self::makeComment( $warnings ) . $response;
981 }
982 }
983 // Remove the output buffer and output the response
984 ob_end_clean();
985 echo $response . "\n/* Cached {$ts} */";
986 return true; // cache hit
987 }
988 // Clear buffer
989 ob_end_clean();
990
991 return false; // cache miss
992 }
993
994 /**
995 * Generate a CSS or JS comment block.
996 *
997 * Only use this for public data, not error message details.
998 *
999 * @param string $text
1000 * @return string
1001 */
1002 public static function makeComment( $text ) {
1003 $encText = str_replace( '*/', '* /', $text );
1004 return "/*\n$encText\n*/\n";
1005 }
1006
1007 /**
1008 * Handle exception display.
1009 *
1010 * @param Exception $e Exception to be shown to the user
1011 * @return string Sanitized text in a CSS/JS comment that can be returned to the user
1012 */
1013 public static function formatException( $e ) {
1014 return self::makeComment( self::formatExceptionNoComment( $e ) );
1015 }
1016
1017 /**
1018 * Handle exception display.
1019 *
1020 * @since 1.25
1021 * @param Exception $e Exception to be shown to the user
1022 * @return string Sanitized text that can be returned to the user
1023 */
1024 protected static function formatExceptionNoComment( $e ) {
1025 global $wgShowExceptionDetails;
1026
1027 if ( !$wgShowExceptionDetails ) {
1028 return MWExceptionHandler::getPublicLogMessage( $e );
1029 }
1030
1031 return MWExceptionHandler::getLogMessage( $e ) .
1032 "\nBacktrace:\n" .
1033 MWExceptionHandler::getRedactedTraceAsString( $e );
1034 }
1035
1036 /**
1037 * Generate code for a response.
1038 *
1039 * Calling this method also populates the `errors` and `headers` members,
1040 * later used by respond().
1041 *
1042 * @param ResourceLoaderContext $context Context in which to generate a response
1043 * @param ResourceLoaderModule[] $modules List of module objects keyed by module name
1044 * @param string[] $missing List of requested module names that are unregistered (optional)
1045 * @return string Response data
1046 */
1047 public function makeModuleResponse( ResourceLoaderContext $context,
1048 array $modules, array $missing = []
1049 ) {
1050 $out = '';
1051 $states = [];
1052
1053 if ( $modules === [] && $missing === [] ) {
1054 return <<<MESSAGE
1055 /* This file is the Web entry point for MediaWiki's ResourceLoader:
1056 <https://www.mediawiki.org/wiki/ResourceLoader>. In this request,
1057 no modules were requested. Max made me put this here. */
1058 MESSAGE;
1059 }
1060
1061 $image = $context->getImageObj();
1062 if ( $image ) {
1063 $data = $image->getImageData( $context );
1064 if ( $data === false ) {
1065 $data = '';
1066 $this->errors[] = 'Image generation failed';
1067 }
1068 return $data;
1069 }
1070
1071 foreach ( $missing as $name ) {
1072 $states[$name] = 'missing';
1073 }
1074
1075 $filter = $context->getOnly() === 'styles' ? 'minify-css' : 'minify-js';
1076
1077 foreach ( $modules as $name => $module ) {
1078 try {
1079 $content = $module->getModuleContent( $context );
1080 $implementKey = $name . '@' . $module->getVersionHash( $context );
1081 $strContent = '';
1082
1083 if ( isset( $content['headers'] ) ) {
1084 $this->extraHeaders = array_merge( $this->extraHeaders, $content['headers'] );
1085 }
1086
1087 // Append output
1088 switch ( $context->getOnly() ) {
1089 case 'scripts':
1090 $scripts = $content['scripts'];
1091 if ( is_string( $scripts ) ) {
1092 // Load scripts raw...
