2010-09-04 04:00:09 +00:00
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License along
|
|
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
|
* http://www.gnu.org/copyleft/gpl.html
|
|
|
|
|
*
|
2010-09-05 13:31:34 +00:00
|
|
|
* @file
|
2010-09-04 04:00:09 +00:00
|
|
|
* @author Roan Kattouw
|
|
|
|
|
* @author Trevor Parscal
|
|
|
|
|
*/
|
|
|
|
|
|
2019-06-29 04:50:31 +00:00
|
|
|
use MediaWiki\HeaderCallback;
|
Hooks::run() call site migration
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
|
|
|
use MediaWiki\HookContainer\HookContainer;
|
2016-11-22 23:39:22 +00:00
|
|
|
use MediaWiki\MediaWikiServices;
|
2020-07-29 15:41:38 +00:00
|
|
|
use MediaWiki\ResourceLoader\HookRunner;
|
2015-06-04 03:52:45 +00:00
|
|
|
use Psr\Log\LoggerAwareInterface;
|
|
|
|
|
use Psr\Log\LoggerInterface;
|
|
|
|
|
use Psr\Log\NullLogger;
|
2019-06-29 04:50:31 +00:00
|
|
|
use Wikimedia\DependencyStore\DependencyStore;
|
|
|
|
|
use Wikimedia\DependencyStore\KeyValueDependencyStore;
|
2021-02-18 04:38:29 +00:00
|
|
|
use Wikimedia\Minify\CSSMin;
|
|
|
|
|
use Wikimedia\Minify\JavaScriptMinifier;
|
2017-02-24 16:17:16 +00:00
|
|
|
use Wikimedia\Rdbms\DBConnectionError;
|
2019-12-01 01:58:30 +00:00
|
|
|
use Wikimedia\Timestamp\ConvertibleTimestamp;
|
2018-01-21 04:39:17 +00:00
|
|
|
use Wikimedia\WrappedString;
|
2015-06-04 03:52:45 +00:00
|
|
|
|
2010-09-05 13:31:34 +00:00
|
|
|
/**
|
2019-09-14 04:32:54 +00:00
|
|
|
* @defgroup ResourceLoader ResourceLoader
|
|
|
|
|
*
|
|
|
|
|
* For higher level documentation, see <https://www.mediawiki.org/wiki/ResourceLoader/Architecture>.
|
|
|
|
|
*/
|
|
|
|
|
|
2020-04-21 18:08:02 +00:00
|
|
|
/**
|
|
|
|
|
* @defgroup ResourceLoaderHooks ResourceLoader Hooks
|
|
|
|
|
* @ingroup ResourceLoader
|
|
|
|
|
* @ingroup Hooks
|
|
|
|
|
*/
|
|
|
|
|
|
2019-09-14 04:32:54 +00:00
|
|
|
/**
|
|
|
|
|
* ResourceLoader is a loading system for JavaScript and CSS resources.
|
|
|
|
|
*
|
|
|
|
|
* For higher level documentation, see <https://www.mediawiki.org/wiki/ResourceLoader/Architecture>.
|
2010-10-19 20:45:02 +00:00
|
|
|
*
|
2019-09-14 04:32:54 +00:00
|
|
|
* @ingroup ResourceLoader
|
|
|
|
|
* @since 1.17
|
2010-09-04 04:00:09 +00:00
|
|
|
*/
|
2015-06-04 03:52:45 +00:00
|
|
|
class ResourceLoader implements LoggerAwareInterface {
|
2019-09-14 04:32:54 +00:00
|
|
|
/** @var Config */
|
2019-08-01 19:53:31 +00:00
|
|
|
protected $config;
|
|
|
|
|
/** @var MessageBlobStore */
|
|
|
|
|
protected $blobStore;
|
2019-06-29 04:50:31 +00:00
|
|
|
/** @var DependencyStore */
|
|
|
|
|
protected $depStore;
|
2014-05-10 08:39:37 +00:00
|
|
|
|
2019-08-01 19:53:31 +00:00
|
|
|
/** @var LoggerInterface */
|
|
|
|
|
private $logger;
|
2014-04-30 21:06:51 +00:00
|
|
|
|
Hooks::run() call site migration
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
|
|
|
/** @var HookContainer */
|
|
|
|
|
private $hookContainer;
|
|
|
|
|
|
|
|
|
|
/** @var HookRunner */
|
|
|
|
|
private $hookRunner;
|
|
|
|
|
|
2019-08-01 19:53:31 +00:00
|
|
|
/** @var ResourceLoaderModule[] Map of (module name => ResourceLoaderModule) */
|
2016-02-17 09:09:32 +00:00
|
|
|
protected $modules = [];
|
2019-08-01 19:53:31 +00:00
|
|
|
/** @var array[] Map of (module name => associative info array) */
|
2016-02-17 09:09:32 +00:00
|
|
|
protected $moduleInfos = [];
|
2014-03-07 19:13:43 +00:00
|
|
|
/**
|
2019-08-01 19:53:31 +00:00
|
|
|
* Associative array mapping framework ids to a list of names of test suite modules
|
|
|
|
|
* like [ 'qunit' => [ 'mediawiki.tests.qunit.suites', 'ext.foo.tests', ... ], ... ]
|
|
|
|
|
* @var array
|
2014-03-07 19:13:43 +00:00
|
|
|
*/
|
2019-08-01 19:53:31 +00:00
|
|
|
protected $testModuleNames = [];
|
|
|
|
|
/** @var string[] List of module names that contain QUnit test suites */
|
2019-07-30 15:06:35 +00:00
|
|
|
protected $testSuiteModuleNames = [];
|
2019-08-01 19:53:31 +00:00
|
|
|
/** @var array Map of (source => path); E.g. [ 'source-id' => 'http://.../load.php' ] */
|
2016-02-17 09:09:32 +00:00
|
|
|
protected $sources = [];
|
2019-08-01 19:53:31 +00:00
|
|
|
/** @var array Errors accumulated during current respond() call */
|
2016-02-17 09:09:32 +00:00
|
|
|
protected $errors = [];
|
2019-08-01 19:53:31 +00:00
|
|
|
/** @var string[] Extra HTTP response headers from modules loaded in makeModuleResponse() */
|
resourceloader: Add support for modules sending preload headers
ResourceLoaderModule objects gain a new method getPreloadLinks() which
returns an array with the meta data required to build a Link rel=preload
header according to the current draft for W3C Preload.
<https://w3c.github.io/preload/>
Another implementation of this is already in use in OutputPage for
preloading the logo image.
This array is formatted by the ResourceLoaderModule::getHeaders method,
which is implemented as "final" at this time, thus restricting use to
the Link rel=preload header.
Headers are exposed and process-cached, like all other content
(scripts, styles, etc.), through ResourceLoaderModule::getModuleContent,
and aggregated by ResoureLoader::makeModuleResponse.
I had hoped for the getPreloadLinks to be stateless (not vary on $context).
Whether something should be preloaded and what, should not vary on the
skin or language. However, while that conceptually holds true, the exact
url for any given resource may still vary. Even the main use case for this
feature (T164299, preloading base modules request) require $context to pass
down skin and lang to the load.php url.
Add full test coverage and example documentation.
Bug: T164299
Change-Id: I2bfe0796ceaa0c82579c501f5b10e931f2175681
2017-07-18 02:36:01 +00:00
|
|
|
protected $extraHeaders = [];
|
|
|
|
|
|
2019-06-29 04:50:31 +00:00
|
|
|
/** @var array Map of (module-variant => buffered DependencyStore updates) */
|
|
|
|
|
private $depStoreUpdateBuffer = [];
|
|
|
|
|
|
2020-03-09 20:12:45 +00:00
|
|
|
/** @var array Styles that are skin-specific and supplement or replace the
|
|
|
|
|
* default skinStyles of a FileModule. See $wgResourceModuleSkinStyles.
|
|
|
|
|
*/
|
|
|
|
|
private $moduleSkinStyles = [];
|
|
|
|
|
|
2020-05-22 02:01:42 +00:00
|
|
|
/** @var int|null */
|
2019-08-01 19:53:31 +00:00
|
|
|
protected static $debugMode = null;
|
2015-03-29 04:24:31 +00:00
|
|
|
|
2019-08-01 19:53:31 +00:00
|
|
|
/** @var int */
|
2020-05-15 21:36:51 +00:00
|
|
|
public const CACHE_VERSION = 8;
|
2015-06-04 03:52:45 +00:00
|
|
|
|
2019-06-29 04:50:31 +00:00
|
|
|
/** @var string */
|
|
|
|
|
private const RL_DEP_STORE_PREFIX = 'ResourceLoaderModule';
|
|
|
|
|
/** @var int Expiry (in seconds) of indirect dependency information for modules */
|
|
|
|
|
private const RL_MODULE_DEP_TTL = BagOStuff::TTL_WEEK;
|
|
|
|
|
|
2019-08-01 19:53:31 +00:00
|
|
|
/** @var string JavaScript / CSS pragma to disable minification. * */
|
2020-05-15 21:36:51 +00:00
|
|
|
public const FILTER_NOMIN = '/*@nomin*/';
|
2015-10-01 18:05:08 +00:00
|
|
|
|
2010-09-29 19:04:04 +00:00
|
|
|
/**
|
2019-06-29 04:50:31 +00:00
|
|
|
* Load information stored in the database and dependency tracking store about modules
|
2011-06-17 16:05:05 +00:00
|
|
|
*
|
2019-06-29 04:50:31 +00:00
|
|
|
* @param string[] $moduleNames Module names
|
|
|
|
|
* @param ResourceLoaderContext $context ResourceLoader-specific context of the request
|
2010-09-24 18:49:19 +00:00
|
|
|
*/
|
2015-11-13 00:04:12 +00:00
|
|
|
public function preloadModuleInfo( array $moduleNames, ResourceLoaderContext $context ) {
|
2019-06-29 04:50:31 +00:00
|
|
|
// Load all tracked indirect file dependencies for the modules
|
2019-06-24 14:47:23 +00:00
|
|
|
$vary = ResourceLoaderModule::getVary( $context );
|
2019-06-29 04:50:31 +00:00
|
|
|
$entitiesByModule = [];
|
|
|
|
|
foreach ( $moduleNames as $moduleName ) {
|
|
|
|
|
$entitiesByModule[$moduleName] = "$moduleName|$vary";
|
2010-09-23 21:23:51 +00:00
|
|
|
}
|
2019-06-29 04:50:31 +00:00
|
|
|
$depsByEntity = $this->depStore->retrieveMulti(
|
|
|
|
|
self::RL_DEP_STORE_PREFIX,
|
|
|
|
|
$entitiesByModule
|
|
|
|
|
);
|
|
|
|
|
// Inject the indirect file dependencies for all the modules
|
|
|
|
|
foreach ( $moduleNames as $moduleName ) {
|
|
|
|
|
$module = $this->getModule( $moduleName );
|
2014-04-03 23:09:09 +00:00
|
|
|
if ( $module ) {
|
2019-06-29 04:50:31 +00:00
|
|
|
$entity = $entitiesByModule[$moduleName];
|
|
|
|
|
$deps = $depsByEntity[$entity];
|
|
|
|
|
$paths = ResourceLoaderModule::expandRelativePaths( $deps['paths'] );
|
|
|
|
|
$module->setFileDependencies( $context, $paths );
|
2014-04-03 23:09:09 +00:00
|
|
|
}
|
2010-09-23 21:23:51 +00:00
|
|
|
}
|
2011-06-17 16:05:05 +00:00
|
|
|
|
2016-09-08 03:26:48 +00:00
|
|
|
// Batched version of ResourceLoaderWikiModule::getTitleInfo
|
2019-06-29 04:50:31 +00:00
|
|
|
$dbr = wfGetDB( DB_REPLICA );
|
2016-09-08 03:26:48 +00:00
|
|
|
ResourceLoaderWikiModule::preloadTitleInfo( $context, $dbr, $moduleNames );
|
|
|
|
|
|
2015-11-13 00:04:12 +00:00
|
|
|
// Prime in-object cache for message blobs for modules with messages
|
2019-06-29 04:50:31 +00:00
|
|
|
$modulesWithMessages = [];
|
|
|
|
|
foreach ( $moduleNames as $moduleName ) {
|
|
|
|
|
$module = $this->getModule( $moduleName );
|
2015-11-13 00:04:12 +00:00
|
|
|
if ( $module && $module->getMessages() ) {
|
2019-06-29 04:50:31 +00:00
|
|
|
$modulesWithMessages[$moduleName] = $module;
|
2010-09-23 21:23:51 +00:00
|
|
|
}
|
2011-06-17 16:05:05 +00:00
|
|
|
}
|
2019-06-29 04:50:31 +00:00
|
|
|
// Prime in-object cache for message blobs for modules with messages
|
|
|
|
|
$lang = $context->getLanguage();
|
2015-11-13 00:04:12 +00:00
|
|
|
$store = $this->getMessageBlobStore();
|
2019-06-29 04:50:31 +00:00
|
|
|
$blobs = $store->getBlobs( $modulesWithMessages, $lang );
|
|
|
|
|
foreach ( $blobs as $moduleName => $blob ) {
|
|
|
|
|
$modulesWithMessages[$moduleName]->setMessageBlob( $blob, $lang );
|
2010-09-23 21:23:51 +00:00
|
|
|
}
|
|
|
|
|
}
|
2010-09-15 18:27:47 +00:00
|
|
|
|
2010-09-04 04:00:09 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Run JavaScript or CSS data through a filter, caching the filtered result for future calls.
