maintenance/cleanupUsersWithNoId.php.
* $wgResourceLoaderMinifierStatementsOnOwnLine and $wgResourceLoaderMinifierMaxLineLength
were removed (deprecated since 1.27).
+* (T180921) $wgReferrerPolicy now supports having fallbacks for browsers that are not
+ using the latest version of the Referrer Policy specification.
=== New features in 1.31 ===
* Wikimedia\Rdbms\IDatabase->select() and similar methods now support
/**
* Value for the referrer policy meta tag.
- * One of the values defined in the Referrer Policy specification:
+ * One or more of the values defined in the Referrer Policy specification:
* https://w3c.github.io/webappsec-referrer-policy/
* ('no-referrer', 'no-referrer-when-downgrade', 'same-origin',
* 'origin', 'strict-origin', 'origin-when-cross-origin',
* Setting it to false prevents the meta tag from being output
* (which results in falling back to the Referrer-Policy header,
* or 'no-referrer-when-downgrade' if that's not set either.)
+ * Setting it to an array (supported since 1.31) will create a meta tag for
+ * each value, in the reverse of the order (meaning that the first array element
+ * will be the default and the others used as fallbacks for browsers which do not
+ * understand it).
*
- * @var string|bool
+ * @var array|string|bool
* @since 1.25
*/
$wgReferrerPolicy = false;
] );
if ( $config->get( 'ReferrerPolicy' ) !== false ) {
- $tags['meta-referrer'] = Html::element( 'meta', [
- 'name' => 'referrer',
- 'content' => $config->get( 'ReferrerPolicy' )
- ] );
+ // Per https://w3c.github.io/webappsec-referrer-policy/#unknown-policy-values
+ // fallbacks should come before the primary value so we need to reverse the array.
+ foreach ( array_reverse( (array)$config->get( 'ReferrerPolicy' ) ) as $i => $policy ) {
+ $tags["meta-referrer-$i"] = Html::element( 'meta', [
+ 'name' => 'referrer',
+ 'content' => $policy,
+ ] );
+ }
}
$p = "{$this->mIndexPolicy},{$this->mFollowPolicy}";
dépôts / lhc / web / wiklou.git / commitdiff