1093 $strContent = $scripts;
1094 } elseif ( is_array( $scripts ) ) {
1095 // ...except when $scripts is an array of URLs or an associative array
1096 $strContent = self::makeLoaderImplementScript( $implementKey, $scripts, [], [], [] );
1097 }
1098 break;
1099 case 'styles':
1100 $styles = $content['styles'];
1101 // We no longer separate into media, they are all combined now with
1102 // custom media type groups into @media .. {} sections as part of the css string.
1103 // Module returns either an empty array or a numerical array with css strings.
1104 $strContent = isset( $styles['css'] ) ? implode( '', $styles['css'] ) : '';
1105 break;
1106 default:
1107 $scripts = $content['scripts'] ?? '';
1108 if ( is_string( $scripts ) ) {
1109 if ( $name === 'site' || $name === 'user' ) {
1110 // Legacy scripts that run in the global scope without a closure.
1111 // mw.loader.implement will use globalEval if scripts is a string.
1112 // Minify manually here, because general response minification is
1113 // not effective due it being a string literal, not a function.
1114 if ( !$context->getDebug() ) {
1115 $scripts = self::filter( 'minify-js', $scripts ); // T107377
1116 }
1117 } else {
1118 $scripts = new XmlJsCode( $scripts );
1119 }
1120 }
1121 $strContent = self::makeLoaderImplementScript(
1122 $implementKey,
1123 $scripts,
1124 $content['styles'] ?? [],
1125 isset( $content['messagesBlob'] ) ? new XmlJsCode( $content['messagesBlob'] ) : [],
1126 $content['templates'] ?? []
1127 );
1128 break;
1129 }
1130
1131 if ( !$context->getDebug() ) {
1132 $strContent = self::filter( $filter, $strContent );
1133 } else {
1134 // In debug mode, separate each response by a new line.
1135 // For example, between 'mw.loader.implement();' statements.
1136 $strContent = $this->ensureNewline( $strContent );
1137 }
1138
1139 if ( $context->getOnly() === 'scripts' ) {
1140 // Use a linebreak between module scripts (T162719)
1141 $out .= $this->ensureNewline( $strContent );
1142 } else {
1143 $out .= $strContent;
1144 }
1145
1146 } catch ( Exception $e ) {
1147 $this->outputErrorAndLog( $e, 'Generating module package failed: {exception}' );
1148
1149 // Respond to client with error-state instead of module implementation
1150 $states[$name] = 'error';
1151 unset( $modules[$name] );
1152 }
1153 }
1154
1155 // Update module states
1156 if ( $context->shouldIncludeScripts() && !$context->getRaw() ) {
1157 if ( $modules && $context->getOnly() === 'scripts' ) {
1158 // Set the state of modules loaded as only scripts to ready as
1159 // they don't have an mw.loader.implement wrapper that sets the state
1160 foreach ( $modules as $name => $module ) {
1161 $states[$name] = 'ready';
1162 }
1163 }
1164
1165 // Set the state of modules we didn't respond to with mw.loader.implement
1166 if ( $states ) {
1167 $stateScript = self::makeLoaderStateScript( $states );
1168 if ( !$context->getDebug() ) {
1169 $stateScript = self::filter( 'minify-js', $stateScript );
1170 }
1171 // Use a linebreak between module script and state script (T162719)
1172 $out = $this->ensureNewline( $out ) . $stateScript;
1173 }
1174 } elseif ( $states ) {
1175 $this->errors[] = 'Problematic modules: '
1176 . self::encodeJsonForScript( $states );
1177 }
1178
1179 return $out;
1180 }
1181
1182 /**
1183 * Ensure the string is either empty or ends in a line break
1184 * @param string $str
1185 * @return string
1186 */
1187 private function ensureNewline( $str ) {
1188 $end = substr( $str, -1 );
1189 if ( $end === false || $end === '' || $end === "\n" ) {
1190 return $str;
1191 }
1192 return $str . "\n";
1193 }
1194
1195 /**
1196 * Get names of modules that use a certain message.