|
2011-06-17 16:05:05 +00:00
|
|
|
*
|
2010-10-20 14:58:35 +00:00
|
|
|
* Available filters are:
|
2014-03-07 16:50:57 +00:00
|
|
|
*
|
2021-02-18 04:38:29 +00:00
|
|
|
* - minify-js
|
|
|
|
|
* - minify-css
|
2011-06-17 16:05:05 +00:00
|
|
|
*
|
|
|
|
|
* If $data is empty, only contains whitespace or the filter was unknown,
|
2010-11-03 07:58:03 +00:00
|
|
|
* $data is returned unmodified.
|
2011-06-17 16:05:05 +00:00
|
|
|
*
|
2013-03-11 17:15:01 +00:00
|
|
|
* @param string $filter Name of filter to run
|
|
|
|
|
* @param string $data Text to filter, such as JavaScript or CSS text
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param array<string,bool> $options Keys:
|
2015-05-14 01:31:42 +00:00
|
|
|
* - (bool) cache: Whether to allow caching this data. Default: true.
|
2020-06-25 19:55:40 +00:00
|
|
|
* @return string Filtered data or unfiltered data
|
2010-09-04 04:00:09 +00:00
|
|
|
*/
|
2016-02-17 10:31:52 +00:00
|
|
|
public static function filter( $filter, $data, array $options = [] ) {
|
2017-07-23 01:24:09 +00:00
|
|
|
if ( strpos( $data, self::FILTER_NOMIN ) !== false ) {
|
2010-09-04 04:00:09 +00:00
|
|
|
return $data;
|
|
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2015-10-01 18:05:08 +00:00
|
|
|
if ( isset( $options['cache'] ) && $options['cache'] === false ) {
|
2020-06-25 19:55:40 +00:00
|
|
|
return self::applyFilter( $filter, $data ) ?? $data;
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2017-03-17 10:57:37 +00:00
|
|
|
$stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
|
2015-10-31 18:42:48 +00:00
|
|
|
$cache = ObjectCache::getLocalServerInstance( CACHE_ANYTHING );
|
2015-10-01 18:05:08 +00:00
|
|
|
|
2015-10-19 17:00:50 +00:00
|
|
|
$key = $cache->makeGlobalKey(
|
2019-05-28 18:24:31 +00:00
|
|
|
'resourceloader-filter',
|
2015-10-01 18:05:08 +00:00
|
|
|
$filter,
|
2017-09-29 20:35:00 +00:00
|
|
|
self::CACHE_VERSION,
|
|
|
|
|
md5( $data )
|
2015-10-01 18:05:08 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$result = $cache->get( $key );
|
|
|
|
|
if ( $result === false ) {
|
|
|
|
|
$stats->increment( "resourceloader_cache.$filter.miss" );
|
|
|
|
|
$result = self::applyFilter( $filter, $data );
|
|
|
|
|
$cache->set( $key, $result, 24 * 3600 );
|
2015-05-14 01:31:42 +00:00
|
|
|
} else {
|
2015-10-01 18:05:08 +00:00
|
|
|
$stats->increment( "resourceloader_cache.$filter.hit" );
|
|
|
|
|
}
|
|
|
|
|
if ( $result === null ) {
|
|
|
|
|
// Cached failure
|
|
|
|
|
$result = $data;
|
2015-05-14 01:31:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-21 00:26:07 +00:00
|
|
|
/**
|
|
|
|
|
* @param string $filter
|
|
|
|
|
* @param string $data
|
2020-06-25 19:55:40 +00:00
|
|
|
* @return string|null
|
2020-02-21 00:26:07 +00:00
|
|
|
*/
|
2015-10-01 18:05:08 +00:00
|
|
|
private static function applyFilter( $filter, $data ) {
|
|
|
|
|
$data = trim( $data );
|
|
|
|
|
if ( $data ) {
|
|
|
|
|
try {
|
|
|
|
|
$data = ( $filter === 'minify-css' )
|
|
|
|
|
? CSSMin::minify( $data )
|
|
|
|
|
: JavaScriptMinifier::minify( $data );
|
|
|
|
|
} catch ( Exception $e ) {
|
|
|
|
|
MWExceptionHandler::logException( $e );
|
|
|
|
|
return null;
|
|
|
|
|
}
|
2015-06-26 05:57:17 +00:00
|
|
|
}
|
|
|
|
|
return $data;
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2010-09-29 19:04:04 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Register core modules and runs registration hooks.
|
2021-03-18 01:55:53 +00:00
|
|
|
* @param Config $config
|
2018-06-26 21:14:43 +00:00
|
|
|
* @param LoggerInterface|null $logger [optional]
|
2019-06-29 04:50:31 +00:00
|
|
|
* @param DependencyStore|null $tracker [optional]
|
2010-09-29 19:04:04 +00:00
|
|
|
*/
|
2019-06-29 04:50:31 +00:00
|
|
|
public function __construct(
|
2021-03-18 01:55:53 +00:00
|
|
|
Config $config,
|
2019-06-29 04:50:31 +00:00
|
|
|
LoggerInterface $logger = null,
|
|
|
|
|
DependencyStore $tracker = null
|
|
|
|
|
) {
|
2015-11-13 00:04:12 +00:00
|
|
|
$this->logger = $logger ?: new NullLogger();
|
2020-02-10 23:18:09 +00:00
|
|
|
$services = MediaWikiServices::getInstance();
|
2014-08-07 10:25:56 +00:00
|
|
|
|
|
|
|
|
$this->config = $config;
|
|
|
|
|
|
Hooks::run() call site migration
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
|
|
|
$this->hookContainer = $services->getHookContainer();
|
|
|
|
|
$this->hookRunner = new HookRunner( $this->hookContainer );
|
|
|
|
|
|
2011-07-26 21:10:34 +00:00
|
|
|
// Add 'local' source first
|
resourceloader: Move queue formatting out of OutputPage
HTML formatting of the queue was distributed over several OutputPage methods.
Each method demanding a snippet of HTML by calling makeResourceLoaderLink()
with a limited amount of information. As such, makeResourceLoaderLink() was
unable to provide the client with the proper state information.
Centralising it also allows it to better reduce duplication in HTML output
and maintain a more accurate state.
Problems fixed by centralising:
1. The 'user' module is special (due to per-user 'version' and 'user' params).
It is manually requested via script-src. To avoid a separate (and wrong)
request from something that requires it, we set state=loading directly.
However, because the module is in the bottom, the old HTML formatter could
only put state=loading in the bottom also. This sometimes caused a wrong
request to be fired for modules=user if something in the top queue
triggered a requirement for it.
2. Since a464d1d4 (T87871) we track states of page-style modules, with purpose
of allowing dependencies on style modules without risking duplicate loading
on pages where the styles are loaded already. This didn't work, because the
state information about page-style modules is output near the stylesheet,
which is after the script tag with mw.loader.load(). That runs first, and
mw.loader would still make a duplicate request before it learns the state.
Changes:
* Document reasons for style/script tag order in getHeadHtml (per 09537e83).
* Pass $type from getModuleStyles() to getAllowedModules(). This wasn't needed
before since a duplicate check in makeResourceLoaderLink() verified the
origin a second time.
* Declare explicit position 'top' on 'user.options' and 'user.tokens' module.
Previously, OutputPage hardcoded them in the top. The new formatter doesn't.
* Remove getHeadScripts().
* Remove getInlineHeadScripts().
* Remove getExternalHeadScripts().
* Remove buildCssLinks().
* Remove getScriptsForBottomQueue().
* Change where Skin::setupSkinUserCss() is called. This methods lets the skin
add modules to the queue. Previously it was called from buildCssLinks(),
via headElement(), via prepareQuickTemplate(), via OutputPage::output().
It's now in OutputPage::output() directly (slightly earlier). This is needed
because prepareQuickTemplate() calls bottomScripts() before headElement().
And bottomScript() would lazy-initialise the queue and lock it before
setupSkinUserCss() is called from headElement().
This makes execution order more predictable instead of being dependent on
the arbitrary order of data extraction in prepareQuickTemplate (which varies
from one skin to another).
* Compute isUserModulePreview() and isKnownEmpty() for the 'user' module early
on so. This avoids wrongful loading and fixes problem 1.
Effective changes in output:
* mw.loader.state() is now before mw.loader.load(). This fixes problem 2.
* mw.loader.state() now sets 'user.options' and 'user.tokens' to "loading".
* mw.loader.state() now sets 'user' (as "loading" or "ready"). Fixes problem 1.
* The <script async src> tag for 'startup' changed position (slightly).
Previously it was after all inline scripts and stylesheets. It's still after
all inline scripts and after most stylesheets, but before any user styles.
Since the queue is now formatted outside OutputPage, it can't inject the
meta-ResourceLoaderDynamicStyles tag and user-stylesheet hack in the middle
of existing output. This shouldn't have any noticable impact.
Bug: T87871
Change-Id: I605b8cd1e1fc009b4662a0edbc54d09dd65ee1df
2016-07-15 14:13:09 +00:00
|
|
|
$this->addSource( 'local', $config->get( 'LoadScript' ) );
|
2011-07-26 21:10:34 +00:00
|
|
|
|
2019-04-06 20:41:36 +00:00
|
|
|
// Special module that always exists
|
|
|
|
|
$this->register( 'startup', [ 'class' => ResourceLoaderStartUpModule::class ] );
|
|
|
|
|
|
2020-02-10 23:18:09 +00:00
|
|
|
$this->setMessageBlobStore(
|
|
|
|
|
new MessageBlobStore( $this, $this->logger, $services->getMainWANObjectCache() )
|
|
|
|
|
);
|
2019-06-29 04:50:31 +00:00
|
|
|
|
|
|
|
|
$tracker = $tracker ?: new KeyValueDependencyStore( new HashBagOStuff() );
|
|
|
|
|
$this->setDependencyStore( $tracker );
|
2010-09-29 19:04:04 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2014-08-07 10:25:56 +00:00
|
|
|
/**
|
|
|
|
|
* @return Config
|
|
|
|
|
*/
|
|
|
|
|
public function getConfig() {
|
|
|
|
|
return $this->config;
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-10 03:12:24 +00:00
|
|
|
/**
|
|
|
|
|
* @since 1.26
|
|
|
|
|
* @param LoggerInterface $logger
|
|
|
|
|
*/
|
2015-06-04 03:52:45 +00:00
|
|
|
public function setLogger( LoggerInterface $logger ) {
|
|
|
|
|
$this->logger = $logger;
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-10 03:12:24 +00:00
|
|
|
/**
|
|
|
|
|
* @since 1.27
|
|
|
|
|
* @return LoggerInterface
|
|
|
|
|
*/
|
|
|
|
|
public function getLogger() {
|
|
|
|
|
return $this->logger;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-29 04:24:31 +00:00
|
|
|
/**
|
2015-05-14 19:05:47 +00:00
|
|
|
* @since 1.26
|
|
|
|
|
* @return MessageBlobStore
|
|
|
|
|
*/
|
|
|
|
|
public function getMessageBlobStore() {
|
|
|
|
|
return $this->blobStore;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-03-29 04:24:31 +00:00
|
|
|
* @since 1.25
|
2015-05-14 19:05:47 +00:00
|
|
|
* @param MessageBlobStore $blobStore
|
2015-03-29 04:24:31 +00:00
|
|
|
*/
|
|
|
|
|
public function setMessageBlobStore( MessageBlobStore $blobStore ) {
|
|
|
|
|
$this->blobStore = $blobStore;
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-29 04:50:31 +00:00
|
|
|
/**
|
|
|
|
|
* @since 1.35
|
|
|
|
|
* @param DependencyStore $tracker
|
|
|
|
|
*/
|
|
|
|
|
public function setDependencyStore( DependencyStore $tracker ) {
|
|
|
|
|
$this->depStore = $tracker;
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-09 20:12:45 +00:00
|
|
|
/**
|
|
|
|
|
* @internal For use by ServiceWiring.php
|
|
|
|
|
* @param array $moduleSkinStyles
|
|
|
|
|
*/
|
|
|
|
|
public function setModuleSkinStyles( array $moduleSkinStyles ) {
|
|
|
|
|
$this->moduleSkinStyles = $moduleSkinStyles;
|
|
|
|
|
}
|
|
|
|
|
|
2010-09-04 04:00:09 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Register a module with the ResourceLoader system.
|
2011-06-17 16:05:05 +00:00
|
|
|
*
|
2020-11-27 02:47:45 +00:00
|
|
|
* @see $wgResourceModules for the available options.
|
2019-07-11 17:09:23 +00:00
|
|
|
* @param string|array[] $name Module name as a string or, array of module info arrays
|
|
|
|
|
* keyed by name.
|
|
|
|
|
* @param array|null $info Module info array. When using the first parameter to register
|
|
|
|
|
* multiple modules at once, this parameter is optional.
|
2020-02-21 00:26:07 +00:00
|
|
|
* @throws InvalidArgumentException If a module name contains illegal characters (pipes or commas)
|
2019-07-11 17:09:23 +00:00
|
|
|
* @throws InvalidArgumentException If the module info is not an array
|
2010-09-04 04:00:09 +00:00
|
|
|
*/
|
2020-02-21 00:26:07 +00:00
|
|
|
public function register( $name, array $info = null ) {
|
2010-09-04 04:00:09 +00:00
|
|
|
// Allow multiple modules to be registered in one call
|
2016-02-17 09:09:32 +00:00
|
|
|
$registrations = is_array( $name ) ? $name : [ $name => $info ];
|
2011-11-19 16:02:26 +00:00
|
|
|
foreach ( $registrations as $name => $info ) {
|
2015-10-26 18:23:43 +00:00
|
|
|
// Warn on duplicate registrations
|
2011-11-19 16:02:26 +00:00
|
|
|
if ( isset( $this->moduleInfos[$name] ) ) {
|
|
|
|
|
// A module has already been registered by this name
|
2015-10-27 07:44:47 +00:00
|
|
|
$this->logger->warning(
|
|
|
|
|
'ResourceLoader duplicate registration warning. ' .
|
|
|
|
|
'Another module has already been registered as ' . $name
|
|
|
|
|
);
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2011-06-17 16:05:05 +00:00
|
|
|
|
2019-07-11 17:09:23 +00:00
|
|
|
// Check validity
|
2012-05-09 21:10:33 +00:00
|
|
|
if ( !self::isValidModuleName( $name ) ) {
|
2020-02-21 00:26:07 +00:00
|
|
|
throw new InvalidArgumentException( "ResourceLoader module name '$name' is invalid, "
|
2014-05-10 08:39:37 +00:00
|
|
|
. "see ResourceLoader::isValidModuleName()" );
|
* Made Resources.php return a pure-data array instead of an ugly mix of data and code. This allows the class code to be lazy-loaded with the autoloader, for a performance advantage especially on non-APC installs. And using the convention where if the class is omitted, ResourceLoaderFileModule is assumed, the registration code becomes shorter and simpler.
