dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "registration: Avoid redundant LBYL check in ExtensionRegistry::queue()"
[lhc/web/wiklou.git] / includes / resourceloader / ResourceLoader.php
1 <?php
2 /**
3 * Base class for resource loading system.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @author Roan Kattouw
22 * @author Trevor Parscal
23 */
24
25 use MediaWiki\MediaWikiServices;
26 use Psr\Log\LoggerAwareInterface;
27 use Psr\Log\LoggerInterface;
28 use Psr\Log\NullLogger;
29 use Wikimedia\Rdbms\DBConnectionError;
30 use Wikimedia\WrappedString;
31
32 /**
33 * Dynamic JavaScript and CSS resource loading system.
34 *
35 * Most of the documentation is on the MediaWiki documentation wiki starting at:
36 * https://www.mediawiki.org/wiki/ResourceLoader
37 */
38 class ResourceLoader implements LoggerAwareInterface {
39 /** @var Config $config */
40 protected $config;
41 /** @var MessageBlobStore */
42 protected $blobStore;
43
44 /** @var LoggerInterface */
45 private $logger;
46
47 /** @var ResourceLoaderModule[] Map of (module name => ResourceLoaderModule) */
48 protected $modules = [];
49 /** @var array[] Map of (module name => associative info array) */
50 protected $moduleInfos = [];
51 /**
52 * Associative array mapping framework ids to a list of names of test suite modules
53 * like [ 'qunit' => [ 'mediawiki.tests.qunit.suites', 'ext.foo.tests', ... ], ... ]
54 * @var array
55 */
56 protected $testModuleNames = [];
57 /** @var string[] List of module names that contain QUnit test suites */
58 protected $testSuiteModuleNames = [];
59
60 /** @var array Map of (source => path); E.g. [ 'source-id' => 'http://.../load.php' ] */
61 protected $sources = [];
62 /** @var array Errors accumulated during current respond() call */
63 protected $errors = [];
64 /** @var string[] Extra HTTP response headers from modules loaded in makeModuleResponse() */
65 protected $extraHeaders = [];
66
67 /** @var bool */
68 protected static $debugMode = null;
69
70 /** @var int */
71 const CACHE_VERSION = 8;
72
73 /** @var string JavaScript / CSS pragma to disable minification. * */
74 const FILTER_NOMIN = '/*@nomin*/';
75
76 /**
77 * Load information stored in the database about modules.
78 *
79 * This method grabs modules dependencies from the database and updates modules
80 * objects.
81 *
82 * This is not inside the module code because it is much faster to
83 * request all of the information at once than it is to have each module
84 * requests its own information. This sacrifice of modularity yields a substantial
85 * performance improvement.
86 *
87 * @param array $moduleNames List of module names to preload information for
88 * @param ResourceLoaderContext $context Context to load the information within
89 */
90 public function preloadModuleInfo( array $moduleNames, ResourceLoaderContext $context ) {
91 if ( !$moduleNames ) {
92 // Or else Database*::select() will explode, plus it's cheaper!
93 return;
94 }
95 $dbr = wfGetDB( DB_REPLICA );
96 $lang = $context->getLanguage();
97
98 // Batched version of ResourceLoaderModule::getFileDependencies
99 $vary = ResourceLoaderModule::getVary( $context );
100 $res = $dbr->select( 'module_deps', [ 'md_module', 'md_deps' ], [
101 'md_module' => $moduleNames,
102 'md_skin' => $vary,
103 ], __METHOD__
104 );
105
106 // Prime in-object cache for file dependencies
107 $modulesWithDeps = [];
108 foreach ( $res as $row ) {
109 $module = $this->getModule( $row->md_module );
110 if ( $module ) {
111 $module->setFileDependencies( $context, ResourceLoaderModule::expandRelativePaths(
112 json_decode( $row->md_deps, true )
113 ) );
114 $modulesWithDeps[] = $row->md_module;
115 }
116 }
117 // Register the absence of a dependency row too
118 foreach ( array_diff( $moduleNames, $modulesWithDeps ) as $name ) {
119 $module = $this->getModule( $name );
120 if ( $module ) {
121 $this->getModule( $name )->setFileDependencies( $context, [] );
122 }
123 }
124
125 // Batched version of ResourceLoaderWikiModule::getTitleInfo
126 ResourceLoaderWikiModule::preloadTitleInfo( $context, $dbr, $moduleNames );
127
128 // Prime in-object cache for message blobs for modules with messages
129 $modules = [];
130 foreach ( $moduleNames as $name ) {
131 $module = $this->getModule( $name );
132 if ( $module && $module->getMessages() ) {
133 $modules[$name] = $module;
134 }
135 }
136 $store = $this->getMessageBlobStore();
137 $blobs = $store->getBlobs( $modules, $lang );
138 foreach ( $blobs as $name => $blob ) {
139 $modules[$name]->setMessageBlob( $blob, $lang );
140 }
141 }
142
143 /**
144 * Run JavaScript or CSS data through a filter, caching the filtered result for future calls.
145 *
146 * Available filters are:
147 *
148 * - minify-js \see JavaScriptMinifier::minify
149 * - minify-css \see CSSMin::minify
150 *
151 * If $data is empty, only contains whitespace or the filter was unknown,
152 * $data is returned unmodified.
153 *
154 * @param string $filter Name of filter to run
155 * @param string $data Text to filter, such as JavaScript or CSS text
156 * @param array $options Keys:
157 * - (bool) cache: Whether to allow caching this data. Default: true.
158 * @return string Filtered data, or a comment containing an error message
159 */
160 public static function filter( $filter, $data, array $options = [] ) {
161 if ( strpos( $data, self::FILTER_NOMIN ) !== false ) {
162 return $data;
163 }
164
165 if ( isset( $options['cache'] ) && $options['cache'] === false ) {
166 return self::applyFilter( $filter, $data );
167 }
168
169 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
170 $cache = ObjectCache::getLocalServerInstance( CACHE_ANYTHING );
171
172 $key = $cache->makeGlobalKey(
173 'resourceloader-filter',
174 $filter,
175 self::CACHE_VERSION,
176 md5( $data )
177 );
178
179 $result = $cache->get( $key );
180 if ( $result === false ) {
181 $stats->increment( "resourceloader_cache.$filter.miss" );
182 $result = self::applyFilter( $filter, $data );
183 $cache->set( $key, $result, 24 * 3600 );
184 } else {
185 $stats->increment( "resourceloader_cache.$filter.hit" );
186 }
187 if ( $result === null ) {
188 // Cached failure
189 $result = $data;
190 }
191
192 return $result;
193 }
194
195 private static function applyFilter( $filter, $data ) {
196 $data = trim( $data );
197 if ( $data ) {
198 try {
199 $data = ( $filter === 'minify-css' )
200 ? CSSMin::minify( $data )
201 : JavaScriptMinifier::minify( $data );
202 } catch ( Exception $e ) {
203 MWExceptionHandler::logException( $e );
204 return null;
205 }
206 }
207 return $data;
208 }
209
210 /**
211 * Register core modules and runs registration hooks.
212 * @param Config|null $config
213 * @param LoggerInterface|null $logger [optional]
214 */
215 public function __construct( Config $config = null, LoggerInterface $logger = null ) {
216 $this->logger = $logger ?: new NullLogger();
217
218 if ( !$config ) {
219 wfDeprecated( __METHOD__ . ' without a Config instance', '1.34' );
220 $config = MediaWikiServices::getInstance()->getMainConfig();
221 }
222 $this->config = $config;
223
224 // Add 'local' source first
225 $this->addSource( 'local', $config->get( 'LoadScript' ) );
226
227 // Special module that always exists
228 $this->register( 'startup', [ 'class' => ResourceLoaderStartUpModule::class ] );
229
230 $this->setMessageBlobStore( new MessageBlobStore( $this, $this->logger ) );
231 }
232
233 /**
234 * @return Config
235 */
236 public function getConfig() {
237 return $this->config;
238 }
239
240 /**
241 * @since 1.26
242 * @param LoggerInterface $logger
243 */
244 public function setLogger( LoggerInterface $logger ) {
245 $this->logger = $logger;
246 }
247
248 /**
249 * @since 1.27
250 * @return LoggerInterface
251 */
252 public function getLogger() {
253 return $this->logger;
254 }
255
256 /**
257 * @since 1.26
258 * @return MessageBlobStore
259 */
260 public function getMessageBlobStore() {
261 return $this->blobStore;
262 }
263
264 /**
265 * @since 1.25
266 * @param MessageBlobStore $blobStore
267 */
268 public function setMessageBlobStore( MessageBlobStore $blobStore ) {
269 $this->blobStore = $blobStore;
270 }
271
272 /**
273 * Register a module with the ResourceLoader system.