1197 *
1198 * @param string $messageKey
1199 * @return array List of module names
1200 */
1201 public function getModulesByMessage( $messageKey ) {
1202 $moduleNames = [];
1203 foreach ( $this->getModuleNames() as $moduleName ) {
1204 $module = $this->getModule( $moduleName );
1205 if ( in_array( $messageKey, $module->getMessages() ) ) {
1206 $moduleNames[] = $moduleName;
1207 }
1208 }
1209 return $moduleNames;
1210 }
1211
1212 /**
1213 * Return JS code that calls mw.loader.implement with given module properties.
1214 *
1215 * @param string $name Module name or implement key (format "`[name]@[version]`")
1216 * @param XmlJsCode|array|string $scripts Code as XmlJsCode (to be wrapped in a closure),
1217 * list of URLs to JavaScript files, string of JavaScript for `$.globalEval`, or array with
1218 * 'files' and 'main' properties (see ResourceLoaderModule::getScript())
1219 * @param mixed $styles Array of CSS strings keyed by media type, or an array of lists of URLs
1220 * to CSS files keyed by media type
1221 * @param mixed $messages List of messages associated with this module. May either be an
1222 * associative array mapping message key to value, or a JSON-encoded message blob containing
1223 * the same data, wrapped in an XmlJsCode object.
1224 * @param array $templates Keys are name of templates and values are the source of
1225 * the template.
1226 * @throws MWException
1227 * @return string JavaScript code
1228 */
1229 protected static function makeLoaderImplementScript(
1230 $name, $scripts, $styles, $messages, $templates
1231 ) {
1232 if ( $scripts instanceof XmlJsCode ) {
1233 if ( $scripts->value === '' ) {
1234 $scripts = null;
1235 } elseif ( self::inDebugMode() ) {
1236 $scripts = new XmlJsCode( "function ( $, jQuery, require, module ) {\n{$scripts->value}\n}" );
1237 } else {
1238 $scripts = new XmlJsCode( 'function($,jQuery,require,module){' . $scripts->value . '}' );
1239 }
1240 } elseif ( is_array( $scripts ) && isset( $scripts['files'] ) ) {
1241 $files = $scripts['files'];
1242 foreach ( $files as $path => &$file ) {
1243 // $file is changed (by reference) from a descriptor array to the content of the file
1244 // All of these essentially do $file = $file['content'];, some just have wrapping around it
1245 if ( $file['type'] === 'script' ) {
1246 // Multi-file modules only get two parameters ($ and jQuery are being phased out)
1247 if ( self::inDebugMode() ) {
1248 $file = new XmlJsCode( "function ( require, module ) {\n{$file['content']}\n}" );
1249 } else {
1250 $file = new XmlJsCode( 'function(require,module){' . $file['content'] . '}' );
1251 }
1252 } else {
1253 $file = $file['content'];
1254 }
1255 }
1256 $scripts = XmlJsCode::encodeObject( [
1257 'main' => $scripts['main'],
1258 'files' => XmlJsCode::encodeObject( $files, self::inDebugMode() )
1259 ], self::inDebugMode() );
1260 } elseif ( !is_string( $scripts ) && !is_array( $scripts ) ) {
1261 throw new MWException( 'Invalid scripts error. Array of URLs or string of code expected.' );
1262 }
1263
1264 // mw.loader.implement requires 'styles', 'messages' and 'templates' to be objects (not
1265 // arrays). json_encode considers empty arrays to be numerical and outputs "[]" instead
1266 // of "{}". Force them to objects.
1267 $module = [
1268 $name,
1269 $scripts,
1270 (object)$styles,
1271 (object)$messages,
1272 (object)$templates
1273 ];
1274 self::trimArray( $module );
1275
1276 return Xml::encodeJsCall( 'mw.loader.implement', $module, self::inDebugMode() );
1277 }
1278
1279 /**
1280 * Returns JS code which, when called, will register a given list of messages.
1281 *
1282 * @param mixed $messages Associative array mapping message key to value.
1283 * @return string JavaScript code
1284 */
1285 public static function makeMessageSetScript( $messages ) {
1286 return 'mw.messages.set('
1287 . self::encodeJsonForScript( (object)$messages )
1288 . ');';
1289 }
1290
1291 /**
1292 * Combines an associative array mapping media type to CSS into a
1293 * single stylesheet with "@media" blocks.