* Modified ResourceLoader to lazy-initialise module objects, for a further performance advantage.
* Deleted ResourceLoader::getModules(), provided getModuleNames() instead. Although the startup module needs this functionality, it's slow to generate, so to avoid misuse, it's better to provide a foolproof fast interface and let the startup module do the slow thing itself.
* Modified ResourceLoader::register() to optionally accept an info array instead of an object.
* Added $wgResourceModules, allowing extensions to efficiently define their own resource loader modules. The trouble with hooks is that they contain code, and code is slow. We've been through all this before with i18n. Hooks are useful as a performance tool only if you call them very rarely.
* Moved ResourceLoader settings to their own section in DefaultSettings.php
* Added options to ResourceLoaderFileModule equivalent to the $localBasePath and $remoteBasePath parameters, to allow it to be instantiated via the new array style. Also added remoteExtPath, which allows modules to be registered before $wgExtensionAssetsPath is known.
* Added OutputPage::getResourceLoader(), mostly for debugging.
* The time saving at the moment is about 5ms per request with no extensions, which is significant already with 6 load.php requests for a cold cache page view. This is a much more scalable interface; the relative saving will grow as more extensions are added which use this interface, especially for non-APC installs.
Although the interface is backwards compatible, extension updates will follow in a subsequent commit.
2010-11-19 10:41:06 +00:00
|
|
|
}
|
2019-07-11 17:09:23 +00:00
|
|
|
if ( !is_array( $info ) ) {
|
|
|
|
|
throw new InvalidArgumentException(
|
|
|
|
|
'Invalid module info for "' . $name . '": expected array, got ' . gettype( $info )
|
2014-04-03 23:09:09 +00:00
|
|
|
);
|
2011-11-19 16:02:26 +00:00
|
|
|
}
|
2014-06-26 14:29:31 +00:00
|
|
|
|
2019-07-11 17:09:23 +00:00
|
|
|
// Attach module
|
|
|
|
|
$this->moduleInfos[$name] = $info;
|
2010-09-29 23:57:53 +00:00
|
|
|
}
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2019-04-17 14:17:15 +00:00
|
|
|
/**
|
|
|
|
|
* @internal For use by ServiceWiring only
|
2019-07-30 15:06:35 +00:00
|
|
|
* @codeCoverageIgnore
|
2019-04-17 14:17:15 +00:00
|
|
|
*/
|
2021-07-22 03:11:47 +00:00
|
|
|
public function registerTestModules(): void {
|
2014-08-07 10:25:56 +00:00
|
|
|
global $IP;
|
2012-01-03 18:33:26 +00:00
|
|
|
|
2014-08-07 10:25:56 +00:00
|
|
|
if ( $this->config->get( 'EnableJavaScriptTest' ) !== true ) {
|
2014-05-10 08:39:37 +00:00
|
|
|
throw new MWException( 'Attempt to register JavaScript test modules '
|
|
|
|
|
. 'but <code>$wgEnableJavaScriptTest</code> is false. '
|
|
|
|
|
. 'Edit your <code>LocalSettings.php</code> to enable it.' );
|
2012-01-03 18:33:26 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-30 15:06:35 +00:00
|
|
|
// This has a 'qunit' key for compat with the below hook.
|
|
|
|
|
$testModulesMeta = [ 'qunit' => [] ];
|
2019-01-18 20:21:35 +00:00
|
|
|
|
Hooks::run() call site migration
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
|
|
|
$this->hookRunner->onResourceLoaderTestModules( $testModulesMeta, $this );
|
2019-01-18 20:21:35 +00:00
|
|
|
$extRegistry = ExtensionRegistry::getInstance();
|
|
|
|
|
// In case of conflict, the deprecated hook has precedence.
|
2019-12-12 19:53:58 +00:00
|
|
|
$testModules = $testModulesMeta['qunit']
|
2019-12-19 04:27:55 +00:00
|
|
|
+ $extRegistry->getAttribute( 'QUnitTestModules' );
|
2012-01-03 18:33:26 +00:00
|
|
|
|
2019-07-30 15:06:35 +00:00
|
|
|
$testSuiteModuleNames = [];
|
|
|
|
|
foreach ( $testModules as $name => &$module ) {
|
|
|
|
|
// Turn any single-module dependency into an array
|
2019-02-27 15:48:58 +00:00
|
|
|
if ( isset( $module['dependencies'] ) && is_string( $module['dependencies'] ) ) {
|
2019-02-20 12:55:51 +00:00
|
|
|
$module['dependencies'] = [ $module['dependencies'] ];
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-30 15:06:35 +00:00
|
|
|
// Ensure the testrunner loads before any test suites
|
2019-10-04 17:43:38 +00:00
|
|
|
$module['dependencies'][] = 'mediawiki.qunit-testrunner';
|
2012-01-03 18:33:26 +00:00
|
|
|
|
2019-07-30 15:06:35 +00:00
|
|
|
// Keep track of the test suites to load on SpecialJavaScriptTest
|
|
|
|
|
$testSuiteModuleNames[] = $name;
|
|
|
|
|
}
|
2014-02-05 05:17:48 +00:00
|
|
|
|
2019-07-30 15:06:35 +00:00
|
|
|
// Core test suites (their names have further precedence).
|
|
|
|
|
$testModules = ( include "$IP/tests/qunit/QUnitTestResources.php" ) + $testModules;
|
2019-10-04 17:43:38 +00:00
|
|
|
$testSuiteModuleNames[] = 'test.MediaWiki';
|
2012-01-03 18:33:26 +00:00
|
|
|
|
2019-07-30 15:06:35 +00:00
|
|
|
$this->register( $testModules );
|
|
|
|
|
$this->testSuiteModuleNames = $testSuiteModuleNames;
|
2012-01-03 18:33:26 +00:00
|
|
|
}
|
|
|
|
|
|
2011-07-26 21:10:34 +00:00
|
|
|
/**
|
|
|
|
|
* Add a foreign source of modules.
|
2011-10-14 08:06:54 +00:00
|
|
|
*
|
2015-11-20 00:48:01 +00:00
|
|
|
* Source IDs are typically the same as the Wiki ID or database name (e.g. lowercase a-z).
|
|
|
|
|
*
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param array|string $sources Source ID (string), or [ id1 => loadUrl, id2 => loadUrl, ... ]
|
2018-06-26 21:14:43 +00:00
|
|
|
* @param string|array|null $loadUrl load.php url (string), or array with loadUrl key for
|
2014-09-13 06:30:48 +00:00
|
|
|
* backwards-compatibility.
|
2020-02-21 00:26:07 +00:00
|
|
|
* @throws InvalidArgumentException If array-form $loadUrl lacks a 'loadUrl' key.
|
2011-07-26 21:10:34 +00:00
|
|
|
*/
|
2020-02-21 00:26:07 +00:00
|
|
|
public function addSource( $sources, $loadUrl = null ) {
|
|
|
|
|
if ( !is_array( $sources ) ) {
|
|
|
|
|
$sources = [ $sources => $loadUrl ];
|
|
|
|
|
}
|
|
|
|
|
foreach ( $sources as $id => $source ) {
|
|
|
|
|
// Disallow duplicates
|
|
|
|
|
if ( isset( $this->sources[$id] ) ) {
|
|
|
|
|
throw new RuntimeException( 'Cannot register source ' . $id . ' twice' );
|
2011-07-26 21:10:34 +00:00
|
|
|
}
|
|
|
|
|
|
2020-02-21 00:26:07 +00:00
|
|
|
// Support: MediaWiki 1.24 and earlier
|
|
|
|
|
if ( is_array( $source ) ) {
|
|
|
|
|
if ( !isset( $source['loadScript'] ) ) {
|
|
|
|
|
throw new InvalidArgumentException( 'Each source must have a "loadScript" key' );
|
|
|
|
|
}
|
|
|
|
|
$source = $source['loadScript'];
|
2011-07-26 21:10:34 +00:00
|
|
|
}
|
2014-08-25 08:02:48 +00:00
|
|
|
|
2020-02-21 00:26:07 +00:00
|
|
|
$this->sources[$id] = $source;
|
2011-07-26 21:10:34 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2020-10-28 10:01:33 +00:00
|
|
|
* @return string[]
|
2010-09-04 04:00:09 +00:00
|
|
|
*/
|
* Made Resources.php return a pure-data array instead of an ugly mix of data and code. This allows the class code to be lazy-loaded with the autoloader, for a performance advantage especially on non-APC installs. And using the convention where if the class is omitted, ResourceLoaderFileModule is assumed, the registration code becomes shorter and simpler.
* Modified ResourceLoader to lazy-initialise module objects, for a further performance advantage.
* Deleted ResourceLoader::getModules(), provided getModuleNames() instead. Although the startup module needs this functionality, it's slow to generate, so to avoid misuse, it's better to provide a foolproof fast interface and let the startup module do the slow thing itself.
* Modified ResourceLoader::register() to optionally accept an info array instead of an object.
* Added $wgResourceModules, allowing extensions to efficiently define their own resource loader modules. The trouble with hooks is that they contain code, and code is slow. We've been through all this before with i18n. Hooks are useful as a performance tool only if you call them very rarely.
* Moved ResourceLoader settings to their own section in DefaultSettings.php
* Added options to ResourceLoaderFileModule equivalent to the $localBasePath and $remoteBasePath parameters, to allow it to be instantiated via the new array style. Also added remoteExtPath, which allows modules to be registered before $wgExtensionAssetsPath is known.
* Added OutputPage::getResourceLoader(), mostly for debugging.
* The time saving at the moment is about 5ms per request with no extensions, which is significant already with 6 load.php requests for a cold cache page view. This is a much more scalable interface; the relative saving will grow as more extensions are added which use this interface, especially for non-APC installs.
Although the interface is backwards compatible, extension updates will follow in a subsequent commit.
2010-11-19 10:41:06 +00:00
|
|
|
public function getModuleNames() {
|
|
|
|
|
return array_keys( $this->moduleInfos );
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2012-10-19 20:03:05 +00:00
|
|
|
|
2012-10-26 15:42:13 +00:00
|
|
|
/**
|
2019-07-30 15:06:35 +00:00
|
|
|
* Get a list of module names with QUnit test suites.
|
2014-03-07 16:50:57 +00:00
|
|
|
*
|
2019-07-30 15:06:35 +00:00
|
|
|
* @internal For use by SpecialJavaScriptTest only
|
2020-10-28 10:01:33 +00:00
|
|
|
* @return string[]
|
2019-07-30 15:06:35 +00:00
|
|
|
* @codeCoverageIgnore
|
2012-01-03 18:33:26 +00:00
|
|
|
*/
|
2019-07-30 15:06:35 +00:00
|
|
|
public function getTestSuiteModuleNames() {
|
|
|
|
|
return $this->testSuiteModuleNames;
|
2012-01-03 18:33:26 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2015-01-30 21:36:52 +00:00
|
|
|
/**
|
|
|
|
|
* Check whether a ResourceLoader module is registered
|
|
|
|
|
*
|
|
|
|
|
* @since 1.25
|
|
|
|
|
* @param string $name
|
|
|
|
|
* @return bool
|
|
|
|
|
*/
|
|
|
|
|
public function isModuleRegistered( $name ) {
|
|
|
|
|
return isset( $this->moduleInfos[$name] );
|
|
|
|
|
}
|
|
|
|
|
|
2010-09-04 04:00:09 +00:00
|
|
|
/**
|
2010-10-20 00:22:25 +00:00
|
|
|
* Get the ResourceLoaderModule object for a given module name.
|
2010-09-05 13:31:34 +00:00
|
|
|
*
|
2014-04-03 23:09:09 +00:00
|
|
|
* If an array of module parameters exists but a ResourceLoaderModule object has not
|
|
|
|
|
* yet been instantiated, this method will instantiate and cache that object such that
|
|
|
|
|
* subsequent calls simply return the same object.
|
|
|
|
|
*
|
2013-03-11 17:15:01 +00:00
|
|
|
* @param string $name Module name
|
2014-04-03 23:09:09 +00:00
|
|
|
* @return ResourceLoaderModule|null If module has been registered, return a
|
|
|
|
|
* ResourceLoaderModule instance. Otherwise, return null.
|
2010-09-04 04:00:09 +00:00
|
|
|
*/
|
2010-09-29 19:04:04 +00:00
|
|
|
public function getModule( $name ) {
|
* Made Resources.php return a pure-data array instead of an ugly mix of data and code. This allows the class code to be lazy-loaded with the autoloader, for a performance advantage especially on non-APC installs. And using the convention where if the class is omitted, ResourceLoaderFileModule is assumed, the registration code becomes shorter and simpler.