274 *
275 * @param string|array[] $name Module name as a string or, array of module info arrays
276 * keyed by name.
277 * @param array|null $info Module info array. When using the first parameter to register
278 * multiple modules at once, this parameter is optional.
279 * @throws MWException If a duplicate module registration is attempted
280 * @throws MWException If a module name contains illegal characters (pipes or commas)
281 * @throws InvalidArgumentException If the module info is not an array
282 */
283 public function register( $name, $info = null ) {
284 $moduleSkinStyles = $this->config->get( 'ResourceModuleSkinStyles' );
285
286 // Allow multiple modules to be registered in one call
287 $registrations = is_array( $name ) ? $name : [ $name => $info ];
288 foreach ( $registrations as $name => $info ) {
289 // Warn on duplicate registrations
290 if ( isset( $this->moduleInfos[$name] ) ) {
291 // A module has already been registered by this name
292 $this->logger->warning(
293 'ResourceLoader duplicate registration warning. ' .
294 'Another module has already been registered as ' . $name
295 );
296 }
297
298 // Check validity
299 if ( !self::isValidModuleName( $name ) ) {
300 throw new MWException( "ResourceLoader module name '$name' is invalid, "
301 . "see ResourceLoader::isValidModuleName()" );
302 }
303 if ( !is_array( $info ) ) {
304 throw new InvalidArgumentException(
305 'Invalid module info for "' . $name . '": expected array, got ' . gettype( $info )
306 );
307 }
308
309 // Attach module
310 $this->moduleInfos[$name] = $info;
311
312 // Last-minute changes
313 // Apply custom skin-defined styles to existing modules.
314 if ( $this->isFileModule( $name ) ) {
315 foreach ( $moduleSkinStyles as $skinName => $skinStyles ) {
316 // If this module already defines skinStyles for this skin, ignore $wgResourceModuleSkinStyles.
317 if ( isset( $this->moduleInfos[$name]['skinStyles'][$skinName] ) ) {
318 continue;
319 }
320
321 // If $name is preceded with a '+', the defined style files will be added to 'default'
322 // skinStyles, otherwise 'default' will be ignored as it normally would be.
323 if ( isset( $skinStyles[$name] ) ) {
324 $paths = (array)$skinStyles[$name];
325 $styleFiles = [];
326 } elseif ( isset( $skinStyles['+' . $name] ) ) {
327 $paths = (array)$skinStyles['+' . $name];
328 $styleFiles = isset( $this->moduleInfos[$name]['skinStyles']['default'] ) ?
329 (array)$this->moduleInfos[$name]['skinStyles']['default'] :
330 [];
331 } else {
332 continue;
333 }
334
335 // Add new file paths, remapping them to refer to our directories and not use settings
336 // from the module we're modifying, which come from the base definition.
337 list( $localBasePath, $remoteBasePath ) =
338 ResourceLoaderFileModule::extractBasePaths( $skinStyles );
339
340 foreach ( $paths as $path ) {
341 $styleFiles[] = new ResourceLoaderFilePath( $path, $localBasePath, $remoteBasePath );
342 }
343
344 $this->moduleInfos[$name]['skinStyles'][$skinName] = $styleFiles;
345 }
346 }
347 }
348 }
349
350 /**
351 * @internal For use by ServiceWiring only
352 * @codeCoverageIgnore
353 */
354 public function registerTestModules() {
355 global $IP;
356
357 if ( $this->config->get( 'EnableJavaScriptTest' ) !== true ) {
358 throw new MWException( 'Attempt to register JavaScript test modules '
359 . 'but <code>$wgEnableJavaScriptTest</code> is false. '
360 . 'Edit your <code>LocalSettings.php</code> to enable it.' );
361 }
362
363 // This has a 'qunit' key for compat with the below hook.
364 $testModulesMeta = [ 'qunit' => [] ];
365
366 // Get test suites from extensions
367 // Avoid PHP 7.1 warning from passing $this by reference
368 $rl = $this;
369 Hooks::run( 'ResourceLoaderTestModules', [ &$testModulesMeta, &$rl ] );
370 $extRegistry = ExtensionRegistry::getInstance();
371 // In case of conflict, the deprecated hook has precedence.
372 $testModules = $testModulesMeta['qunit'] + $extRegistry->getAttribute( 'QUnitTestModules' );
373
374 $testSuiteModuleNames = [];
375 foreach ( $testModules as $name => &$module ) {
376 // Turn any single-module dependency into an array
377 if ( isset( $module['dependencies'] ) && is_string( $module['dependencies'] ) ) {
378 $module['dependencies'] = [ $module['dependencies'] ];
379 }
380
381 // Ensure the testrunner loads before any test suites
382 $module['dependencies'][] = 'test.mediawiki.qunit.testrunner';
383
384 // Keep track of the test suites to load on SpecialJavaScriptTest
385 $testSuiteModuleNames[] = $name;
386 }
387
388 // Core test suites (their names have further precedence).
389 $testModules = ( include "$IP/tests/qunit/QUnitTestResources.php" ) + $testModules;
390 $testSuiteModuleNames[] = 'test.mediawiki.qunit.suites';
391
392 $this->register( $testModules );
393 $this->testSuiteModuleNames = $testSuiteModuleNames;
394 }
395
396 /**
397 * Add a foreign source of modules.
398 *
399 * Source IDs are typically the same as the Wiki ID or database name (e.g. lowercase a-z).
400 *
401 * @param array|string $id Source ID (string), or [ id1 => loadUrl, id2 => loadUrl, ... ]
402 * @param string|array|null $loadUrl load.php url (string), or array with loadUrl key for
403 * backwards-compatibility.
404 * @throws MWException
405 */
406 public function addSource( $id, $loadUrl = null ) {
407 // Allow multiple sources to be registered in one call
408 if ( is_array( $id ) ) {
409 foreach ( $id as $key => $value ) {
410 $this->addSource( $key, $value );
411 }
412 return;
413 }
414
415 // Disallow duplicates
416 if ( isset( $this->sources[$id] ) ) {
417 throw new MWException(
418 'ResourceLoader duplicate source addition error. ' .
419 'Another source has already been registered as ' . $id
420 );
421 }
422
423 // Pre 1.24 backwards-compatibility
424 if ( is_array( $loadUrl ) ) {
425 if ( !isset( $loadUrl['loadScript'] ) ) {
426 throw new MWException(
427 __METHOD__ . ' was passed an array with no "loadScript" key.'
428 );
429 }
430
431 $loadUrl = $loadUrl['loadScript'];
432 }
433
434 $this->sources[$id] = $loadUrl;
435 }
436
437 /**
438 * Get a list of module names.
439 *
440 * @return array List of module names
441 */
442 public function getModuleNames() {
443 return array_keys( $this->moduleInfos );
444 }
445
446 /**
447 * Get a list of module names with QUnit test suites.
448 *
449 * @internal For use by SpecialJavaScriptTest only
450 * @return array
451 * @codeCoverageIgnore
452 */
453 public function getTestSuiteModuleNames() {
454 return $this->testSuiteModuleNames;
455 }
456
457 /**
458 * Check whether a ResourceLoader module is registered
459 *
460 * @since 1.25
461 * @param string $name
462 * @return bool
463 */
464 public function isModuleRegistered( $name ) {
465 return isset( $this->moduleInfos[$name] );
466 }
467
468 /**
469 * Get the ResourceLoaderModule object for a given module name.
470 *
471 * If an array of module parameters exists but a ResourceLoaderModule object has not
472 * yet been instantiated, this method will instantiate and cache that object such that
473 * subsequent calls simply return the same object.
474 *
475 * @param string $name Module name
476 * @return ResourceLoaderModule|null If module has been registered, return a
477 * ResourceLoaderModule instance. Otherwise, return null.