1294 *
1295 * @param array $stylePairs Array keyed by media type containing (arrays of) CSS strings
1296 * @return array
1297 */
1298 public static function makeCombinedStyles( array $stylePairs ) {
1299 $out = [];
1300 foreach ( $stylePairs as $media => $styles ) {
1301 // ResourceLoaderFileModule::getStyle can return the styles
1302 // as a string or an array of strings. This is to allow separation in
1303 // the front-end.
1304 $styles = (array)$styles;
1305 foreach ( $styles as $style ) {
1306 $style = trim( $style );
1307 // Don't output an empty "@media print { }" block (T42498)
1308 if ( $style !== '' ) {
1309 // Transform the media type based on request params and config
1310 // The way that this relies on $wgRequest to propagate request params is slightly evil
1311 $media = OutputPage::transformCssMedia( $media );
1312
1313 if ( $media === '' || $media == 'all' ) {
1314 $out[] = $style;
1315 } elseif ( is_string( $media ) ) {
1316 $out[] = "@media $media {\n" . str_replace( "\n", "\n\t", "\t" . $style ) . "}";
1317 }
1318 // else: skip
1319 }
1320 }
1321 }
1322 return $out;
1323 }
1324
1325 /**
1326 * Wrapper around json_encode that avoids needless escapes,
1327 * and pretty-prints in debug mode.
1328 *
1329 * @internal
1330 * @since 1.32
1331 * @param mixed $data
1332 * @return string|false JSON string, false on error
1333 */
1334 public static function encodeJsonForScript( $data ) {
1335 // Keep output as small as possible by disabling needless escape modes
1336 // that PHP uses by default.
1337 // However, while most module scripts are only served on HTTP responses
1338 // for JavaScript, some modules can also be embedded in the HTML as inline
1339 // scripts. This, and the fact that we sometimes need to export strings
1340 // containing user-generated content and labels that may genuinely contain
1341 // a sequences like "</script>", we need to encode either '/' or '<'.
1342 // By default PHP escapes '/'. Let's escape '<' instead which is less common
1343 // and allows URLs to mostly remain readable.
1344 $jsonFlags = JSON_UNESCAPED_SLASHES |
1345 JSON_UNESCAPED_UNICODE |
1346 JSON_HEX_TAG |
1347 JSON_HEX_AMP;
1348 if ( self::inDebugMode() ) {
1349 $jsonFlags |= JSON_PRETTY_PRINT;
1350 }
1351 return json_encode( $data, $jsonFlags );
1352 }
1353
1354 /**
1355 * Returns a JS call to mw.loader.state, which sets the state of one
1356 * ore more modules to a given value. Has two calling conventions:
1357 *
1358 * - ResourceLoader::makeLoaderStateScript( $name, $state ):
1359 * Set the state of a single module called $name to $state
1360 *
1361 * - ResourceLoader::makeLoaderStateScript( [ $name => $state, ... ] ):
1362 * Set the state of modules with the given names to the given states
1363 *
1364 * @param array|string $states
1365 * @param string|null $state
1366 * @return string JavaScript code
1367 */
1368 public static function makeLoaderStateScript( $states, $state = null ) {
1369 if ( !is_array( $states ) ) {
1370 $states = [ $states => $state ];
1371 }
1372 return 'mw.loader.state('
1373 . self::encodeJsonForScript( $states )
1374 . ');';
1375 }
1376
1377 private static function isEmptyObject( stdClass $obj ) {
1378 foreach ( $obj as $key => $value ) {
1379 return false;
1380 }
1381 return true;
1382 }
1383
1384 /**
1385 * Remove empty values from the end of an array.