* Modified ResourceLoader to lazy-initialise module objects, for a further performance advantage.
* Deleted ResourceLoader::getModules(), provided getModuleNames() instead. Although the startup module needs this functionality, it's slow to generate, so to avoid misuse, it's better to provide a foolproof fast interface and let the startup module do the slow thing itself.
* Modified ResourceLoader::register() to optionally accept an info array instead of an object.
* Added $wgResourceModules, allowing extensions to efficiently define their own resource loader modules. The trouble with hooks is that they contain code, and code is slow. We've been through all this before with i18n. Hooks are useful as a performance tool only if you call them very rarely.
* Moved ResourceLoader settings to their own section in DefaultSettings.php
* Added options to ResourceLoaderFileModule equivalent to the $localBasePath and $remoteBasePath parameters, to allow it to be instantiated via the new array style. Also added remoteExtPath, which allows modules to be registered before $wgExtensionAssetsPath is known.
* Added OutputPage::getResourceLoader(), mostly for debugging.
* The time saving at the moment is about 5ms per request with no extensions, which is significant already with 6 load.php requests for a cold cache page view. This is a much more scalable interface; the relative saving will grow as more extensions are added which use this interface, especially for non-APC installs.
Although the interface is backwards compatible, extension updates will follow in a subsequent commit.
2010-11-19 10:41:06 +00:00
|
|
|
if ( !isset( $this->modules[$name] ) ) {
|
|
|
|
|
if ( !isset( $this->moduleInfos[$name] ) ) {
|
|
|
|
|
// No such module
|
|
|
|
|
return null;
|
|
|
|
|
}
|
2019-07-11 17:09:23 +00:00
|
|
|
// Construct the requested module object
|
* Made Resources.php return a pure-data array instead of an ugly mix of data and code. This allows the class code to be lazy-loaded with the autoloader, for a performance advantage especially on non-APC installs. And using the convention where if the class is omitted, ResourceLoaderFileModule is assumed, the registration code becomes shorter and simpler.
* Modified ResourceLoader to lazy-initialise module objects, for a further performance advantage.
* Deleted ResourceLoader::getModules(), provided getModuleNames() instead. Although the startup module needs this functionality, it's slow to generate, so to avoid misuse, it's better to provide a foolproof fast interface and let the startup module do the slow thing itself.
* Modified ResourceLoader::register() to optionally accept an info array instead of an object.
* Added $wgResourceModules, allowing extensions to efficiently define their own resource loader modules. The trouble with hooks is that they contain code, and code is slow. We've been through all this before with i18n. Hooks are useful as a performance tool only if you call them very rarely.
* Moved ResourceLoader settings to their own section in DefaultSettings.php
* Added options to ResourceLoaderFileModule equivalent to the $localBasePath and $remoteBasePath parameters, to allow it to be instantiated via the new array style. Also added remoteExtPath, which allows modules to be registered before $wgExtensionAssetsPath is known.
* Added OutputPage::getResourceLoader(), mostly for debugging.
* The time saving at the moment is about 5ms per request with no extensions, which is significant already with 6 load.php requests for a cold cache page view. This is a much more scalable interface; the relative saving will grow as more extensions are added which use this interface, especially for non-APC installs.
Although the interface is backwards compatible, extension updates will follow in a subsequent commit.
2010-11-19 10:41:06 +00:00
|
|
|
$info = $this->moduleInfos[$name];
|
2019-07-11 17:09:23 +00:00
|
|
|
if ( isset( $info['factory'] ) ) {
|
|
|
|
|
/** @var ResourceLoaderModule $object */
|
2017-05-04 16:10:28 +00:00
|
|
|
$object = call_user_func( $info['factory'], $info );
|
* Made Resources.php return a pure-data array instead of an ugly mix of data and code. This allows the class code to be lazy-loaded with the autoloader, for a performance advantage especially on non-APC installs. And using the convention where if the class is omitted, ResourceLoaderFileModule is assumed, the registration code becomes shorter and simpler.
* Modified ResourceLoader to lazy-initialise module objects, for a further performance advantage.
* Deleted ResourceLoader::getModules(), provided getModuleNames() instead. Although the startup module needs this functionality, it's slow to generate, so to avoid misuse, it's better to provide a foolproof fast interface and let the startup module do the slow thing itself.
* Modified ResourceLoader::register() to optionally accept an info array instead of an object.
* Added $wgResourceModules, allowing extensions to efficiently define their own resource loader modules. The trouble with hooks is that they contain code, and code is slow. We've been through all this before with i18n. Hooks are useful as a performance tool only if you call them very rarely.
* Moved ResourceLoader settings to their own section in DefaultSettings.php
* Added options to ResourceLoaderFileModule equivalent to the $localBasePath and $remoteBasePath parameters, to allow it to be instantiated via the new array style. Also added remoteExtPath, which allows modules to be registered before $wgExtensionAssetsPath is known.
* Added OutputPage::getResourceLoader(), mostly for debugging.
* The time saving at the moment is about 5ms per request with no extensions, which is significant already with 6 load.php requests for a cold cache page view. This is a much more scalable interface; the relative saving will grow as more extensions are added which use this interface, especially for non-APC installs.
Although the interface is backwards compatible, extension updates will follow in a subsequent commit.
2010-11-19 10:41:06 +00:00
|
|
|
} else {
|
2018-10-20 21:55:44 +00:00
|
|
|
$class = $info['class'] ?? ResourceLoaderFileModule::class;
|
2014-08-07 10:25:56 +00:00
|
|
|
/** @var ResourceLoaderModule $object */
|
* Made Resources.php return a pure-data array instead of an ugly mix of data and code. This allows the class code to be lazy-loaded with the autoloader, for a performance advantage especially on non-APC installs. And using the convention where if the class is omitted, ResourceLoaderFileModule is assumed, the registration code becomes shorter and simpler.
* Modified ResourceLoader to lazy-initialise module objects, for a further performance advantage.
* Deleted ResourceLoader::getModules(), provided getModuleNames() instead. Although the startup module needs this functionality, it's slow to generate, so to avoid misuse, it's better to provide a foolproof fast interface and let the startup module do the slow thing itself.
* Modified ResourceLoader::register() to optionally accept an info array instead of an object.
* Added $wgResourceModules, allowing extensions to efficiently define their own resource loader modules. The trouble with hooks is that they contain code, and code is slow. We've been through all this before with i18n. Hooks are useful as a performance tool only if you call them very rarely.
* Moved ResourceLoader settings to their own section in DefaultSettings.php
* Added options to ResourceLoaderFileModule equivalent to the $localBasePath and $remoteBasePath parameters, to allow it to be instantiated via the new array style. Also added remoteExtPath, which allows modules to be registered before $wgExtensionAssetsPath is known.
* Added OutputPage::getResourceLoader(), mostly for debugging.
* The time saving at the moment is about 5ms per request with no extensions, which is significant already with 6 load.php requests for a cold cache page view. This is a much more scalable interface; the relative saving will grow as more extensions are added which use this interface, especially for non-APC installs.
Although the interface is backwards compatible, extension updates will follow in a subsequent commit.
2010-11-19 10:41:06 +00:00
|
|
|
$object = new $class( $info );
|
|
|
|
|
}
|
2019-07-11 17:09:23 +00:00
|
|
|
$object->setConfig( $this->getConfig() );
|
|
|
|
|
$object->setLogger( $this->logger );
|
Hooks::run() call site migration
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
|
|
|
$object->setHookContainer( $this->hookContainer );
|
* Made Resources.php return a pure-data array instead of an ugly mix of data and code. This allows the class code to be lazy-loaded with the autoloader, for a performance advantage especially on non-APC installs. And using the convention where if the class is omitted, ResourceLoaderFileModule is assumed, the registration code becomes shorter and simpler.
* Modified ResourceLoader to lazy-initialise module objects, for a further performance advantage.
* Deleted ResourceLoader::getModules(), provided getModuleNames() instead. Although the startup module needs this functionality, it's slow to generate, so to avoid misuse, it's better to provide a foolproof fast interface and let the startup module do the slow thing itself.
* Modified ResourceLoader::register() to optionally accept an info array instead of an object.
* Added $wgResourceModules, allowing extensions to efficiently define their own resource loader modules. The trouble with hooks is that they contain code, and code is slow. We've been through all this before with i18n. Hooks are useful as a performance tool only if you call them very rarely.
* Moved ResourceLoader settings to their own section in DefaultSettings.php
* Added options to ResourceLoaderFileModule equivalent to the $localBasePath and $remoteBasePath parameters, to allow it to be instantiated via the new array style. Also added remoteExtPath, which allows modules to be registered before $wgExtensionAssetsPath is known.
* Added OutputPage::getResourceLoader(), mostly for debugging.
* The time saving at the moment is about 5ms per request with no extensions, which is significant already with 6 load.php requests for a cold cache page view. This is a much more scalable interface; the relative saving will grow as more extensions are added which use this interface, especially for non-APC installs.
Although the interface is backwards compatible, extension updates will follow in a subsequent commit.
2010-11-19 10:41:06 +00:00
|
|
|
$object->setName( $name );
|
2019-06-29 04:50:31 +00:00
|
|
|
$object->setDependencyAccessCallbacks(
|
|
|
|
|
[ $this, 'loadModuleDependenciesInternal' ],
|
|
|
|
|
[ $this, 'saveModuleDependenciesInternal' ]
|
|
|
|
|
);
|
2021-08-11 18:53:15 +00:00
|
|
|
$object->setSkinStylesOverride( $this->moduleSkinStyles );
|
* Made Resources.php return a pure-data array instead of an ugly mix of data and code. This allows the class code to be lazy-loaded with the autoloader, for a performance advantage especially on non-APC installs. And using the convention where if the class is omitted, ResourceLoaderFileModule is assumed, the registration code becomes shorter and simpler.
* Modified ResourceLoader to lazy-initialise module objects, for a further performance advantage.
* Deleted ResourceLoader::getModules(), provided getModuleNames() instead. Although the startup module needs this functionality, it's slow to generate, so to avoid misuse, it's better to provide a foolproof fast interface and let the startup module do the slow thing itself.
* Modified ResourceLoader::register() to optionally accept an info array instead of an object.
* Added $wgResourceModules, allowing extensions to efficiently define their own resource loader modules. The trouble with hooks is that they contain code, and code is slow. We've been through all this before with i18n. Hooks are useful as a performance tool only if you call them very rarely.
* Moved ResourceLoader settings to their own section in DefaultSettings.php
* Added options to ResourceLoaderFileModule equivalent to the $localBasePath and $remoteBasePath parameters, to allow it to be instantiated via the new array style. Also added remoteExtPath, which allows modules to be registered before $wgExtensionAssetsPath is known.
* Added OutputPage::getResourceLoader(), mostly for debugging.
* The time saving at the moment is about 5ms per request with no extensions, which is significant already with 6 load.php requests for a cold cache page view. This is a much more scalable interface; the relative saving will grow as more extensions are added which use this interface, especially for non-APC installs.
Although the interface is backwards compatible, extension updates will follow in a subsequent commit.