478 */
479 public function getModule( $name ) {
480 if ( !isset( $this->modules[$name] ) ) {
481 if ( !isset( $this->moduleInfos[$name] ) ) {
482 // No such module
483 return null;
484 }
485 // Construct the requested module object
486 $info = $this->moduleInfos[$name];
487 if ( isset( $info['factory'] ) ) {
488 /** @var ResourceLoaderModule $object */
489 $object = call_user_func( $info['factory'], $info );
490 } else {
491 $class = $info['class'] ?? ResourceLoaderFileModule::class;
492 /** @var ResourceLoaderModule $object */
493 $object = new $class( $info );
494 }
495 $object->setConfig( $this->getConfig() );
496 $object->setLogger( $this->logger );
497 $object->setName( $name );
498 $this->modules[$name] = $object;
499 }
500
501 return $this->modules[$name];
502 }
503
504 /**
505 * Whether the module is a ResourceLoaderFileModule (including subclasses).
506 *
507 * @param string $name Module name
508 * @return bool
509 */
510 protected function isFileModule( $name ) {
511 if ( !isset( $this->moduleInfos[$name] ) ) {
512 return false;
513 }
514 $info = $this->moduleInfos[$name];
515 return !isset( $info['factory'] ) && (
516 // The implied default for 'class' is ResourceLoaderFileModule
517 !isset( $info['class'] ) ||
518 // Explicit default
519 $info['class'] === ResourceLoaderFileModule::class ||
520 is_subclass_of( $info['class'], ResourceLoaderFileModule::class )
521 );
522 }
523
524 /**
525 * Get the list of sources.
526 *
527 * @return array Like [ id => load.php url, ... ]
528 */
529 public function getSources() {
530 return $this->sources;
531 }
532
533 /**
534 * Get the URL to the load.php endpoint for the given
535 * ResourceLoader source
536 *
537 * @since 1.24
538 * @param string $source
539 * @throws MWException On an invalid $source name
540 * @return string
541 */
542 public function getLoadScript( $source ) {
543 if ( !isset( $this->sources[$source] ) ) {
544 throw new MWException( "The $source source was never registered in ResourceLoader." );
545 }
546 return $this->sources[$source];
547 }
548
549 /**
550 * @internal For use by ResourceLoaderStartUpModule only.
551 */
552 const HASH_LENGTH = 5;
553
554 /**
555 * Create a hash for module versioning purposes.
556 *
557 * This hash is used in three ways:
558 *
559 * - To differentiate between the current version and a past version
560 * of a module by the same name.
561 *
562 * In the cache key of localStorage in the browser (mw.loader.store).
563 * This store keeps only one version of any given module. As long as the
564 * next version the client encounters has a different hash from the last
565 * version it saw, it will correctly discard it in favour of a network fetch.
566 *
567 * A browser may evict a site's storage container for any reason (e.g. when
568 * the user hasn't visited a site for some time, and/or when the device is
569 * low on storage space). Anecdotally it seems devices rarely keep unused
570 * storage beyond 2 weeks on mobile devices and 4 weeks on desktop.
571 * But, there is no hard limit or expiration on localStorage.
572 * ResourceLoader's Client also clears localStorage when the user changes
573 * their language preference or when they (temporarily) use Debug Mode.
574 *
575 * The only hard factors that reduce the range of possible versions are
576 * 1) the name and existence of a given module, and
577 * 2) the TTL for mw.loader.store, and
578 * 3) the `$wgResourceLoaderStorageVersion` configuration variable.
579 *
580 * - To identify a batch response of modules from load.php in an HTTP cache.
581 *
582 * When fetching modules in a batch from load.php, a combined hash
583 * is created by the JS code, and appended as query parameter.
584 *
585 * In cache proxies (e.g. Varnish, Nginx) and in the browser's HTTP cache,
586 * these urls are used to identify other previously cached responses.
587 * The range of possible versions a given version has to be unique amongst
588 * is determined by the maximum duration each response is stored for, which
589 * is controlled by `$wgResourceLoaderMaxage['versioned']`.
590 *
591 * - To detect race conditions between multiple web servers in a MediaWiki
592 * deployment of which some have the newer version and some still the older
593 * version.
594 *
595 * An HTTP request from a browser for the Startup manifest may be responded
596 * to by a server with the newer version. The browser may then use that to
597 * request a given module, which may then be responded to by a server with
598 * the older version. To avoid caching this for too long (which would pollute
599 * all other users without repairing itself), the combined hash that the JS
600 * client adds to the url is verified by the server (in ::sendResponseHeaders).
601 * If they don't match, we instruct cache proxies and clients to not cache
602 * this response as long as they normally would. This is also the reason
603 * that the algorithm used here in PHP must match the one used in JS.
604 *
605 * The fnv132 digest creates a 32-bit integer, which goes upto 4 Giga and
606 * needs up to 7 chars in base 36.
607 * Within 7 characters, base 36 can count up to 78,364,164,096 (78 Giga),
608 * (but with fnv132 we'd use very little of this range, mostly padding).
609 * Within 6 characters, base 36 can count up to 2,176,782,336 (2 Giga).
610 * Within 5 characters, base 36 can count up to 60,466,176 (60 Mega).
611 *
612 * @since 1.26
613 * @param string $value
614 * @return string Hash
615 */
616 public static function makeHash( $value ) {
617 $hash = hash( 'fnv132', $value );
618 // The base_convert will pad it (if too short),
619 // then substr() will trim it (if too long).
620 return substr(
621 Wikimedia\base_convert( $hash, 16, 36, self::HASH_LENGTH ),
622 0,
623 self::HASH_LENGTH
624 );
625 }
626
627 /**
628 * Add an error to the 'errors' array and log it.
629 *
630 * @private For internal use by ResourceLoader and ResourceLoaderStartUpModule.
631 * @since 1.29
632 * @param Exception $e
633 * @param string $msg
634 * @param array $context
635 */
636 public function outputErrorAndLog( Exception $e, $msg, array $context = [] ) {
637 MWExceptionHandler::logException( $e );
638 $this->logger->warning(
639 $msg,
640 $context + [ 'exception' => $e ]
641 );
642 $this->errors[] = self::formatExceptionNoComment( $e );
643 }
644
645 /**
646 * Helper method to get and combine versions of multiple modules.
647 *
648 * @since 1.26
649 * @param ResourceLoaderContext $context
650 * @param string[] $moduleNames List of known module names
651 * @return string Hash
652 */
653 public function getCombinedVersion( ResourceLoaderContext $context, array $moduleNames ) {
654 if ( !$moduleNames ) {
655 return '';
656 }
657 $hashes = array_map( function ( $module ) use ( $context ) {
658 try {
659 return $this->getModule( $module )->getVersionHash( $context );
660 } catch ( Exception $e ) {
661 // If modules fail to compute a version, don't fail the request (T152266)
662 // and still compute versions of other modules.
663 $this->outputErrorAndLog( $e,
664 'Calculating version for "{module}" failed: {exception}',
665 [
666 'module' => $module,
667 ]
668 );
669 return '';
670 }
671 }, $moduleNames );
672 return self::makeHash( implode( '', $hashes ) );
673 }
674
675 /**
676 * Get the expected value of the 'version' query parameter.
677 *
678 * This is used by respond() to set a short Cache-Control header for requests with
679 * information newer than the current server has. This avoids pollution of edge caches.
680 * Typically during deployment. (T117587)
681 *
682 * This MUST match return value of `mw.loader#getCombinedVersion()` client-side.
683 *
684 * @since 1.28
685 * @param ResourceLoaderContext $context
686 * @return string Hash
687 */
688 public function makeVersionQuery( ResourceLoaderContext $context ) {
689 // As of MediaWiki 1.28, the server and client use the same algorithm for combining
690 // version hashes. There is no technical reason for this to be same, and for years the
691 // implementations differed. If getCombinedVersion in PHP (used for StartupModule and
692 // E-Tag headers) differs in the future from getCombinedVersion in JS (used for 'version'
693 // query parameter), then this method must continue to match the JS one.
694 $moduleNames = [];
695 foreach ( $context->getModules() as $name ) {
696 if ( !$this->getModule( $name ) ) {
697 // If a versioned request contains a missing module, the version is a mismatch
698 // as the client considered a module (and version) we don't have.
699 return '';
700 }
701 $moduleNames[] = $name;
702 }
703 return $this->getCombinedVersion( $context, $moduleNames );
704 }
705
706 /**
707 * Output a response to a load request, including the content-type header.