1386 *
1387 * Values considered empty:
1388 *
1389 * - null
1390 * - []
1391 * - new XmlJsCode( '{}' )
1392 * - new stdClass() // (object) []
1393 *
1394 * @param array $array
1395 */
1396 private static function trimArray( array &$array ) {
1397 $i = count( $array );
1398 while ( $i-- ) {
1399 if ( $array[$i] === null
1400 || $array[$i] === []
1401 || ( $array[$i] instanceof XmlJsCode && $array[$i]->value === '{}' )
1402 || ( $array[$i] instanceof stdClass && self::isEmptyObject( $array[$i] ) )
1403 ) {
1404 unset( $array[$i] );
1405 } else {
1406 break;
1407 }
1408 }
1409 }
1410
1411 /**
1412 * Returns JS code which calls mw.loader.register with the given
1413 * parameter.
1414 *
1415 * @par Example
1416 * @code
1417 *
1418 * ResourceLoader::makeLoaderRegisterScript( [
1419 * [ $name1, $version1, $dependencies1, $group1, $source1, $skip1 ],
1420 * [ $name2, $version2, $dependencies1, $group2, $source2, $skip2 ],
1421 * ...
1422 * ] ):
1423 * @endcode
1424 *
1425 * @internal
1426 * @since 1.32
1427 * @param array $modules Array of module registration arrays, each containing
1428 * - string: module name
1429 * - string: module version
1430 * - array|null: List of dependencies (optional)
1431 * - string|null: Module group (optional)
1432 * - string|null: Name of foreign module source, or 'local' (optional)
1433 * - string|null: Script body of a skip function (optional)
1434 * @return string JavaScript code
1435 */
1436 public static function makeLoaderRegisterScript( array $modules ) {
1437 // Optimisation: Transform dependency names into indexes when possible
1438 // to produce smaller output. They are expanded by mw.loader.register on
1439 // the other end using resolveIndexedDependencies().
1440 $index = [];
1441 foreach ( $modules as $i => &$module ) {
1442 // Build module name index
1443 $index[$module[0]] = $i;
1444 }
1445 foreach ( $modules as &$module ) {
1446 if ( isset( $module[2] ) ) {
1447 foreach ( $module[2] as &$dependency ) {
1448 if ( isset( $index[$dependency] ) ) {
1449 // Replace module name in dependency list with index
1450 $dependency = $index[$dependency];
1451 }
1452 }
1453 }
1454 }
1455
1456 array_walk( $modules, [ self::class, 'trimArray' ] );
1457
1458 return 'mw.loader.register('
1459 . self::encodeJsonForScript( $modules )
1460 . ');';
1461 }
1462
1463 /**
1464 * Returns JS code which calls mw.loader.addSource() with the given
1465 * parameters. Has two calling conventions:
1466 *
1467 * - ResourceLoader::makeLoaderSourcesScript( $id, $properties ):
1468 * Register a single source
1469 *
1470 * - ResourceLoader::makeLoaderSourcesScript( [ $id1 => $loadUrl, $id2 => $loadUrl, ... ] );
1471 * Register sources with the given IDs and properties.
1472 *
1473 * @param string|array $sources Source ID
1474 * @param string|null $loadUrl load.php url
1475 * @return string JavaScript code
1476 */
1477 public static function makeLoaderSourcesScript( $sources, $loadUrl = null ) {
1478 if ( !is_array( $sources ) ) {
1479 $sources = [ $sources => $loadUrl ];
1480 }
1481 return 'mw.loader.addSource('
1482 . self::encodeJsonForScript( $sources )
1483 . ');';
1484 }
1485
1486 /**
1487 * Wraps JavaScript code to run after the startup module.
1488 *
1489 * @param string $script JavaScript code
1490 * @return string JavaScript code
1491 */
1492 public static function makeLoaderConditionalScript( $script ) {
1493 // Adds a function to lazy-created RLQ
1494 return '(RLQ=window.RLQ||[]).push(function(){' .
1495 trim( $script ) . '});';
1496 }
1497
1498 /**
1499 * Wraps JavaScript code to run after a required module.