2010-11-19 10:41:06 +00:00
|
|
|
$this->modules[$name] = $object;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->modules[$name];
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2019-06-29 04:50:31 +00:00
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* @internal Exposed for letting getModule() pass the callable to DependencyStore
|
2019-06-29 04:50:31 +00:00
|
|
|
* @param string $moduleName Module name
|
|
|
|
|
* @param string $variant Language/skin variant
|
|
|
|
|
* @return string[] List of absolute file paths
|
|
|
|
|
*/
|
|
|
|
|
public function loadModuleDependenciesInternal( $moduleName, $variant ) {
|
|
|
|
|
$deps = $this->depStore->retrieve( self::RL_DEP_STORE_PREFIX, "$moduleName|$variant" );
|
|
|
|
|
|
|
|
|
|
return ResourceLoaderModule::expandRelativePaths( $deps['paths'] );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* @internal Exposed for letting getModule() pass the callable to DependencyStore
|
2019-06-29 04:50:31 +00:00
|
|
|
* @param string $moduleName Module name
|
|
|
|
|
* @param string $variant Language/skin variant
|
|
|
|
|
* @param string[] $paths List of relative paths referenced during computation
|
|
|
|
|
* @param string[] $priorPaths List of relative paths tracked in the dependency store
|
|
|
|
|
*/
|
|
|
|
|
public function saveModuleDependenciesInternal( $moduleName, $variant, $paths, $priorPaths ) {
|
|
|
|
|
$hasPendingUpdate = (bool)$this->depStoreUpdateBuffer;
|
|
|
|
|
$entity = "$moduleName|$variant";
|
|
|
|
|
|
|
|
|
|
if ( array_diff( $paths, $priorPaths ) || array_diff( $priorPaths, $paths ) ) {
|
|
|
|
|
// Dependency store needs to be updated with the new path list
|
|
|
|
|
if ( $paths ) {
|
|
|
|
|
$deps = $this->depStore->newEntityDependencies( $paths, time() );
|
|
|
|
|
$this->depStoreUpdateBuffer[$entity] = $deps;
|
|
|
|
|
} else {
|
|
|
|
|
$this->depStoreUpdateBuffer[$entity] = null;
|
|
|
|
|
}
|
|
|
|
|
} elseif ( $priorPaths ) {
|
|
|
|
|
// Dependency store needs to store the existing path list for longer
|
|
|
|
|
$this->depStoreUpdateBuffer[$entity] = '*';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Use a DeferrableUpdate to flush the buffered dependency updates...
|
|
|
|
|
if ( !$hasPendingUpdate ) {
|
|
|
|
|
DeferredUpdates::addCallableUpdate( function () {
|
|
|
|
|
$updatesByEntity = $this->depStoreUpdateBuffer;
|
|
|
|
|
$this->depStoreUpdateBuffer = []; // consume
|
|
|
|
|
$cache = ObjectCache::getLocalClusterInstance();
|
|
|
|
|
|
|
|
|
|
$scopeLocks = [];
|
|
|
|
|
$depsByEntity = [];
|
|
|
|
|
$entitiesUnreg = [];
|
|
|
|
|
$entitiesRenew = [];
|
|
|
|
|
foreach ( $updatesByEntity as $entity => $update ) {
|
2020-05-18 22:52:20 +00:00
|
|
|
$lockKey = $cache->makeKey( 'rl-deps', $entity );
|
|
|
|
|
$scopeLocks[$entity] = $cache->getScopedLock( $lockKey, 0 );
|
2019-06-29 04:50:31 +00:00
|
|
|
if ( !$scopeLocks[$entity] ) {
|
2020-05-18 22:52:20 +00:00
|
|
|
// avoid duplicate write request slams (T124649)
|
|
|
|
|
// the lock must be specific to the current wiki (T247028)
|
|
|
|
|
continue;
|
2021-08-17 20:51:43 +00:00
|
|
|
}
|
|
|
|
|
if ( $update === null ) {
|
2019-06-29 04:50:31 +00:00
|
|
|
$entitiesUnreg[] = $entity;
|
|
|
|
|
} elseif ( $update === '*' ) {
|
|
|
|
|
$entitiesRenew[] = $entity;
|
|
|
|
|
} else {
|
|
|
|
|
$depsByEntity[$entity] = $update;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$ttl = self::RL_MODULE_DEP_TTL;
|
|
|
|
|
$this->depStore->storeMulti( self::RL_DEP_STORE_PREFIX, $depsByEntity, $ttl );
|
|
|
|
|
$this->depStore->remove( self::RL_DEP_STORE_PREFIX, $entitiesUnreg );
|
|
|
|
|
$this->depStore->renew( self::RL_DEP_STORE_PREFIX, $entitiesRenew, $ttl );
|
|
|
|
|
} );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-07-26 21:10:34 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Get the list of sources.
|
2011-10-14 08:06:54 +00:00
|
|
|
*
|
2016-08-13 01:10:40 +00:00
|
|
|
* @return array Like [ id => load.php url, ... ]
|
2011-07-26 21:10:34 +00:00
|
|
|
*/
|
|
|
|
|
public function getSources() {
|
|
|
|
|
return $this->sources;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-28 02:57:40 +00:00
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Get the URL to the load.php endpoint for the given ResourceLoader source.
|
2014-06-28 02:57:40 +00:00
|
|
|
*
|
|
|
|
|
* @since 1.24
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param string $source Source ID
|
2014-06-28 02:57:40 +00:00
|
|
|
* @return string
|
2020-02-21 00:26:07 +00:00
|
|
|
* @throws UnexpectedValueException If the source ID was not registered
|
2014-06-28 02:57:40 +00:00
|
|
|
*/
|
|
|
|
|
public function getLoadScript( $source ) {
|
|
|
|
|
if ( !isset( $this->sources[$source] ) ) {
|
2020-02-21 00:26:07 +00:00
|
|
|
throw new UnexpectedValueException( "Unknown source '$source'" );
|
2014-06-28 02:57:40 +00:00
|
|
|
}
|
2014-08-25 08:02:48 +00:00
|
|
|
return $this->sources[$source];
|
2014-06-28 02:57:40 +00:00
|
|
|
}
|
|
|
|
|
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
/**
|
2019-07-29 16:15:23 +00:00
|
|
|
* @internal For use by ResourceLoaderStartUpModule only.
|
|
|
|
|
*/
|
2020-05-15 21:36:51 +00:00
|
|
|
public const HASH_LENGTH = 5;
|
2019-07-29 16:15:23 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Create a hash for module versioning purposes.
|
|
|
|
|
*
|
|
|
|
|
* This hash is used in three ways:
|
|
|
|
|
*
|
|
|
|
|
* - To differentiate between the current version and a past version
|
|
|
|
|
* of a module by the same name.
|
|
|
|
|
*
|
|
|
|
|
* In the cache key of localStorage in the browser (mw.loader.store).
|
|
|
|
|
* This store keeps only one version of any given module. As long as the
|
|
|
|
|
* next version the client encounters has a different hash from the last
|
|
|
|
|
* version it saw, it will correctly discard it in favour of a network fetch.
|
|
|
|
|
*
|
|
|
|
|
* A browser may evict a site's storage container for any reason (e.g. when
|
|
|
|
|
* the user hasn't visited a site for some time, and/or when the device is
|
|
|
|
|
* low on storage space). Anecdotally it seems devices rarely keep unused
|
|
|
|
|
* storage beyond 2 weeks on mobile devices and 4 weeks on desktop.
|
|
|
|
|
* But, there is no hard limit or expiration on localStorage.
|
|
|
|
|
* ResourceLoader's Client also clears localStorage when the user changes
|
|
|
|
|
* their language preference or when they (temporarily) use Debug Mode.
|
|
|
|
|
*
|
|
|
|
|
* The only hard factors that reduce the range of possible versions are
|
|
|
|
|
* 1) the name and existence of a given module, and
|
|
|
|
|
* 2) the TTL for mw.loader.store, and
|
|
|
|
|
* 3) the `$wgResourceLoaderStorageVersion` configuration variable.
|
|
|
|
|
*
|
|
|
|
|
* - To identify a batch response of modules from load.php in an HTTP cache.
|
|
|
|
|
*
|
|
|
|
|
* When fetching modules in a batch from load.php, a combined hash
|
|
|
|
|
* is created by the JS code, and appended as query parameter.
|
|
|
|
|
*
|
|
|
|
|
* In cache proxies (e.g. Varnish, Nginx) and in the browser's HTTP cache,
|
|
|
|
|
* these urls are used to identify other previously cached responses.
|
|
|
|
|
* The range of possible versions a given version has to be unique amongst
|
|
|
|
|
* is determined by the maximum duration each response is stored for, which
|
|
|
|
|
* is controlled by `$wgResourceLoaderMaxage['versioned']`.
|
|
|
|
|
*
|
|
|
|
|
* - To detect race conditions between multiple web servers in a MediaWiki
|
|
|
|
|
* deployment of which some have the newer version and some still the older
|
|
|
|
|
* version.
|
|
|
|
|
*
|
|
|
|
|
* An HTTP request from a browser for the Startup manifest may be responded
|
|
|
|
|
* to by a server with the newer version. The browser may then use that to
|
|
|
|
|
* request a given module, which may then be responded to by a server with
|
|
|
|
|
* the older version. To avoid caching this for too long (which would pollute
|
|
|
|
|
* all other users without repairing itself), the combined hash that the JS
|
|
|
|
|
* client adds to the url is verified by the server (in ::sendResponseHeaders).
|
|
|
|
|
* If they don't match, we instruct cache proxies and clients to not cache
|
|
|
|
|
* this response as long as they normally would. This is also the reason
|
|
|
|
|
* that the algorithm used here in PHP must match the one used in JS.
|
|
|
|
|
*
|
|
|
|
|
* The fnv132 digest creates a 32-bit integer, which goes upto 4 Giga and
|
|
|
|
|
* needs up to 7 chars in base 36.
|
|
|
|
|
* Within 7 characters, base 36 can count up to 78,364,164,096 (78 Giga),
|
|
|
|
|
* (but with fnv132 we'd use very little of this range, mostly padding).
|
|
|
|
|
* Within 6 characters, base 36 can count up to 2,176,782,336 (2 Giga).
|
|
|
|
|
* Within 5 characters, base 36 can count up to 60,466,176 (60 Mega).
|
|
|
|
|
*
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
* @since 1.26
|
|
|
|
|
* @param string $value
|
|
|
|
|
* @return string Hash
|
|
|
|
|
*/
|
|
|
|
|
public static function makeHash( $value ) {
|
resourceloader: Replace SHA1 with 32-bit FNV-1 as hash function
SHA-1 is not secure enough to be used as a cryptographic hash function, and its
implementation in JavaScript is too long and too slow for it to be a good
general-purpose hash function. And we currently throw away most of the work:
SHA-1 produces 160-bit hash values, of which we keep 48.
Although the JavaScript implementation is not exported, SHA-1 is a well-known
hash function, and I'm willing to bet that sooner or later someone will move to
make it accessible to other modules, at which point usage will start to spread.
For ResourceLoader, the qualities we're looking for in a hash function are:
* Already implemented in PHP
* Easy to implement in JavaScript
* Fast
* Collision-resistant
The requirement that hashes be cheap to compute in JavaScript narrows the field
to 32-bit hash functions, because in JavaScript bitwise operators treat their
operands as 32 bits, and arithmetic uses double-precision floats, which have a
total precision of 53 bits. It's possible to work around these limitations, but
it's a lot of extra work.
The best match I found is the 32-bit variant of FNV-1, which is available in
PHP as of version 5.4 (as 'fnv1a32'). The fnv132 JavaScript function is
around ten times faster and eight times shorter than sha1.
Change-Id: I1e4fb08d17948538d96f241b2464d594fdc14578
2016-06-22 22:32:58 +00:00
|
|
|
$hash = hash( 'fnv132', $value );
|
2019-07-29 16:15:23 +00:00
|
|
|
// The base_convert will pad it (if too short),
|
|
|
|
|
// then substr() will trim it (if too long).
|
|
|
|
|
return substr(
|
|
|
|
|
Wikimedia\base_convert( $hash, 16, 36, self::HASH_LENGTH ),
|
|
|
|
|
0,
|
|
|
|
|
self::HASH_LENGTH
|
|
|
|
|
);
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
}
|
|
|
|
|
|
2016-12-03 03:57:42 +00:00
|
|
|
/**
|
|
|
|
|
* Add an error to the 'errors' array and log it.
|
|
|
|
|
*
|
2020-02-21 00:26:07 +00:00
|
|
|
* @internal For use by ResourceLoaderStartUpModule.
|
2016-12-03 03:57:42 +00:00
|
|
|
* @since 1.29
|
|
|
|
|
* @param Exception $e
|
|
|
|
|
* @param string $msg
|
|
|
|
|
* @param array $context
|
|
|
|
|
*/
|
resourceloader: Use 'enableModuleContentVersion' for startup module
This significantly simplifies the getVersionHash implementation for
StartupModule, and fixes a couple of bugs.
Previously, the startup module's E-Tag was determined by the
'getDefinitionSummary' method, which combined the E-Tag values
from all registered modules, plus what we thought is all information
used by 'getScript' (config vars, embedded script files, list
of base modules, ...)
However, this were various things part of the manifest that it
forgot about, including:
* Changes to the list of dependencies of a module.
* Changes to the name of module.
* Changes to the cache group of module.
* Adding or removing a foreign module source (mw.loader.addSource).
These are all quite rare, and when they do change, they usually
also involve a change that *was* tracked already. But, sometimes
they don't and that's when bugs happened.
Instead of the tracking array of getDefinitionSummary, we now
use the 'enableModuleContentVersion' option for StartupModule,
which simply calls the actual getScript() method and hashes that.
Of note: When an exception happens with the version computation of
any individual module, we catch it, log it, and continue with the
rest. Previously, the first time such error was discovered at
run-time would be in the getCombinedVersion() call from
StartupModule::getAllModuleHashes(). That public getCombinedVersion()
method of ResourceLoader had the benefit of also outputting details
of that exception in the HTTP response output. In order to keep that
behaviour, I made outputErrorAndLog() public so that StartupModule
can call it directly now. This is covered by
ResourceLoaderTest::testMakeModuleResponseStartupError.