708 *
709 * @param ResourceLoaderContext $context Context in which a response should be formed
710 */
711 public function respond( ResourceLoaderContext $context ) {
712 // Buffer output to catch warnings. Normally we'd use ob_clean() on the
713 // top-level output buffer to clear warnings, but that breaks when ob_gzhandler
714 // is used: ob_clean() will clear the GZIP header in that case and it won't come
715 // back for subsequent output, resulting in invalid GZIP. So we have to wrap
716 // the whole thing in our own output buffer to be sure the active buffer
717 // doesn't use ob_gzhandler.
718 // See https://bugs.php.net/bug.php?id=36514
719 ob_start();
720
721 $this->measureResponseTime( RequestContext::getMain()->getTiming() );
722
723 // Find out which modules are missing and instantiate the others
724 $modules = [];
725 $missing = [];
726 foreach ( $context->getModules() as $name ) {
727 $module = $this->getModule( $name );
728 if ( $module ) {
729 // Do not allow private modules to be loaded from the web.
730 // This is a security issue, see T36907.
731 if ( $module->getGroup() === 'private' ) {
732 // Not a serious error, just means something is trying to access it (T101806)
733 $this->logger->debug( "Request for private module '$name' denied" );
734 $this->errors[] = "Cannot build private module \"$name\"";
735 continue;
736 }
737 $modules[$name] = $module;
738 } else {
739 $missing[] = $name;
740 }
741 }
742
743 try {
744 // Preload for getCombinedVersion() and for batch makeModuleResponse()
745 $this->preloadModuleInfo( array_keys( $modules ), $context );
746 } catch ( Exception $e ) {
747 $this->outputErrorAndLog( $e, 'Preloading module info failed: {exception}' );
748 }
749
750 // Combine versions to propagate cache invalidation
751 $versionHash = '';
752 try {
753 $versionHash = $this->getCombinedVersion( $context, array_keys( $modules ) );
754 } catch ( Exception $e ) {
755 $this->outputErrorAndLog( $e, 'Calculating version hash failed: {exception}' );
756 }
757
758 // See RFC 2616 § 3.11 Entity Tags
759 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11
760 $etag = 'W/"' . $versionHash . '"';
761
762 // Try the client-side cache first
763 if ( $this->tryRespondNotModified( $context, $etag ) ) {
764 return; // output handled (buffers cleared)
765 }
766
767 // Use file cache if enabled and available...
768 if ( $this->config->get( 'UseFileCache' ) ) {
769 $fileCache = ResourceFileCache::newFromContext( $context );
770 if ( $this->tryRespondFromFileCache( $fileCache, $context, $etag ) ) {
771 return; // output handled
772 }
773 } else {
774 $fileCache = null;
775 }
776
777 // Generate a response
778 $response = $this->makeModuleResponse( $context, $modules, $missing );
779
780 // Capture any PHP warnings from the output buffer and append them to the
781 // error list if we're in debug mode.
782 if ( $context->getDebug() ) {
783 $warnings = ob_get_contents();
784 if ( strlen( $warnings ) ) {
785 $this->errors[] = $warnings;
786 }
787 }
788
789 // Consider saving the response to file cache (unless there are errors).
790 if ( $fileCache &&
791 !$this->errors &&
792 $missing === [] &&
793 ResourceFileCache::useFileCache( $context )
794 ) {
795 if ( $fileCache->isCacheWorthy() ) {
796 // There were enough hits, save the response to the cache
797 $fileCache->saveText( $response );
798 } else {
799 $fileCache->incrMissesRecent( $context->getRequest() );
800 }
801 }
802
803 $this->sendResponseHeaders( $context, $etag, (bool)$this->errors, $this->extraHeaders );
804
805 // Remove the output buffer and output the response
806 ob_end_clean();
807
808 if ( $context->getImageObj() && $this->errors ) {
809 // We can't show both the error messages and the response when it's an image.
810 $response = implode( "\n\n", $this->errors );
811 } elseif ( $this->errors ) {
812 $errorText = implode( "\n\n", $this->errors );
813 $errorResponse = self::makeComment( $errorText );
814 if ( $context->shouldIncludeScripts() ) {
815 $errorResponse .= 'if (window.console && console.error) {'
816 . Xml::encodeJsCall( 'console.error', [ $errorText ] )
817 . "}\n";
818 }
819
820 // Prepend error info to the response
821 $response = $errorResponse . $response;
822 }
823
824 $this->errors = [];
825 echo $response;
826 }
827
828 protected function measureResponseTime( Timing $timing ) {
829 DeferredUpdates::addCallableUpdate( function () use ( $timing ) {
830 $measure = $timing->measure( 'responseTime', 'requestStart', 'requestShutdown' );
831 if ( $measure !== false ) {
832 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
833 $stats->timing( 'resourceloader.responseTime', $measure['duration'] * 1000 );
834 }
835 } );
836 }
837
838 /**
839 * Send main response headers to the client.
840 *
841 * Deals with Content-Type, CORS (for stylesheets), and caching.
842 *
843 * @param ResourceLoaderContext $context
844 * @param string $etag ETag header value
845 * @param bool $errors Whether there are errors in the response
846 * @param string[] $extra Array of extra HTTP response headers
847 * @return void
848 */
849 protected function sendResponseHeaders(
850 ResourceLoaderContext $context, $etag, $errors, array $extra = []
851 ) {
852 \MediaWiki\HeaderCallback::warnIfHeadersSent();
853 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
854 // Use a short cache expiry so that updates propagate to clients quickly, if:
855 // - No version specified (shared resources, e.g. stylesheets)
856 // - There were errors (recover quickly)
857 // - Version mismatch (T117587, T47877)
858 if ( is_null( $context->getVersion() )
859 || $errors
860 || $context->getVersion() !== $this->makeVersionQuery( $context )
861 ) {
862 $maxage = $rlMaxage['unversioned']['client'];
863 $smaxage = $rlMaxage['unversioned']['server'];
864 // If a version was specified we can use a longer expiry time since changing
865 // version numbers causes cache misses
866 } else {
867 $maxage = $rlMaxage['versioned']['client'];
868 $smaxage = $rlMaxage['versioned']['server'];
869 }
870 if ( $context->getImageObj() ) {
871 // Output different headers if we're outputting textual errors.
872 if ( $errors ) {
873 header( 'Content-Type: text/plain; charset=utf-8' );
874 } else {
875 $context->getImageObj()->sendResponseHeaders( $context );
876 }
877 } elseif ( $context->getOnly() === 'styles' ) {
878 header( 'Content-Type: text/css; charset=utf-8' );
879 header( 'Access-Control-Allow-Origin: *' );
880 } else {
881 header( 'Content-Type: text/javascript; charset=utf-8' );
882 }
883 // See RFC 2616 § 14.19 ETag
884 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.19
885 header( 'ETag: ' . $etag );
886 if ( $context->getDebug() ) {
887 // Do not cache debug responses
888 header( 'Cache-Control: private, no-cache, must-revalidate' );
889 header( 'Pragma: no-cache' );
890 } else {
891 header( "Cache-Control: public, max-age=$maxage, s-maxage=$smaxage" );
892 $exp = min( $maxage, $smaxage );
893 header( 'Expires: ' . wfTimestamp( TS_RFC2822, $exp + time() ) );
894 }
895 foreach ( $extra as $header ) {
896 header( $header );
897 }
898 }
899
900 /**
901 * Respond with HTTP 304 Not Modified if appropiate.
902 *
903 * If there's an If-None-Match header, respond with a 304 appropriately
904 * and clear out the output buffer. If the client cache is too old then do nothing.
905 *
906 * @param ResourceLoaderContext $context
907 * @param string $etag ETag header value
908 * @return bool True if HTTP 304 was sent and output handled
909 */
910 protected function tryRespondNotModified( ResourceLoaderContext $context, $etag ) {
911 // See RFC 2616 § 14.26 If-None-Match
912 // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26
913 $clientKeys = $context->getRequest()->getHeader( 'If-None-Match', WebRequest::GETHEADER_LIST );
914 // Never send 304s in debug mode
915 if ( $clientKeys !== false && !$context->getDebug() && in_array( $etag, $clientKeys ) ) {
916 // There's another bug in ob_gzhandler (see also the comment at
917 // the top of this function) that causes it to gzip even empty
918 // responses, meaning it's impossible to produce a truly empty
919 // response (because the gzip header is always there). This is
920 // a problem because 304 responses have to be completely empty
921 // per the HTTP spec, and Firefox behaves buggily when they're not.
922 // See also https://bugs.php.net/bug.php?id=51579
923 // To work around this, we tear down all output buffering before
924 // sending the 304.