1500 *
1501 * @since 1.32
1502 * @param string|string[] $modules Module name(s)
1503 * @param string $script JavaScript code
1504 * @return string JavaScript code
1505 */
1506 public static function makeInlineCodeWithModule( $modules, $script ) {
1507 // Adds an array to lazy-created RLQ
1508 return '(RLQ=window.RLQ||[]).push(['
1509 . self::encodeJsonForScript( $modules ) . ','
1510 . 'function(){' . trim( $script ) . '}'
1511 . ']);';
1512 }
1513
1514 /**
1515 * Returns an HTML script tag that runs given JS code after startup and base modules.
1516 *
1517 * The code will be wrapped in a closure, and it will be executed by ResourceLoader's
1518 * startup module if the client has adequate support for MediaWiki JavaScript code.
1519 *
1520 * @param string $script JavaScript code
1521 * @param string|null $nonce [optional] Content-Security-Policy nonce
1522 * (from OutputPage::getCSPNonce)
1523 * @return string|WrappedString HTML
1524 */
1525 public static function makeInlineScript( $script, $nonce = null ) {
1526 $js = self::makeLoaderConditionalScript( $script );
1527 $escNonce = '';
1528 if ( $nonce === null ) {
1529 wfWarn( __METHOD__ . " did not get nonce. Will break CSP" );
1530 } elseif ( $nonce !== false ) {
1531 // If it was false, CSP is disabled, so no nonce attribute.
1532 // Nonce should be only base64 characters, so should be safe,
1533 // but better to be safely escaped than sorry.
1534 $escNonce = ' nonce="' . htmlspecialchars( $nonce ) . '"';
1535 }
1536
1537 return new WrappedString(
1538 Html::inlineScript( $js, $nonce ),
1539 "<script$escNonce>(RLQ=window.RLQ||[]).push(function(){",
1540 '});</script>'
1541 );
1542 }
1543
1544 /**
1545 * Returns JS code which will set the MediaWiki configuration array to
1546 * the given value.
1547 *
1548 * @param array $configuration List of configuration values keyed by variable name
1549 * @return string JavaScript code
1550 * @throws Exception
1551 */
1552 public static function makeConfigSetScript( array $configuration ) {
1553 $json = self::encodeJsonForScript( $configuration );
1554 if ( $json === false ) {
1555 $e = new Exception(
1556 'JSON serialization of config data failed. ' .
1557 'This usually means the config data is not valid UTF-8.'
1558 );
1559 MWExceptionHandler::logException( $e );
1560 return 'mw.log.error(' . self::encodeJsonForScript( $e->__toString() ) . ');';
1561 }
1562 return "mw.config.set($json);";
1563 }
1564
1565 /**
1566 * Convert an array of module names to a packed query string.
1567 *
1568 * For example, `[ 'foo.bar', 'foo.baz', 'bar.baz', 'bar.quux' ]`
1569 * becomes `'foo.bar,baz|bar.baz,quux'`.
1570 *
1571 * This process is reversed by ResourceLoader::expandModuleNames().
1572 * See also mw.loader#buildModulesString() which is a port of this, used
1573 * on the client-side.
1574 *
1575 * @param array $modules List of module names (strings)
1576 * @return string Packed query string
1577 */
1578 public static function makePackedModulesString( $modules ) {
1579 $moduleMap = []; // [ prefix => [ suffixes ] ]
1580 foreach ( $modules as $module ) {
1581 $pos = strrpos( $module, '.' );
1582 $prefix = $pos === false ? '' : substr( $module, 0, $pos );
1583 $suffix = $pos === false ? $module : substr( $module, $pos + 1 );
1584 $moduleMap[$prefix][] = $suffix;
1585 }
1586
1587 $arr = [];
1588 foreach ( $moduleMap as $prefix => $suffixes ) {
1589 $p = $prefix === '' ? '' : $prefix . '.';
1590 $arr[] = $p . implode( ',', $suffixes );
1591 }
1592 return implode( '|', $arr );
1593 }
1594
1595 /**
1596 * Expand a string of the form `jquery.foo,bar|jquery.ui.baz,quux` to
1597 * an array of module names like `[ 'jquery.foo', 'jquery.bar',
1598 * 'jquery.ui.baz', 'jquery.ui.quux' ]`.