Bug: T201686
Change-Id: I8e8d3a2cd2ccd68d2d78e988bcdd0d77fbcbf1d4
2018-08-30 02:52:39 +00:00
|
|
|
public function outputErrorAndLog( Exception $e, $msg, array $context = [] ) {
|
2016-12-03 03:57:42 +00:00
|
|
|
MWExceptionHandler::logException( $e );
|
|
|
|
|
$this->logger->warning(
|
|
|
|
|
$msg,
|
|
|
|
|
$context + [ 'exception' => $e ]
|
|
|
|
|
);
|
|
|
|
|
$this->errors[] = self::formatExceptionNoComment( $e );
|
|
|
|
|
}
|
|
|
|
|
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
/**
|
|
|
|
|
* Helper method to get and combine versions of multiple modules.
|
|
|
|
|
*
|
|
|
|
|
* @since 1.26
|
|
|
|
|
* @param ResourceLoaderContext $context
|
2017-08-11 16:09:41 +00:00
|
|
|
* @param string[] $moduleNames List of known module names
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
* @return string Hash
|
|
|
|
|
*/
|
2016-09-02 22:44:59 +00:00
|
|
|
public function getCombinedVersion( ResourceLoaderContext $context, array $moduleNames ) {
|
|
|
|
|
if ( !$moduleNames ) {
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
return '';
|
|
|
|
|
}
|
2016-02-10 17:13:38 +00:00
|
|
|
$hashes = array_map( function ( $module ) use ( $context ) {
|
resourceloader: Don't let module exception break startup
When getScript (or some other method used in a module response)
throws an error, only that module fails (by outputting mw.loader.state
instead of mw.loader.implement). Other modules will work.
This has always been the case and is working fine. For example,
"load.php?modules=foo|bar", where 'foo' throws, will return:
```js
/* exception message: .. */
mw.loader.implement('bar', ..)
mw.loader.state('foo', 'error')
```
The problem, however, is that during the generation of the startup
module, we iterate over all other modules. In 2011, the
getVersionHash method (then: getModifiedTime) was fairly simple
and unlikely to throw errors.
Nowadays, some modules use enableModuleContentVersion which will
involve the same code path as for regular module responses.
The try/catch in ResourceLoader::makeModuleResponse() suffices
for the case of loading modules other than startup. But when
loading the startup module, and an exception happens in getVersionHash,
then the entire startup response is replaced with an exception comment.
Example case:
* A file not existing for a FileModule subclass that uses
enableModuleContentVersion.
* A database error from a data module, like CiteDataModule or
CNChoiceData.
Changes:
* Ensure E-Tag is still useful while an error happens in production
because we respond with 200 OK and one error isn't the same as
another.
Fixed by try/catch in getCombinedVersion.
* Ensure start manifest isn't disrupted by one broken module.
Fixed by try/catch in StartupModule::getModuleRegistrations().
Tests:
* testMakeModuleResponseError: The case that already worked fined.
* testMakeModuleResponseStartupError: The case fixed in this commit.
* testGetCombinedVersion: The case fixed in this commit for E-Tag.
Bug: T152266
Change-Id: Ice4ede5ea594bf3fa591134bc9382bd9c24e2f39
2016-12-03 00:48:14 +00:00
|
|
|
try {
|
|
|
|
|
return $this->getModule( $module )->getVersionHash( $context );
|
|
|
|
|
} catch ( Exception $e ) {
|
resourceloader: Use 'enableModuleContentVersion' for startup module
This significantly simplifies the getVersionHash implementation for
StartupModule, and fixes a couple of bugs.
Previously, the startup module's E-Tag was determined by the
'getDefinitionSummary' method, which combined the E-Tag values
from all registered modules, plus what we thought is all information
used by 'getScript' (config vars, embedded script files, list
of base modules, ...)
However, this were various things part of the manifest that it
forgot about, including:
* Changes to the list of dependencies of a module.
* Changes to the name of module.
* Changes to the cache group of module.
* Adding or removing a foreign module source (mw.loader.addSource).
These are all quite rare, and when they do change, they usually
also involve a change that *was* tracked already. But, sometimes
they don't and that's when bugs happened.
Instead of the tracking array of getDefinitionSummary, we now
use the 'enableModuleContentVersion' option for StartupModule,
which simply calls the actual getScript() method and hashes that.
Of note: When an exception happens with the version computation of
any individual module, we catch it, log it, and continue with the
rest. Previously, the first time such error was discovered at
run-time would be in the getCombinedVersion() call from
StartupModule::getAllModuleHashes(). That public getCombinedVersion()
method of ResourceLoader had the benefit of also outputting details
of that exception in the HTTP response output. In order to keep that
behaviour, I made outputErrorAndLog() public so that StartupModule
can call it directly now. This is covered by
ResourceLoaderTest::testMakeModuleResponseStartupError.
Bug: T201686
Change-Id: I8e8d3a2cd2ccd68d2d78e988bcdd0d77fbcbf1d4
2018-08-30 02:52:39 +00:00
|
|
|
// If modules fail to compute a version, don't fail the request (T152266)
|
|
|
|
|
// and still compute versions of other modules.
|
2016-12-03 03:57:42 +00:00
|
|
|
$this->outputErrorAndLog( $e,
|
resourceloader: Don't let module exception break startup
When getScript (or some other method used in a module response)
throws an error, only that module fails (by outputting mw.loader.state
instead of mw.loader.implement). Other modules will work.
This has always been the case and is working fine. For example,
"load.php?modules=foo|bar", where 'foo' throws, will return:
```js
/* exception message: .. */
mw.loader.implement('bar', ..)
mw.loader.state('foo', 'error')
```
The problem, however, is that during the generation of the startup
module, we iterate over all other modules. In 2011, the
getVersionHash method (then: getModifiedTime) was fairly simple
and unlikely to throw errors.
Nowadays, some modules use enableModuleContentVersion which will
involve the same code path as for regular module responses.
The try/catch in ResourceLoader::makeModuleResponse() suffices
for the case of loading modules other than startup. But when
loading the startup module, and an exception happens in getVersionHash,
then the entire startup response is replaced with an exception comment.
Example case:
* A file not existing for a FileModule subclass that uses
enableModuleContentVersion.
* A database error from a data module, like CiteDataModule or
CNChoiceData.
Changes:
* Ensure E-Tag is still useful while an error happens in production
because we respond with 200 OK and one error isn't the same as
another.
Fixed by try/catch in getCombinedVersion.
* Ensure start manifest isn't disrupted by one broken module.
Fixed by try/catch in StartupModule::getModuleRegistrations().
Tests:
* testMakeModuleResponseError: The case that already worked fined.
* testMakeModuleResponseStartupError: The case fixed in this commit.
* testGetCombinedVersion: The case fixed in this commit for E-Tag.
Bug: T152266
Change-Id: Ice4ede5ea594bf3fa591134bc9382bd9c24e2f39
2016-12-03 00:48:14 +00:00
|
|
|
'Calculating version for "{module}" failed: {exception}',
|
|
|
|
|
[
|
|
|
|
|
'module' => $module,
|
|
|
|
|
]
|
|
|
|
|
);
|
|
|
|
|
return '';
|
|
|
|
|
}
|
2016-09-02 22:44:59 +00:00
|
|
|
}, $moduleNames );
|
|
|
|
|
return self::makeHash( implode( '', $hashes ) );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get the expected value of the 'version' query parameter.
|
|
|
|
|
*
|
|
|
|
|
* This is used by respond() to set a short Cache-Control header for requests with
|
|
|
|
|
* information newer than the current server has. This avoids pollution of edge caches.
|
|
|
|
|
* Typically during deployment. (T117587)
|
|
|
|
|
*
|
|
|
|
|
* This MUST match return value of `mw.loader#getCombinedVersion()` client-side.
|
|
|
|
|
*
|
|
|
|
|
* @since 1.28
|
|
|
|
|
* @param ResourceLoaderContext $context
|
2019-09-26 17:34:17 +00:00
|
|
|
* @param string[]|null $modules
|
2016-09-02 22:44:59 +00:00
|
|
|
* @return string Hash
|
|
|
|
|
*/
|
2019-09-26 17:34:17 +00:00
|
|
|
public function makeVersionQuery( ResourceLoaderContext $context, array $modules = null ) {
|
|
|
|
|
if ( $modules === null ) {
|
|
|
|
|
wfDeprecated( __METHOD__ . ' without $modules', '1.34' );
|
|
|
|
|
$modules = $context->getModules();
|
|
|
|
|
}
|
2016-09-02 22:44:59 +00:00
|
|
|
// As of MediaWiki 1.28, the server and client use the same algorithm for combining
|
|
|
|
|
// version hashes. There is no technical reason for this to be same, and for years the
|
|
|
|
|
// implementations differed. If getCombinedVersion in PHP (used for StartupModule and
|
|
|
|
|
// E-Tag headers) differs in the future from getCombinedVersion in JS (used for 'version'
|
|
|
|
|
// query parameter), then this method must continue to match the JS one.
|
2019-09-26 17:34:17 +00:00
|
|
|
$filtered = [];
|
|
|
|
|
foreach ( $modules as $name ) {
|
2016-09-02 22:44:59 +00:00
|
|
|
if ( !$this->getModule( $name ) ) {
|
|
|
|
|
// If a versioned request contains a missing module, the version is a mismatch
|
|
|
|
|
// as the client considered a module (and version) we don't have.
|
|
|
|
|
return '';
|
|
|
|
|
}
|
2019-09-26 17:34:17 +00:00
|
|
|
$filtered[] = $name;
|
2016-09-02 22:44:59 +00:00
|
|
|
}
|
2019-09-26 17:34:17 +00:00
|
|
|
return $this->getCombinedVersion( $context, $filtered );
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
}
|
|
|
|
|
|
2010-09-05 13:31:34 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Output a response to a load request, including the content-type header.
|
2010-09-04 04:00:09 +00:00
|
|
|
*
|
2014-03-07 16:50:57 +00:00
|
|
|
* @param ResourceLoaderContext $context Context in which a response should be formed
|
2010-09-04 04:00:09 +00:00
|
|
|
*/
|
2010-09-29 19:04:04 +00:00
|
|
|
public function respond( ResourceLoaderContext $context ) {
|
2010-12-10 17:06:00 +00:00
|
|
|
// Buffer output to catch warnings. Normally we'd use ob_clean() on the
|
|
|
|
|
// top-level output buffer to clear warnings, but that breaks when ob_gzhandler
|
|
|
|
|
// is used: ob_clean() will clear the GZIP header in that case and it won't come
|
|
|
|
|
// back for subsequent output, resulting in invalid GZIP. So we have to wrap
|
|
|
|
|
// the whole thing in our own output buffer to be sure the active buffer
|
|
|
|
|
// doesn't use ob_gzhandler.
|
2016-10-13 05:34:26 +00:00
|
|
|
// See https://bugs.php.net/bug.php?id=36514
|
2010-12-10 17:06:00 +00:00
|
|
|
ob_start();
|
2010-09-13 23:19:05 +00:00
|
|
|
|
2017-10-17 01:48:54 +00:00
|
|
|
$this->measureResponseTime( RequestContext::getMain()->getTiming() );
|
|
|
|
|
|
2013-10-17 10:33:26 +00:00
|
|
|
// Find out which modules are missing and instantiate the others
|
2016-02-17 09:09:32 +00:00
|
|
|
$modules = [];
|
|
|
|
|
$missing = [];
|
2010-09-04 04:00:09 +00:00
|
|
|
foreach ( $context->getModules() as $name ) {
|
2014-04-03 23:09:09 +00:00
|
|
|
$module = $this->getModule( $name );
|
|
|
|
|
if ( $module ) {
|
2012-03-22 19:52:37 +00:00
|
|
|
// Do not allow private modules to be loaded from the web.
|
2017-02-20 22:44:19 +00:00
|
|
|
// This is a security issue, see T36907.
|
2012-03-22 19:52:37 +00:00
|
|
|
if ( $module->getGroup() === 'private' ) {
|
2019-08-24 18:45:27 +00:00
|
|
|
// Not a serious error, just means something is trying to access it (T101806)
|
2015-06-04 03:53:23 +00:00
|
|
|
$this->logger->debug( "Request for private module '$name' denied" );
|
2019-08-24 18:45:27 +00:00
|
|
|
$this->errors[] = "Cannot build private module \"$name\"";
|
2012-03-22 19:52:37 +00:00
|
|
|
continue;
|
|
|
|
|
}
|
2013-03-06 00:24:57 +00:00
|
|
|
$modules[$name] = $module;
|
2010-09-04 04:00:09 +00:00
|
|
|
} else {
|
|
|
|
|
$missing[] = $name;
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2010-12-23 20:14:18 +00:00
|
|
|
try {
|
2015-11-13 00:04:12 +00:00
|
|
|
// Preload for getCombinedVersion() and for batch makeModuleResponse()
|
2010-12-23 20:14:18 +00:00
|
|
|
$this->preloadModuleInfo( array_keys( $modules ), $context );
|
2013-04-27 12:02:08 +00:00
|
|
|
} catch ( Exception $e ) {
|
2016-12-03 03:57:42 +00:00
|
|
|
$this->outputErrorAndLog( $e, 'Preloading module info failed: {exception}' );
|
2010-12-23 20:14:18 +00:00
|
|
|
}
|
2010-09-23 21:23:51 +00:00
|
|
|
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
// Combine versions to propagate cache invalidation
|
|
|
|
|
$versionHash = '';
|
|
|
|
|
try {
|
|
|
|
|
$versionHash = $this->getCombinedVersion( $context, array_keys( $modules ) );
|
|
|
|
|
} catch ( Exception $e ) {
|
2016-12-03 03:57:42 +00:00
|
|
|
$this->outputErrorAndLog( $e, 'Calculating version hash failed: {exception}' );
|
2010-09-04 08:38:45 +00:00
|
|
|
}
|
2010-10-20 00:22:25 +00:00
|
|
|
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
// See RFC 2616 § 3.11 Entity Tags
|
2016-10-13 05:34:26 +00:00
|
|
|
// https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.11
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
$etag = 'W/"' . $versionHash . '"';
|
|
|
|
|
|
|
|
|
|
// Try the client-side cache first
|
|
|
|
|
if ( $this->tryRespondNotModified( $context, $etag ) ) {
|
2011-10-01 04:15:07 +00:00
|
|
|
return; // output handled (buffers cleared)
|
|
|
|
|
}
|
|
|
|
|
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
// Use file cache if enabled and available...