925 wfResetOutputBuffers( /* $resetGzipEncoding = */ true );
926
927 HttpStatus::header( 304 );
928
929 $this->sendResponseHeaders( $context, $etag, false );
930 return true;
931 }
932 return false;
933 }
934
935 /**
936 * Send out code for a response from file cache if possible.
937 *
938 * @param ResourceFileCache $fileCache Cache object for this request URL
939 * @param ResourceLoaderContext $context Context in which to generate a response
940 * @param string $etag ETag header value
941 * @return bool If this found a cache file and handled the response
942 */
943 protected function tryRespondFromFileCache(
944 ResourceFileCache $fileCache,
945 ResourceLoaderContext $context,
946 $etag
947 ) {
948 $rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
949 // Buffer output to catch warnings.
950 ob_start();
951 // Get the maximum age the cache can be
952 $maxage = is_null( $context->getVersion() )
953 ? $rlMaxage['unversioned']['server']
954 : $rlMaxage['versioned']['server'];
955 // Minimum timestamp the cache file must have
956 $good = $fileCache->isCacheGood( wfTimestamp( TS_MW, time() - $maxage ) );
957 if ( !$good ) {
958 try { // RL always hits the DB on file cache miss...
959 wfGetDB( DB_REPLICA );
960 } catch ( DBConnectionError $e ) { // ...check if we need to fallback to cache
961 $good = $fileCache->isCacheGood(); // cache existence check
962 }
963 }
964 if ( $good ) {
965 $ts = $fileCache->cacheTimestamp();
966 // Send content type and cache headers
967 $this->sendResponseHeaders( $context, $etag, false );
968 $response = $fileCache->fetchText();
969 // Capture any PHP warnings from the output buffer and append them to the
970 // response in a comment if we're in debug mode.
971 if ( $context->getDebug() ) {
972 $warnings = ob_get_contents();
973 if ( strlen( $warnings ) ) {
974 $response = self::makeComment( $warnings ) . $response;
975 }
976 }
977 // Remove the output buffer and output the response
978 ob_end_clean();
979 echo $response . "\n/* Cached {$ts} */";
980 return true; // cache hit
981 }
982 // Clear buffer
983 ob_end_clean();
984
985 return false; // cache miss
986 }
987
988 /**
989 * Generate a CSS or JS comment block.
990 *
991 * Only use this for public data, not error message details.
992 *
993 * @param string $text
994 * @return string
995 */
996 public static function makeComment( $text ) {
997 $encText = str_replace( '*/', '* /', $text );
998 return "/*\n$encText\n*/\n";
999 }
1000
1001 /**
1002 * Handle exception display.
1003 *
1004 * @param Exception $e Exception to be shown to the user
1005 * @return string Sanitized text in a CSS/JS comment that can be returned to the user
1006 */
1007 public static function formatException( $e ) {
1008 return self::makeComment( self::formatExceptionNoComment( $e ) );
1009 }
1010
1011 /**
1012 * Handle exception display.
1013 *
1014 * @since 1.25
1015 * @param Exception $e Exception to be shown to the user
1016 * @return string Sanitized text that can be returned to the user
1017 */
1018 protected static function formatExceptionNoComment( $e ) {
1019 global $wgShowExceptionDetails;
1020
1021 if ( !$wgShowExceptionDetails ) {
1022 return MWExceptionHandler::getPublicLogMessage( $e );
1023 }
1024
1025 return MWExceptionHandler::getLogMessage( $e ) .
1026 "\nBacktrace:\n" .
1027 MWExceptionHandler::getRedactedTraceAsString( $e );
1028 }
1029
1030 /**
1031 * Generate code for a response.
1032 *
1033 * Calling this method also populates the `errors` and `headers` members,
1034 * later used by respond().
1035 *
1036 * @param ResourceLoaderContext $context Context in which to generate a response
1037 * @param ResourceLoaderModule[] $modules List of module objects keyed by module name
1038 * @param string[] $missing List of requested module names that are unregistered (optional)
1039 * @return string Response data
1040 */
1041 public function makeModuleResponse( ResourceLoaderContext $context,
1042 array $modules, array $missing = []
1043 ) {
1044 $out = '';
1045 $states = [];
1046
1047 if ( $modules === [] && $missing === [] ) {
1048 return <<<MESSAGE
1049 /* This file is the Web entry point for MediaWiki's ResourceLoader:
1050 <https://www.mediawiki.org/wiki/ResourceLoader>. In this request,
1051 no modules were requested. Max made me put this here. */
1052 MESSAGE;
1053 }
1054
1055 $image = $context->getImageObj();
1056 if ( $image ) {
1057 $data = $image->getImageData( $context );
1058 if ( $data === false ) {
1059 $data = '';
1060 $this->errors[] = 'Image generation failed';
1061 }
1062 return $data;
1063 }
1064
1065 foreach ( $missing as $name ) {
1066 $states[$name] = 'missing';
1067 }
1068
1069 $filter = $context->getOnly() === 'styles' ? 'minify-css' : 'minify-js';
1070
1071 foreach ( $modules as $name => $module ) {
1072 try {
1073 $content = $module->getModuleContent( $context );
1074 $implementKey = $name . '@' . $module->getVersionHash( $context );
1075 $strContent = '';
1076
1077 if ( isset( $content['headers'] ) ) {
1078 $this->extraHeaders = array_merge( $this->extraHeaders, $content['headers'] );
1079 }
1080
1081 // Append output
1082 switch ( $context->getOnly() ) {
1083 case 'scripts':
1084 $scripts = $content['scripts'];
1085 if ( is_string( $scripts ) ) {
1086 // Load scripts raw...
1087 $strContent = $scripts;
1088 } elseif ( is_array( $scripts ) ) {
1089 // ...except when $scripts is an array of URLs or an associative array
1090 $strContent = self::makeLoaderImplementScript( $implementKey, $scripts, [], [], [] );
1091 }
1092 break;
1093 case 'styles':
1094 $styles = $content['styles'];
1095 // We no longer separate into media, they are all combined now with
1096 // custom media type groups into @media .. {} sections as part of the css string.
1097 // Module returns either an empty array or a numerical array with css strings.
1098 $strContent = isset( $styles['css'] ) ? implode( '', $styles['css'] ) : '';
1099 break;
1100 default:
1101 $scripts = $content['scripts'] ?? '';
1102 if ( is_string( $scripts ) ) {
1103 if ( $name === 'site' || $name === 'user' ) {
1104 // Legacy scripts that run in the global scope without a closure.
1105 // mw.loader.implement will use globalEval if scripts is a string.
1106 // Minify manually here, because general response minification is
1107 // not effective due it being a string literal, not a function.
1108 if ( !$context->getDebug() ) {
1109 $scripts = self::filter( 'minify-js', $scripts ); // T107377
1110 }
1111 } else {
1112 $scripts = new XmlJsCode( $scripts );
1113 }
1114 }
1115 $strContent = self::makeLoaderImplementScript(
1116 $implementKey,
1117 $scripts,
1118 $content['styles'] ?? [],
1119 isset( $content['messagesBlob'] ) ? new XmlJsCode( $content['messagesBlob'] ) : [],
1120 $content['templates'] ?? []
1121 );
1122 break;
1123 }
1124
1125 if ( !$context->getDebug() ) {
1126 $strContent = self::filter( $filter, $strContent );
1127 } else {
1128 // In debug mode, separate each response by a new line.
1129 // For example, between 'mw.loader.implement();' statements.