1599 *
1600 * This process is reversed by ResourceLoader::makePackedModulesString().
1601 *
1602 * @since 1.33
1603 * @param string $modules Packed module name list
1604 * @return array Array of module names
1605 */
1606 public static function expandModuleNames( $modules ) {
1607 $retval = [];
1608 $exploded = explode( '|', $modules );
1609 foreach ( $exploded as $group ) {
1610 if ( strpos( $group, ',' ) === false ) {
1611 // This is not a set of modules in foo.bar,baz notation
1612 // but a single module
1613 $retval[] = $group;
1614 } else {
1615 // This is a set of modules in foo.bar,baz notation
1616 $pos = strrpos( $group, '.' );
1617 if ( $pos === false ) {
1618 // Prefixless modules, i.e. without dots
1619 $retval = array_merge( $retval, explode( ',', $group ) );
1620 } else {
1621 // We have a prefix and a bunch of suffixes
1622 $prefix = substr( $group, 0, $pos ); // 'foo'
1623 $suffixes = explode( ',', substr( $group, $pos + 1 ) ); // [ 'bar', 'baz' ]
1624 foreach ( $suffixes as $suffix ) {
1625 $retval[] = "$prefix.$suffix";
1626 }
1627 }
1628 }
1629 }
1630 return $retval;
1631 }
1632
1633 /**
1634 * Determine whether debug mode was requested
1635 * Order of priority is 1) request param, 2) cookie, 3) $wg setting
1636 * @return bool
1637 */
1638 public static function inDebugMode() {
1639 if ( self::$debugMode === null ) {
1640 global $wgRequest, $wgResourceLoaderDebug;
1641 self::$debugMode = $wgRequest->getFuzzyBool( 'debug',
1642 $wgRequest->getCookie( 'resourceLoaderDebug', '', $wgResourceLoaderDebug )
1643 );
1644 }
1645 return self::$debugMode;
1646 }
1647
1648 /**
1649 * Reset static members used for caching.
1650 *
1651 * Global state and $wgRequest are evil, but we're using it right
1652 * now and sometimes we need to be able to force ResourceLoader to
1653 * re-evaluate the context because it has changed (e.g. in the test suite).
1654 *
1655 * @internal For use by unit tests
1656 * @codeCoverageIgnore
1657 */
1658 public static function clearCache() {
1659 self::$debugMode = null;
1660 }
1661
1662 /**
1663 * Build a load.php URL
1664 *
1665 * @since 1.24
1666 * @param string $source Name of the ResourceLoader source
1667 * @param ResourceLoaderContext $context
1668 * @param array $extraQuery
1669 * @return string URL to load.php. May be protocol-relative if $wgLoadScript is, too.
1670 */
1671 public function createLoaderURL( $source, ResourceLoaderContext $context,
1672 $extraQuery = []
1673 ) {
1674 $query = self::createLoaderQuery( $context, $extraQuery );
1675 $script = $this->getLoadScript( $source );
1676
1677 return wfAppendQuery( $script, $query );
1678 }
1679
1680 /**
1681 * Helper for createLoaderURL()
1682 *
1683 * @since 1.24
1684 * @see makeLoaderQuery
1685 * @param ResourceLoaderContext $context
1686 * @param array $extraQuery
1687 * @return array
1688 */
1689 protected static function createLoaderQuery( ResourceLoaderContext $context, $extraQuery = [] ) {
1690 return self::makeLoaderQuery(
1691 $context->getModules(),
1692 $context->getLanguage(),
1693 $context->getSkin(),
1694 $context->getUser(),
1695 $context->getVersion(),
1696 $context->getDebug(),
1697 $context->getOnly(),
1698 $context->getRequest()->getBool( 'printable' ),
1699 $context->getRequest()->getBool( 'handheld' ),
1700 $extraQuery
1701 );
1702 }
1703
1704 /**
1705 * Build a query array (array representation of query string) for load.php. Helper
1706 * function for createLoaderURL().