|
|
|
|
|
if ( $this->config->get( 'UseFileCache' ) ) {
|
|
|
|
|
$fileCache = ResourceFileCache::newFromContext( $context );
|
|
|
|
|
if ( $this->tryRespondFromFileCache( $fileCache, $context, $etag ) ) {
|
|
|
|
|
return; // output handled
|
|
|
|
|
}
|
2019-07-25 22:57:08 +00:00
|
|
|
} else {
|
|
|
|
|
$fileCache = null;
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
}
|
|
|
|
|
|
2011-10-01 04:15:07 +00:00
|
|
|
// Generate a response
|
|
|
|
|
$response = $this->makeModuleResponse( $context, $modules, $missing );
|
|
|
|
|
|
|
|
|
|
// Capture any PHP warnings from the output buffer and append them to the
|
2014-11-11 19:50:44 +00:00
|
|
|
// error list if we're in debug mode.
|
2015-11-01 19:56:20 +00:00
|
|
|
if ( $context->getDebug() ) {
|
|
|
|
|
$warnings = ob_get_contents();
|
|
|
|
|
if ( strlen( $warnings ) ) {
|
|
|
|
|
$this->errors[] = $warnings;
|
|
|
|
|
}
|
2014-11-11 19:50:44 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-25 22:57:08 +00:00
|
|
|
// Consider saving the response to file cache (unless there are errors).
|
|
|
|
|
if ( $fileCache &&
|
|
|
|
|
!$this->errors &&
|
|
|
|
|
$missing === [] &&
|
|
|
|
|
ResourceFileCache::useFileCache( $context )
|
|
|
|
|
) {
|
|
|
|
|
if ( $fileCache->isCacheWorthy() ) {
|
|
|
|
|
// There were enough hits, save the response to the cache
|
|
|
|
|
$fileCache->saveText( $response );
|
|
|
|
|
} else {
|
|
|
|
|
$fileCache->incrMissesRecent( $context->getRequest() );
|
2011-10-02 17:53:33 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
resourceloader: Add support for modules sending preload headers
ResourceLoaderModule objects gain a new method getPreloadLinks() which
returns an array with the meta data required to build a Link rel=preload
header according to the current draft for W3C Preload.
<https://w3c.github.io/preload/>
Another implementation of this is already in use in OutputPage for
preloading the logo image.
This array is formatted by the ResourceLoaderModule::getHeaders method,
which is implemented as "final" at this time, thus restricting use to
the Link rel=preload header.
Headers are exposed and process-cached, like all other content
(scripts, styles, etc.), through ResourceLoaderModule::getModuleContent,
and aggregated by ResoureLoader::makeModuleResponse.
I had hoped for the getPreloadLinks to be stateless (not vary on $context).
Whether something should be preloaded and what, should not vary on the
skin or language. However, while that conceptually holds true, the exact
url for any given resource may still vary. Even the main use case for this
feature (T164299, preloading base modules request) require $context to pass
down skin and lang to the load.php url.
Add full test coverage and example documentation.
Bug: T164299
Change-Id: I2bfe0796ceaa0c82579c501f5b10e931f2175681
2017-07-18 02:36:01 +00:00
|
|
|
$this->sendResponseHeaders( $context, $etag, (bool)$this->errors, $this->extraHeaders );
|
2013-01-15 23:32:10 +00:00
|
|
|
|
2012-04-16 19:17:02 +00:00
|
|
|
// Remove the output buffer and output the response
|
|
|
|
|
ob_end_clean();
|
2014-11-11 20:00:17 +00:00
|
|
|
|
|
|
|
|
if ( $context->getImageObj() && $this->errors ) {
|
|
|
|
|
// We can't show both the error messages and the response when it's an image.
|
2015-09-26 20:32:31 +00:00
|
|
|
$response = implode( "\n\n", $this->errors );
|
2014-11-11 20:00:17 +00:00
|
|
|
} elseif ( $this->errors ) {
|
2015-09-15 03:17:47 +00:00
|
|
|
$errorText = implode( "\n\n", $this->errors );
|
|
|
|
|
$errorResponse = self::makeComment( $errorText );
|
|
|
|
|
if ( $context->shouldIncludeScripts() ) {
|
2019-09-10 06:07:57 +00:00
|
|
|
$errorResponse .= 'if (window.console && console.error) { console.error('
|
2019-09-09 15:50:13 +00:00
|
|
|
. $context->encodeJson( $errorText )
|
2019-09-10 06:07:57 +00:00
|
|
|
. "); }\n";
|
2014-11-11 20:00:17 +00:00
|
|
|
}
|
2015-09-15 03:17:47 +00:00
|
|
|
|
|
|
|
|
// Prepend error info to the response
|
|
|
|
|
$response = $errorResponse . $response;
|
2014-11-11 20:00:17 +00:00
|
|
|
}
|
|
|
|
|
|
2016-02-17 09:09:32 +00:00
|
|
|
$this->errors = [];
|
2012-04-16 19:17:02 +00:00
|
|
|
echo $response;
|
2011-10-01 04:15:07 +00:00
|
|
|
}
|
|
|
|
|
|
2017-10-17 01:48:54 +00:00
|
|
|
protected function measureResponseTime( Timing $timing ) {
|
2021-02-10 22:31:02 +00:00
|
|
|
DeferredUpdates::addCallableUpdate( static function () use ( $timing ) {
|
2017-10-17 01:48:54 +00:00
|
|
|
$measure = $timing->measure( 'responseTime', 'requestStart', 'requestShutdown' );
|
|
|
|
|
if ( $measure !== false ) {
|
|
|
|
|
$stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
|
|
|
|
|
$stats->timing( 'resourceloader.responseTime', $measure['duration'] * 1000 );
|
|
|
|
|
}
|
|
|
|
|
} );
|
|
|
|
|
}
|
|
|
|
|
|
2011-10-01 04:15:07 +00:00
|
|
|
/**
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
* Send main response headers to the client.
|
|
|
|
|
*
|
|
|
|
|
* Deals with Content-Type, CORS (for stylesheets), and caching.
|
|
|
|
|
*
|
2014-03-07 16:50:57 +00:00
|
|
|
* @param ResourceLoaderContext $context
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
* @param string $etag ETag header value
|
2014-11-11 20:00:17 +00:00
|
|
|
* @param bool $errors Whether there are errors in the response
|
resourceloader: Add support for modules sending preload headers
ResourceLoaderModule objects gain a new method getPreloadLinks() which
returns an array with the meta data required to build a Link rel=preload
header according to the current draft for W3C Preload.
<https://w3c.github.io/preload/>
Another implementation of this is already in use in OutputPage for
preloading the logo image.
This array is formatted by the ResourceLoaderModule::getHeaders method,
which is implemented as "final" at this time, thus restricting use to
the Link rel=preload header.
Headers are exposed and process-cached, like all other content
(scripts, styles, etc.), through ResourceLoaderModule::getModuleContent,
and aggregated by ResoureLoader::makeModuleResponse.
I had hoped for the getPreloadLinks to be stateless (not vary on $context).
Whether something should be preloaded and what, should not vary on the
skin or language. However, while that conceptually holds true, the exact
url for any given resource may still vary. Even the main use case for this
feature (T164299, preloading base modules request) require $context to pass
down skin and lang to the load.php url.
Add full test coverage and example documentation.
Bug: T164299
Change-Id: I2bfe0796ceaa0c82579c501f5b10e931f2175681
2017-07-18 02:36:01 +00:00
|
|
|
* @param string[] $extra Array of extra HTTP response headers
|
2011-10-01 04:15:07 +00:00
|
|
|
*/
|
resourceloader: Add support for modules sending preload headers
ResourceLoaderModule objects gain a new method getPreloadLinks() which
returns an array with the meta data required to build a Link rel=preload
header according to the current draft for W3C Preload.
<https://w3c.github.io/preload/>
Another implementation of this is already in use in OutputPage for
preloading the logo image.
This array is formatted by the ResourceLoaderModule::getHeaders method,
which is implemented as "final" at this time, thus restricting use to
the Link rel=preload header.
Headers are exposed and process-cached, like all other content
(scripts, styles, etc.), through ResourceLoaderModule::getModuleContent,
and aggregated by ResoureLoader::makeModuleResponse.
I had hoped for the getPreloadLinks to be stateless (not vary on $context).
Whether something should be preloaded and what, should not vary on the
skin or language. However, while that conceptually holds true, the exact
url for any given resource may still vary. Even the main use case for this
feature (T164299, preloading base modules request) require $context to pass
down skin and lang to the load.php url.
Add full test coverage and example documentation.
Bug: T164299
Change-Id: I2bfe0796ceaa0c82579c501f5b10e931f2175681
2017-07-18 02:36:01 +00:00
|
|
|
protected function sendResponseHeaders(
|
|
|
|
|
ResourceLoaderContext $context, $etag, $errors, array $extra = []
|
2021-07-22 03:11:47 +00:00
|
|
|
): void {
|
2019-06-29 04:50:31 +00:00
|
|
|
HeaderCallback::warnIfHeadersSent();
|
2014-08-07 10:25:56 +00:00
|
|
|
$rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
|
2016-09-02 22:44:59 +00:00
|
|
|
// Use a short cache expiry so that updates propagate to clients quickly, if:
|
|
|
|
|
// - No version specified (shared resources, e.g. stylesheets)
|
|
|
|
|
// - There were errors (recover quickly)
|
|
|
|
|
// - Version mismatch (T117587, T47877)
|
2020-01-09 23:48:34 +00:00
|
|
|
if ( $context->getVersion() === null
|
2016-09-02 22:44:59 +00:00
|
|
|
|| $errors
|
2019-09-26 17:34:17 +00:00
|
|
|
|| $context->getVersion() !== $this->makeVersionQuery( $context, $context->getModules() )
|
2016-09-02 22:44:59 +00:00
|
|
|
) {
|
2019-10-13 01:16:55 +00:00
|
|
|
$maxage = $rlMaxage['unversioned'];
|
2011-10-01 04:15:07 +00:00
|
|
|
// If a version was specified we can use a longer expiry time since changing
|
|
|
|
|
// version numbers causes cache misses
|
|
|
|
|
} else {
|
2019-10-13 01:16:55 +00:00
|
|
|
$maxage = $rlMaxage['versioned'];
|
2011-10-01 04:15:07 +00:00
|
|
|
}
|
2014-11-11 19:50:44 +00:00
|
|
|
if ( $context->getImageObj() ) {
|
2014-11-11 20:00:17 +00:00
|
|
|
// Output different headers if we're outputting textual errors.
|
2014-11-11 19:50:44 +00:00
|
|
|
if ( $errors ) {
|
|
|
|
|
header( 'Content-Type: text/plain; charset=utf-8' );
|
|
|
|
|
} else {
|
|
|
|
|
$context->getImageObj()->sendResponseHeaders( $context );
|
|
|
|
|
}
|
|
|
|
|
} elseif ( $context->getOnly() === 'styles' ) {
|
2011-04-01 20:48:50 +00:00
|
|
|
header( 'Content-Type: text/css; charset=utf-8' );
|
2013-04-21 14:38:23 +00:00
|
|
|
header( 'Access-Control-Allow-Origin: *' );
|
2010-11-03 07:58:03 +00:00
|
|
|
} else {
|
2011-04-01 20:48:50 +00:00
|
|
|
header( 'Content-Type: text/javascript; charset=utf-8' );
|
2010-11-03 07:58:03 +00:00
|
|
|
}
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
// See RFC 2616 § 14.19 ETag
|
2016-10-13 05:34:26 +00:00
|
|
|
// https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.19
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
header( 'ETag: ' . $etag );
|
2010-11-01 20:48:30 +00:00
|
|
|
if ( $context->getDebug() ) {
|
2011-01-19 19:31:14 +00:00
|
|
|
// Do not cache debug responses
|
|
|
|
|
header( 'Cache-Control: private, no-cache, must-revalidate' );
|
|
|
|
|
header( 'Pragma: no-cache' );
|
2010-11-01 20:48:30 +00:00
|
|
|
} else {
|
2019-10-13 01:16:55 +00:00
|
|
|
header( "Cache-Control: public, max-age=$maxage, s-maxage=$maxage" );
|
2019-12-01 01:58:30 +00:00
|
|
|
header( 'Expires: ' . ConvertibleTimestamp::convert( TS_RFC2822, time() + $maxage ) );
|
2010-11-01 20:48:30 +00:00
|
|
|
}
|
resourceloader: Add support for modules sending preload headers
ResourceLoaderModule objects gain a new method getPreloadLinks() which
returns an array with the meta data required to build a Link rel=preload
header according to the current draft for W3C Preload.