1130 $strContent = $this->ensureNewline( $strContent );
1131 }
1132
1133 if ( $context->getOnly() === 'scripts' ) {
1134 // Use a linebreak between module scripts (T162719)
1135 $out .= $this->ensureNewline( $strContent );
1136 } else {
1137 $out .= $strContent;
1138 }
1139
1140 } catch ( Exception $e ) {
1141 $this->outputErrorAndLog( $e, 'Generating module package failed: {exception}' );
1142
1143 // Respond to client with error-state instead of module implementation
1144 $states[$name] = 'error';
1145 unset( $modules[$name] );
1146 }
1147 }
1148
1149 // Update module states
1150 if ( $context->shouldIncludeScripts() && !$context->getRaw() ) {
1151 if ( $modules && $context->getOnly() === 'scripts' ) {
1152 // Set the state of modules loaded as only scripts to ready as
1153 // they don't have an mw.loader.implement wrapper that sets the state
1154 foreach ( $modules as $name => $module ) {
1155 $states[$name] = 'ready';
1156 }
1157 }
1158
1159 // Set the state of modules we didn't respond to with mw.loader.implement
1160 if ( $states ) {
1161 $stateScript = self::makeLoaderStateScript( $states );
1162 if ( !$context->getDebug() ) {
1163 $stateScript = self::filter( 'minify-js', $stateScript );
1164 }
1165 // Use a linebreak between module script and state script (T162719)
1166 $out = $this->ensureNewline( $out ) . $stateScript;
1167 }
1168 } elseif ( $states ) {
1169 $this->errors[] = 'Problematic modules: '
1170 . self::encodeJsonForScript( $states );
1171 }
1172
1173 return $out;
1174 }
1175
1176 /**
1177 * Ensure the string is either empty or ends in a line break
1178 * @param string $str
1179 * @return string
1180 */
1181 private function ensureNewline( $str ) {
1182 $end = substr( $str, -1 );
1183 if ( $end === false || $end === '' || $end === "\n" ) {
1184 return $str;
1185 }
1186 return $str . "\n";
1187 }
1188
1189 /**
1190 * Get names of modules that use a certain message.
1191 *
1192 * @param string $messageKey
1193 * @return array List of module names
1194 */
1195 public function getModulesByMessage( $messageKey ) {
1196 $moduleNames = [];
1197 foreach ( $this->getModuleNames() as $moduleName ) {
1198 $module = $this->getModule( $moduleName );
1199 if ( in_array( $messageKey, $module->getMessages() ) ) {
1200 $moduleNames[] = $moduleName;
1201 }
1202 }
1203 return $moduleNames;
1204 }
1205
1206 /**
1207 * Return JS code that calls mw.loader.implement with given module properties.
1208 *
1209 * @param string $name Module name or implement key (format "`[name]@[version]`")
1210 * @param XmlJsCode|array|string $scripts Code as XmlJsCode (to be wrapped in a closure),
1211 * list of URLs to JavaScript files, string of JavaScript for `$.globalEval`, or array with
1212 * 'files' and 'main' properties (see ResourceLoaderModule::getScript())
1213 * @param mixed $styles Array of CSS strings keyed by media type, or an array of lists of URLs
1214 * to CSS files keyed by media type
1215 * @param mixed $messages List of messages associated with this module. May either be an
1216 * associative array mapping message key to value, or a JSON-encoded message blob containing
1217 * the same data, wrapped in an XmlJsCode object.
1218 * @param array $templates Keys are name of templates and values are the source of
1219 * the template.
1220 * @throws MWException
1221 * @return string JavaScript code
1222 */
1223 protected static function makeLoaderImplementScript(
1224 $name, $scripts, $styles, $messages, $templates
1225 ) {
1226 if ( $scripts instanceof XmlJsCode ) {
1227 if ( $scripts->value === '' ) {
1228 $scripts = null;
1229 } elseif ( self::inDebugMode() ) {
1230 $scripts = new XmlJsCode( "function ( $, jQuery, require, module ) {\n{$scripts->value}\n}" );
1231 } else {
1232 $scripts = new XmlJsCode( 'function($,jQuery,require,module){' . $scripts->value . '}' );
1233 }
1234 } elseif ( is_array( $scripts ) && isset( $scripts['files'] ) ) {
1235 $files = $scripts['files'];
1236 foreach ( $files as $path => &$file ) {
1237 // $file is changed (by reference) from a descriptor array to the content of the file
1238 // All of these essentially do $file = $file['content'];, some just have wrapping around it
1239 if ( $file['type'] === 'script' ) {
1240 // Multi-file modules only get two parameters ($ and jQuery are being phased out)
1241 if ( self::inDebugMode() ) {
1242 $file = new XmlJsCode( "function ( require, module ) {\n{$file['content']}\n}" );
1243 } else {
1244 $file = new XmlJsCode( 'function(require,module){' . $file['content'] . '}' );
1245 }
1246 } else {
1247 $file = $file['content'];
1248 }
1249 }
1250 $scripts = XmlJsCode::encodeObject( [
1251 'main' => $scripts['main'],
1252 'files' => XmlJsCode::encodeObject( $files, self::inDebugMode() )
1253 ], self::inDebugMode() );
1254 } elseif ( !is_string( $scripts ) && !is_array( $scripts ) ) {
1255 throw new MWException( 'Invalid scripts error. Array of URLs or string of code expected.' );
1256 }
1257
1258 // mw.loader.implement requires 'styles', 'messages' and 'templates' to be objects (not
1259 // arrays). json_encode considers empty arrays to be numerical and outputs "[]" instead
1260 // of "{}". Force them to objects.
1261 $module = [
1262 $name,
1263 $scripts,
1264 (object)$styles,
1265 (object)$messages,
1266 (object)$templates
1267 ];
1268 self::trimArray( $module );
1269
1270 return Xml::encodeJsCall( 'mw.loader.implement', $module, self::inDebugMode() );
1271 }
1272
1273 /**
1274 * Returns JS code which, when called, will register a given list of messages.
1275 *
1276 * @param mixed $messages Either an associative array mapping message key to value, or a
1277 * JSON-encoded message blob containing the same data, wrapped in an XmlJsCode object.
1278 * @return string JavaScript code
1279 */
1280 public static function makeMessageSetScript( $messages ) {
1281 return 'mw.messages.set('
1282 . self::encodeJsonForScript( (object)$messages )
1283 . ');';
1284 }
1285
1286 /**
1287 * Combines an associative array mapping media type to CSS into a
1288 * single stylesheet with "@media" blocks.
1289 *
1290 * @param array $stylePairs Array keyed by media type containing (arrays of) CSS strings
1291 * @return array
1292 */
1293 public static function makeCombinedStyles( array $stylePairs ) {
1294 $out = [];
1295 foreach ( $stylePairs as $media => $styles ) {
1296 // ResourceLoaderFileModule::getStyle can return the styles
1297 // as a string or an array of strings. This is to allow separation in
1298 // the front-end.
1299 $styles = (array)$styles;
1300 foreach ( $styles as $style ) {
1301 $style = trim( $style );
1302 // Don't output an empty "@media print { }" block (T42498)
1303 if ( $style !== '' ) {
1304 // Transform the media type based on request params and config
1305 // The way that this relies on $wgRequest to propagate request params is slightly evil
1306 $media = OutputPage::transformCssMedia( $media );
1307
1308 if ( $media === '' || $media == 'all' ) {
1309 $out[] = $style;
1310 } elseif ( is_string( $media ) ) {
1311 $out[] = "@media $media {\n" . str_replace( "\n", "\n\t", "\t" . $style ) . "}";
1312 }
1313 // else: skip
1314 }
1315 }
1316 }
1317 return $out;
1318 }
1319
1320 /**
1321 * Wrapper around json_encode that avoids needless escapes,
1322 * and pretty-prints in debug mode.
1323 *
1324 * @internal
1325 * @since 1.32
1326 * @param mixed $data
1327 * @return string JSON
1328 */
1329 public static function encodeJsonForScript( $data ) {
1330 // Keep output as small as possible by disabling needless escape modes
1331 // that PHP uses by default.
1332 // However, while most module scripts are only served on HTTP responses
1333 // for JavaScript, some modules can also be embedded in the HTML as inline
1334 // scripts. This, and the fact that we sometimes need to export strings
1335 // containing user-generated content and labels that may genuinely contain
1336 // a sequences like "</script>", we need to encode either '/' or '<'.
1337 // By default PHP escapes '/'. Let's escape '<' instead which is less common
1338 // and allows URLs to mostly remain readable.
1339 $jsonFlags = JSON_UNESCAPED_SLASHES |
1340 JSON_UNESCAPED_UNICODE |
1341 JSON_HEX_TAG |
1342 JSON_HEX_AMP;
1343 if ( self::inDebugMode() ) {
1344 $jsonFlags |= JSON_PRETTY_PRINT;
1345 }
1346 return json_encode( $data, $jsonFlags );
1347 }
1348
1349 /**
1350 * Returns a JS call to mw.loader.state, which sets the state of one
1351 * ore more modules to a given value. Has two calling conventions:
1352 *
1353 * - ResourceLoader::makeLoaderStateScript( $name, $state ):
1354 * Set the state of a single module called $name to $state
1355 *
1356 * - ResourceLoader::makeLoaderStateScript( [ $name => $state, ... ] ):
1357 * Set the state of modules with the given names to the given states
1358 *
1359 * @param array|string $states
1360 * @param string|null $state
1361 * @return string JavaScript code
1362 */
1363 public static function makeLoaderStateScript( $states, $state = null ) {
1364 if ( !is_array( $states ) ) {
1365 $states = [ $states => $state ];
1366 }
1367 return 'mw.loader.state('
1368 . self::encodeJsonForScript( $states )
1369 . ');';
1370 }
1371
1372 private static function isEmptyObject( stdClass $obj ) {
1373 foreach ( $obj as $key => $value ) {
1374 return false;
1375 }
1376 return true;
1377 }
1378
1379 /**
1380 * Remove empty values from the end of an array.