1707 *
1708 * @param array $modules
1709 * @param string $lang
1710 * @param string $skin
1711 * @param string|null $user
1712 * @param string|null $version
1713 * @param bool $debug
1714 * @param string|null $only
1715 * @param bool $printable
1716 * @param bool $handheld
1717 * @param array $extraQuery
1718 * @return array
1719 */
1720 public static function makeLoaderQuery( $modules, $lang, $skin, $user = null,
1721 $version = null, $debug = false, $only = null, $printable = false,
1722 $handheld = false, $extraQuery = []
1723 ) {
1724 $query = [
1725 'modules' => self::makePackedModulesString( $modules ),
1726 ];
1727 // Keep urls short by omitting query parameters that
1728 // match the defaults assumed by ResourceLoaderContext.
1729 // Note: This relies on the defaults either being insignificant or forever constant,
1730 // as otherwise cached urls could change in meaning when the defaults change.
1731 if ( $lang !== ResourceLoaderContext::DEFAULT_LANG ) {
1732 $query['lang'] = $lang;
1733 }
1734 if ( $skin !== ResourceLoaderContext::DEFAULT_SKIN ) {
1735 $query['skin'] = $skin;
1736 }
1737 if ( $debug === true ) {
1738 $query['debug'] = 'true';
1739 }
1740 if ( $user !== null ) {
1741 $query['user'] = $user;
1742 }
1743 if ( $version !== null ) {
1744 $query['version'] = $version;
1745 }
1746 if ( $only !== null ) {
1747 $query['only'] = $only;
1748 }
1749 if ( $printable ) {
1750 $query['printable'] = 1;
1751 }
1752 if ( $handheld ) {
1753 $query['handheld'] = 1;
1754 }
1755 $query += $extraQuery;
1756
1757 // Make queries uniform in order
1758 ksort( $query );
1759 return $query;
1760 }
1761
1762 /**
1763 * Check a module name for validity.
1764 *
1765 * Module names may not contain pipes (|), commas (,) or exclamation marks (!) and can be
1766 * at most 255 bytes.
1767 *
1768 * @param string $moduleName Module name to check
1769 * @return bool Whether $moduleName is a valid module name
1770 */
1771 public static function isValidModuleName( $moduleName ) {
1772 return strcspn( $moduleName, '!,|', 0, 255 ) === strlen( $moduleName );
1773 }
1774
1775 /**
1776 * Returns LESS compiler set up for use with MediaWiki
1777 *
1778 * @since 1.27
1779 * @param array $vars Associative array of variables that should be used
1780 * for compilation. Since 1.32, this method no longer automatically includes
1781 * global LESS vars from ResourceLoader::getLessVars (T191937).
1782 * @throws MWException
1783 * @return Less_Parser
1784 */
1785 public function getLessCompiler( $vars = [] ) {
1786 global $IP;
1787 // When called from the installer, it is possible that a required PHP extension
1788 // is missing (at least for now; see T49564). If this is the case, throw an
1789 // exception (caught by the installer) to prevent a fatal error later on.
1790 if ( !class_exists( 'Less_Parser' ) ) {
1791 throw new MWException( 'MediaWiki requires the less.php parser' );
1792 }
1793
1794 $parser = new Less_Parser;
1795 $parser->ModifyVars( $vars );
1796 $parser->SetImportDirs( [
1797 "$IP/resources/src/mediawiki.less/" => '',
1798 ] );
1799 $parser->SetOption( 'relativeUrls', false );
1800
1801 return $parser;
1802 }
1803
1804 /**
1805 * Get global LESS variables.
1806 *
1807 * @since 1.27
1808 * @deprecated since 1.32 Use ResourceLoderModule::getLessVars() instead.
1809 * @return array Map of variable names to string CSS values.
1810 */
1811 public function getLessVars() {
1812 return [];
1813 }
1814 }
Wiklou, le Wiki du Wiklou