1381 *
1382 * Values considered empty:
1383 *
1384 * - null
1385 * - []
1386 * - new XmlJsCode( '{}' )
1387 * - new stdClass() // (object) []
1388 *
1389 * @param array $array
1390 */
1391 private static function trimArray( array &$array ) {
1392 $i = count( $array );
1393 while ( $i-- ) {
1394 if ( $array[$i] === null
1395 || $array[$i] === []
1396 || ( $array[$i] instanceof XmlJsCode && $array[$i]->value === '{}' )
1397 || ( $array[$i] instanceof stdClass && self::isEmptyObject( $array[$i] ) )
1398 ) {
1399 unset( $array[$i] );
1400 } else {
1401 break;
1402 }
1403 }
1404 }
1405
1406 /**
1407 * Returns JS code which calls mw.loader.register with the given
1408 * parameter.
1409 *
1410 * @par Example
1411 * @code
1412 *
1413 * ResourceLoader::makeLoaderRegisterScript( [
1414 * [ $name1, $version1, $dependencies1, $group1, $source1, $skip1 ],
1415 * [ $name2, $version2, $dependencies1, $group2, $source2, $skip2 ],
1416 * ...
1417 * ] ):
1418 * @endcode
1419 *
1420 * @internal
1421 * @since 1.32
1422 * @param array $modules Array of module registration arrays, each containing
1423 * - string: module name
1424 * - string: module version
1425 * - array|null: List of dependencies (optional)
1426 * - string|null: Module group (optional)
1427 * - string|null: Name of foreign module source, or 'local' (optional)
1428 * - string|null: Script body of a skip function (optional)
1429 * @return string JavaScript code
1430 */
1431 public static function makeLoaderRegisterScript( array $modules ) {
1432 // Optimisation: Transform dependency names into indexes when possible
1433 // to produce smaller output. They are expanded by mw.loader.register on
1434 // the other end using resolveIndexedDependencies().
1435 $index = [];
1436 foreach ( $modules as $i => &$module ) {
1437 // Build module name index
1438 $index[$module[0]] = $i;
1439 }
1440 foreach ( $modules as &$module ) {
1441 if ( isset( $module[2] ) ) {
1442 foreach ( $module[2] as &$dependency ) {
1443 if ( isset( $index[$dependency] ) ) {
1444 // Replace module name in dependency list with index
1445 $dependency = $index[$dependency];
1446 }
1447 }
1448 }
1449 }
1450
1451 array_walk( $modules, [ self::class, 'trimArray' ] );
1452
1453 return 'mw.loader.register('
1454 . self::encodeJsonForScript( $modules )
1455 . ');';
1456 }
1457
1458 /**
1459 * Returns JS code which calls mw.loader.addSource() with the given
1460 * parameters. Has two calling conventions:
1461 *
1462 * - ResourceLoader::makeLoaderSourcesScript( $id, $properties ):
1463 * Register a single source
1464 *
1465 * - ResourceLoader::makeLoaderSourcesScript( [ $id1 => $loadUrl, $id2 => $loadUrl, ... ] );
1466 * Register sources with the given IDs and properties.
1467 *
1468 * @param string|array $sources Source ID
1469 * @param string|null $loadUrl load.php url
1470 * @return string JavaScript code
1471 */
1472 public static function makeLoaderSourcesScript( $sources, $loadUrl = null ) {
1473 if ( !is_array( $sources ) ) {
1474 $sources = [ $sources => $loadUrl ];
1475 }
1476 return 'mw.loader.addSource('
1477 . self::encodeJsonForScript( $sources )
1478 . ');';
1479 }
1480
1481 /**
1482 * Wraps JavaScript code to run after the startup module.
1483 *
1484 * @param string $script JavaScript code
1485 * @return string JavaScript code
1486 */
1487 public static function makeLoaderConditionalScript( $script ) {
1488 // Adds a function to lazy-created RLQ
1489 return '(RLQ=window.RLQ||[]).push(function(){' .
1490 trim( $script ) . '});';
1491 }
1492
1493 /**
1494 * Wraps JavaScript code to run after a required module.
1495 *
1496 * @since 1.32
1497 * @param string|string[] $modules Module name(s)
1498 * @param string $script JavaScript code
1499 * @return string JavaScript code
1500 */
1501 public static function makeInlineCodeWithModule( $modules, $script ) {
1502 // Adds an array to lazy-created RLQ
1503 return '(RLQ=window.RLQ||[]).push(['
1504 . self::encodeJsonForScript( $modules ) . ','
1505 . 'function(){' . trim( $script ) . '}'
1506 . ']);';
1507 }
1508
1509 /**
1510 * Returns an HTML script tag that runs given JS code after startup and base modules.
1511 *
1512 * The code will be wrapped in a closure, and it will be executed by ResourceLoader's
1513 * startup module if the client has adequate support for MediaWiki JavaScript code.
1514 *
1515 * @param string $script JavaScript code
1516 * @param string|null $nonce [optional] Content-Security-Policy nonce
1517 * (from OutputPage::getCSPNonce)
1518 * @return string|WrappedString HTML
1519 */
1520 public static function makeInlineScript( $script, $nonce = null ) {
1521 $js = self::makeLoaderConditionalScript( $script );
1522 $escNonce = '';
1523 if ( $nonce === null ) {
1524 wfWarn( __METHOD__ . " did not get nonce. Will break CSP" );
1525 } elseif ( $nonce !== false ) {
1526 // If it was false, CSP is disabled, so no nonce attribute.
1527 // Nonce should be only base64 characters, so should be safe,
1528 // but better to be safely escaped than sorry.
1529 $escNonce = ' nonce="' . htmlspecialchars( $nonce ) . '"';
1530 }
1531
1532 return new WrappedString(
1533 Html::inlineScript( $js, $nonce ),
1534 "<script$escNonce>(RLQ=window.RLQ||[]).push(function(){",
1535 '});</script>'
1536 );
1537 }
1538
1539 /**
1540 * Returns JS code which will set the MediaWiki configuration array to
1541 * the given value.
1542 *
1543 * @param array $configuration List of configuration values keyed by variable name
1544 * @return string JavaScript code
1545 * @throws Exception
1546 */
1547 public static function makeConfigSetScript( array $configuration ) {
1548 $js = Xml::encodeJsCall(
1549 'mw.config.set',
1550 [ $configuration ],
1551 self::inDebugMode()
1552 );
1553 if ( $js === false ) {
1554 $e = new Exception(
1555 'JSON serialization of config data failed. ' .
1556 'This usually means the config data is not valid UTF-8.'
1557 );
1558 MWExceptionHandler::logException( $e );
1559 $js = Xml::encodeJsCall( 'mw.log.error', [ $e->__toString() ] );
1560 }
1561 return $js;
1562 }
1563
1564 /**
1565 * Convert an array of module names to a packed query string.
1566 *
1567 * For example, `[ 'foo.bar', 'foo.baz', 'bar.baz', 'bar.quux' ]`
1568 * becomes `'foo.bar,baz|bar.baz,quux'`.
1569 *
1570 * This process is reversed by ResourceLoader::expandModuleNames().
1571 * See also mw.loader#buildModulesString() which is a port of this, used
1572 * on the client-side.
1573 *
1574 * @param array $modules List of module names (strings)
1575 * @return string Packed query string
1576 */
1577 public static function makePackedModulesString( $modules ) {
1578 $moduleMap = []; // [ prefix => [ suffixes ] ]
1579 foreach ( $modules as $module ) {
1580 $pos = strrpos( $module, '.' );
1581 $prefix = $pos === false ? '' : substr( $module, 0, $pos );
1582 $suffix = $pos === false ? $module : substr( $module, $pos + 1 );
1583 $moduleMap[$prefix][] = $suffix;
1584 }
1585
1586 $arr = [];
1587 foreach ( $moduleMap as $prefix => $suffixes ) {
1588 $p = $prefix === '' ? '' : $prefix . '.';
1589 $arr[] = $p . implode( ',', $suffixes );
1590 }
1591 return implode( '|', $arr );
1592 }
1593
1594 /**
1595 * Expand a string of the form `jquery.foo,bar|jquery.ui.baz,quux` to
1596 * an array of module names like `[ 'jquery.foo', 'jquery.bar',
1597 * 'jquery.ui.baz', 'jquery.ui.quux' ]`.
1598 *
1599 * This process is reversed by ResourceLoader::makePackedModulesString().
1600 *
1601 * @since 1.33
1602 * @param string $modules Packed module name list
1603 * @return array Array of module names
1604 */
1605 public static function expandModuleNames( $modules ) {
1606 $retval = [];
1607 $exploded = explode( '|', $modules );
1608 foreach ( $exploded as $group ) {
1609 if ( strpos( $group, ',' ) === false ) {
1610 // This is not a set of modules in foo.bar,baz notation
1611 // but a single module
1612 $retval[] = $group;
1613 } else {
1614 // This is a set of modules in foo.bar,baz notation
1615 $pos = strrpos( $group, '.' );
1616 if ( $pos === false ) {
1617 // Prefixless modules, i.e. without dots
1618 $retval = array_merge( $retval, explode( ',', $group ) );
1619 } else {
1620 // We have a prefix and a bunch of suffixes
1621 $prefix = substr( $group, 0, $pos ); // 'foo'
1622 $suffixes = explode( ',', substr( $group, $pos + 1 ) ); // [ 'bar', 'baz' ]
1623 foreach ( $suffixes as $suffix ) {
1624 $retval[] = "$prefix.$suffix";
1625 }
1626 }
1627 }
1628 }
1629 return $retval;
1630 }
1631
1632 /**
1633 * Determine whether debug mode was requested
1634 * Order of priority is 1) request param, 2) cookie, 3) $wg setting
1635 * @return bool
1636 */
1637 public static function inDebugMode() {
1638 if ( self::$debugMode === null ) {
1639 global $wgRequest, $wgResourceLoaderDebug;
1640 self::$debugMode = $wgRequest->getFuzzyBool( 'debug',
1641 $wgRequest->getCookie( 'resourceLoaderDebug', '', $wgResourceLoaderDebug )
1642 );
1643 }
1644 return self::$debugMode;
1645 }
1646
1647 /**
1648 * Reset static members used for caching.
1649 *
1650 * Global state and $wgRequest are evil, but we're using it right
1651 * now and sometimes we need to be able to force ResourceLoader to
1652 * re-evaluate the context because it has changed (e.g. in the test suite).
1653 *
1654 * @internal For use by unit tests
1655 * @codeCoverageIgnore
1656 */
1657 public static function clearCache() {
1658 self::$debugMode = null;
1659 }
1660
1661 /**
1662 * Build a load.php URL
1663 *
1664 * @since 1.24
1665 * @param string $source Name of the ResourceLoader source
1666 * @param ResourceLoaderContext $context
1667 * @param array $extraQuery
1668 * @return string URL to load.php. May be protocol-relative if $wgLoadScript is, too.
1669 */
1670 public function createLoaderURL( $source, ResourceLoaderContext $context,
1671 $extraQuery = []
1672 ) {
1673 $query = self::createLoaderQuery( $context, $extraQuery );
1674 $script = $this->getLoadScript( $source );
1675
1676 return wfAppendQuery( $script, $query );
1677 }
1678
1679 /**
1680 * Helper for createLoaderURL()
1681 *
1682 * @since 1.24
1683 * @see makeLoaderQuery
1684 * @param ResourceLoaderContext $context
1685 * @param array $extraQuery
1686 * @return array
1687 */
1688 protected static function createLoaderQuery( ResourceLoaderContext $context, $extraQuery = [] ) {
1689 return self::makeLoaderQuery(
1690 $context->getModules(),
1691 $context->getLanguage(),
1692 $context->getSkin(),
1693 $context->getUser(),
1694 $context->getVersion(),
1695 $context->getDebug(),
1696 $context->getOnly(),
1697 $context->getRequest()->getBool( 'printable' ),
1698 $context->getRequest()->getBool( 'handheld' ),
1699 $extraQuery
1700 );
1701 }
1702
1703 /**
1704 * Build a query array (array representation of query string) for load.php. Helper
1705 * function for createLoaderURL().
1706 *
1707 * @param array $modules
1708 * @param string $lang
1709 * @param string $skin
1710 * @param string|null $user
1711 * @param string|null $version
1712 * @param bool $debug
1713 * @param string|null $only
1714 * @param bool $printable
1715 * @param bool $handheld
1716 * @param array $extraQuery
1717 * @return array
1718 */
1719 public static function makeLoaderQuery( $modules, $lang, $skin, $user = null,
1720 $version = null, $debug = false, $only = null, $printable = false,
1721 $handheld = false, $extraQuery = []
1722 ) {
1723 $query = [
1724 'modules' => self::makePackedModulesString( $modules ),
1725 ];
1726 // Keep urls short by omitting query parameters that
1727 // match the defaults assumed by ResourceLoaderContext.
1728 // Note: This relies on the defaults either being insignificant or forever constant,
1729 // as otherwise cached urls could change in meaning when the defaults change.
1730 if ( $lang !== ResourceLoaderContext::DEFAULT_LANG ) {
1731 $query['lang'] = $lang;
1732 }
1733 if ( $skin !== ResourceLoaderContext::DEFAULT_SKIN ) {
1734 $query['skin'] = $skin;
1735 }
1736 if ( $debug === true ) {
1737 $query['debug'] = 'true';
1738 }
1739 if ( $user !== null ) {
1740 $query['user'] = $user;
1741 }
1742 if ( $version !== null ) {
1743 $query['version'] = $version;
1744 }
1745 if ( $only !== null ) {
1746 $query['only'] = $only;
1747 }
1748 if ( $printable ) {
1749 $query['printable'] = 1;
1750 }
1751 if ( $handheld ) {
1752 $query['handheld'] = 1;
1753 }
1754 $query += $extraQuery;
1755
1756 // Make queries uniform in order
1757 ksort( $query );
1758 return $query;
1759 }
1760
1761 /**
1762 * Check a module name for validity.
1763 *
1764 * Module names may not contain pipes (|), commas (,) or exclamation marks (!) and can be
1765 * at most 255 bytes.
1766 *
1767 * @param string $moduleName Module name to check
1768 * @return bool Whether $moduleName is a valid module name
1769 */
1770 public static function isValidModuleName( $moduleName ) {
1771 return strcspn( $moduleName, '!,|', 0, 255 ) === strlen( $moduleName );
1772 }
1773
1774 /**
1775 * Returns LESS compiler set up for use with MediaWiki
1776 *
1777 * @since 1.27
1778 * @param array $vars Associative array of variables that should be used
1779 * for compilation. Since 1.32, this method no longer automatically includes
1780 * global LESS vars from ResourceLoader::getLessVars (T191937).
1781 * @throws MWException
1782 * @return Less_Parser
1783 */
1784 public function getLessCompiler( $vars = [] ) {
1785 global $IP;
1786 // When called from the installer, it is possible that a required PHP extension
1787 // is missing (at least for now; see T49564). If this is the case, throw an
1788 // exception (caught by the installer) to prevent a fatal error later on.
1789 if ( !class_exists( 'Less_Parser' ) ) {
1790 throw new MWException( 'MediaWiki requires the less.php parser' );
1791 }
1792
1793 $parser = new Less_Parser;
1794 $parser->ModifyVars( $vars );
1795 $parser->SetImportDirs( [
1796 "$IP/resources/src/mediawiki.less/" => '',
1797 ] );
1798 $parser->SetOption( 'relativeUrls', false );
1799
1800 return $parser;
1801 }
1802
1803 /**
1804 * Get global LESS variables.
1805 *
1806 * @since 1.27
1807 * @deprecated since 1.32 Use ResourceLoderModule::getLessVars() instead.
1808 * @return array Map of variable names to string CSS values.
1809 */
1810 public function getLessVars() {
1811 return [];
1812 }
1813 }
Wiklou, le Wiki du Wiklou