<https://w3c.github.io/preload/>
Another implementation of this is already in use in OutputPage for
preloading the logo image.
This array is formatted by the ResourceLoaderModule::getHeaders method,
which is implemented as "final" at this time, thus restricting use to
the Link rel=preload header.
Headers are exposed and process-cached, like all other content
(scripts, styles, etc.), through ResourceLoaderModule::getModuleContent,
and aggregated by ResoureLoader::makeModuleResponse.
I had hoped for the getPreloadLinks to be stateless (not vary on $context).
Whether something should be preloaded and what, should not vary on the
skin or language. However, while that conceptually holds true, the exact
url for any given resource may still vary. Even the main use case for this
feature (T164299, preloading base modules request) require $context to pass
down skin and lang to the load.php url.
Add full test coverage and example documentation.
Bug: T164299
Change-Id: I2bfe0796ceaa0c82579c501f5b10e931f2175681
2017-07-18 02:36:01 +00:00
|
|
|
foreach ( $extra as $header ) {
|
|
|
|
|
header( $header );
|
|
|
|
|
}
|
2011-10-01 04:15:07 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2011-10-01 04:15:07 +00:00
|
|
|
/**
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
* Respond with HTTP 304 Not Modified if appropiate.
|
2014-03-07 16:50:57 +00:00
|
|
|
*
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
* If there's an If-None-Match header, respond with a 304 appropriately
|
2011-10-01 04:15:07 +00:00
|
|
|
* and clear out the output buffer. If the client cache is too old then do nothing.
|
2014-03-07 16:50:57 +00:00
|
|
|
*
|
2014-04-20 21:33:05 +00:00
|
|
|
* @param ResourceLoaderContext $context
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
* @param string $etag ETag header value
|
|
|
|
|
* @return bool True if HTTP 304 was sent and output handled
|
2011-10-01 04:15:07 +00:00
|
|
|
*/
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
protected function tryRespondNotModified( ResourceLoaderContext $context, $etag ) {
|
|
|
|
|
// See RFC 2616 § 14.26 If-None-Match
|
2016-10-13 05:34:26 +00:00
|
|
|
// https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
$clientKeys = $context->getRequest()->getHeader( 'If-None-Match', WebRequest::GETHEADER_LIST );
|
2011-02-12 23:41:28 +00:00
|
|
|
// Never send 304s in debug mode
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
if ( $clientKeys !== false && !$context->getDebug() && in_array( $etag, $clientKeys ) ) {
|
|
|
|
|
// There's another bug in ob_gzhandler (see also the comment at
|
|
|
|
|
// the top of this function) that causes it to gzip even empty
|
|
|
|
|
// responses, meaning it's impossible to produce a truly empty
|
|
|
|
|
// response (because the gzip header is always there). This is
|
|
|
|
|
// a problem because 304 responses have to be completely empty
|
|
|
|
|
// per the HTTP spec, and Firefox behaves buggily when they're not.
|
2016-10-13 05:34:26 +00:00
|
|
|
// See also https://bugs.php.net/bug.php?id=51579
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
// To work around this, we tear down all output buffering before
|
|
|
|
|
// sending the 304.
|
|
|
|
|
wfResetOutputBuffers( /* $resetGzipEncoding = */ true );
|
|
|
|
|
|
2015-06-01 14:31:52 +00:00
|
|
|
HttpStatus::header( 304 );
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
|
|
|
|
|
$this->sendResponseHeaders( $context, $etag, false );
|
|
|
|
|
return true;
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2011-10-01 04:15:07 +00:00
|
|
|
return false;
|
2010-09-24 22:10:25 +00:00
|
|
|
}
|
|
|
|
|
|
2011-10-02 17:53:33 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Send out code for a response from file cache if possible.
|
2011-10-02 17:53:33 +00:00
|
|
|
*
|
2014-03-07 16:50:57 +00:00
|
|
|
* @param ResourceFileCache $fileCache Cache object for this request URL
|
|
|
|
|
* @param ResourceLoaderContext $context Context in which to generate a response
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
* @param string $etag ETag header value
|
2011-10-02 17:53:33 +00:00
|
|
|
* @return bool If this found a cache file and handled the response
|
|
|
|
|
*/
|
|
|
|
|
protected function tryRespondFromFileCache(
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
ResourceFileCache $fileCache,
|
|
|
|
|
ResourceLoaderContext $context,
|
|
|
|
|
$etag
|
2011-10-02 17:53:33 +00:00
|
|
|
) {
|
2014-08-07 10:25:56 +00:00
|
|
|
$rlMaxage = $this->config->get( 'ResourceLoaderMaxage' );
|
2011-10-02 17:53:33 +00:00
|
|
|
// Buffer output to catch warnings.
|
|
|
|
|
ob_start();
|
|
|
|
|
// Get the maximum age the cache can be
|
2020-01-09 23:48:34 +00:00
|
|
|
$maxage = $context->getVersion() === null
|
2019-10-13 01:16:55 +00:00
|
|
|
? $rlMaxage['unversioned']
|
|
|
|
|
: $rlMaxage['versioned'];
|
2011-10-02 17:53:33 +00:00
|
|
|
// Minimum timestamp the cache file must have
|
2019-12-01 01:58:30 +00:00
|
|
|
$minTime = time() - $maxage;
|
|
|
|
|
$good = $fileCache->isCacheGood( ConvertibleTimestamp::convert( TS_MW, $minTime ) );
|
2011-10-02 17:53:33 +00:00
|
|
|
if ( !$good ) {
|
|
|
|
|
try { // RL always hits the DB on file cache miss...
|
2016-09-05 19:55:19 +00:00
|
|
|
wfGetDB( DB_REPLICA );
|
2013-04-27 12:02:08 +00:00
|
|
|
} catch ( DBConnectionError $e ) { // ...check if we need to fallback to cache
|
2011-10-02 17:53:33 +00:00
|
|
|
$good = $fileCache->isCacheGood(); // cache existence check
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ( $good ) {
|
|
|
|
|
$ts = $fileCache->cacheTimestamp();
|
2015-05-12 01:18:31 +00:00
|
|
|
// Send content type and cache headers
|
resourceloader: Replace timestamp system with version hashing
Modules now track their version via getVersionHash() instead of getModifiedTime().
== Background ==
While some resources have observeable timestamps (e.g. files stored on disk),
many other resources do not. E.g. config variables, and module definitions.
For static file modules, one can e.g. revert one of more files in a module to a
previous version and not affect the max timestamp.
Wiki modules include pages only if they exist. The user module supports common.js
and skin.js. By default neither exists. If a user has both, and then the
less-recently modified one is deleted, the max-timestamp remains unchanged.
For client-side caching, batch requests use "Math.max" on the relevant timestamps.
Again, if a module changes but another module is more recent (e.g. out-of-order
deployment, or out-of-order discovery), the change would not result in a cache miss.
More scenarios can be found in the associated Phabricator tasks.
== Version hash ==
Previously we virtually mapped these variables to a timestamp by storing the current
time alongside a hash of the value in ObjectCache. Considering the number of
possible request contexts (wikis * modules * users * skins * languages) this doesn't
work well. It results in needless cache invalidation when the first time observation
is purged due to LRU algorithms. It also has other minor bugs leading to fewer
cache hits.
All modules automatically get the benefits of version hashing with this change.
The old getDefinitionMtime() and getHashMtime() have been replaced with dummies
that return 1. These functions are often called from getModifiedTime() in subclasses.
For backward-compatibility, their respective values (definition summary and hash)
are now included in getVersionHash directly.
As examples, the following modules have been updated to use getVersionHash directly.
Other modules still work fine and can be updated later.
* ResourceLoaderFileModule
* ResourceLoaderEditToolbarModule
* ResourceLoaderStartUpModule
* ResourceLoaderWikiModule
The presence of hashes in place of timestamps increases the startup module size on
a default MediaWiki install from 4.4k to 5.8k (after gzip and minification).
== ETag ==
Since timestamps are no longer tracked, we need a different way to implement caching
for cache proxies (e.g. Varnish) and web browsers. Previously we used the
Last-Modified header (in combination with Cache-Control and Expires).
Instead of Last-Modified (and If-Modified-Since), we use ETag (and If-None-Match).
Entity tags (new in HTTP/1.1) are much stricter than Last-Modified by default.
They instruct browsers to allow usage of partial Range requests. Since our responses
are dynamically generated, we need to use the Weak version of ETag.
While this sounds bad, it's no different than Last-Modified. As reassured by
RFC 2616 <http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3.3> the
specified behaviour behind Last-Modified follows the same "Weak" caching logic as
Entity tags. It's just that entity tags are capable of a stricter mode (whereas
Last-Modified is inherently weak).
== File cache ==
If $wgUseFileCache is enabled, ResourceLoader uses ResourceFileCache to cache
load.php responses. While the blind TTL handling (during the allowed expiry period)
is still maxage/timestamp based, tryRespondNotModified() now requires the caller to
know the expected ETag.
For this to work, the FileCache handling had to be moved from the top of
ResoureLoader::respond() to after the expected ETag is computed.
This also allows us to remove the duplicate tryRespondNotModified() handling since
that's is already handled by ResourceLoader::respond() meanwhile.
== Misc ==
* Remove redundant modifiedTime cache in ResourceLoaderFileModule.
* Change bugzilla references to Phabricator.
* Centralised inclusion of wgCacheEpoch using getDefinitionSummary. Previously this
logic was duplicated in each place the modified timestamp was used.
* It's easy to forget calling the parent class in getDefinitionSummary().
Previously this method only tracked 'class' by default. As such, various
extensions hardcoded that one value instead of calling the parent and extending
the array. To better prevent this in the future, getVersionHash() now asserts
that the '_cacheEpoch' property made it through.
* tests: Don't use getDefinitionSummary() as an API.
Fix ResourceLoaderWikiModuleTest to call getPages properly.
* In tests, the default timestamp used to be 1388534400000 (which is the unix time
of 20140101000000; the unit tests' CacheEpoch). The new version hash of these
modules is "XyCC+PSK", which is the base64 encoded prefix of the SHA1 digest of:
'{"_class":"ResourceLoaderTestModule","_cacheEpoch":"20140101000000"}'
* Add sha1.js library for client-side hash generation.
Compared various different implementations for code size (after minfication/gzip),
and speed (when used for short hexidecimal strings).
https://jsperf.com/sha1-implementations
- CryptoJS <https://code.google.com/p/crypto-js/#SHA-1> (min+gzip: 2.5k)
http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha1.js
Chrome: 45k, Firefox: 89k, Safari: 92k
- jsSHA <https://github.com/Caligatio/jsSHA>
https://github.com/Caligatio/jsSHA/blob/3c1d4f2e/src/sha1.js (min+gzip: 1.8k)
Chrome: 65k, Firefox: 53k, Safari: 69k
- phpjs-sha1 <https://github.com/kvz/phpjs> (RL min+gzip: 0.8k)
https://github.com/kvz/phpjs/blob/1eaab15d/functions/strings/sha1.js
Chrome: 200k, Firefox: 280k, Safari: 78k
Modern browsers implement the HTML5 Crypto API. However, this API is asynchronous,
only enabled when on HTTPS in Chromium, and is quite low-level. It requires boilerplate
code to actually use with TextEncoder, ArrayBuffer and Uint32Array. Due this being
needed in the module loader, we'd have to load the fallback regardless. Considering
this is not used in a critical path for performance, it's not worth shipping two
implementations for this optimisation.
May also resolve:
* T44094
* T90411
* T94810
Bug: T94074
Change-Id: Ibb292d2416839327d1807a66c78fd96dac0637d0
2015-04-29 22:53:24 +00:00
|
|
|
$this->sendResponseHeaders( $context, $etag, false );
|
2015-05-12 01:18:31 +00:00
|
|
|
$response = $fileCache->fetchText();
|
2011-12-17 05:02:15 +00:00
|
|
|
// Capture any PHP warnings from the output buffer and append them to the
|
|
|
|
|
// response in a comment if we're in debug mode.
|
2015-11-01 19:56:20 +00:00
|
|
|
if ( $context->getDebug() ) {
|
|
|
|
|
$warnings = ob_get_contents();
|
|
|
|
|
if ( strlen( $warnings ) ) {
|
|
|
|
|
$response = self::makeComment( $warnings ) . $response;
|
|
|
|
|
}
|
2011-12-17 05:02:15 +00:00
|
|
|
}
|
2011-10-02 17:53:33 +00:00
|
|
|
// Remove the output buffer and output the response
|
|
|
|
|
ob_end_clean();
|
|
|
|
|
echo $response . "\n/* Cached {$ts} */";
|
|
|
|
|
return true; // cache hit
|
|
|
|
|
}
|
|
|
|
|
// Clear buffer
|
|
|
|
|
ob_end_clean();
|
|
|
|
|
|
|
|
|
|
return false; // cache miss
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-11 07:11:17 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Generate a CSS or JS comment block.
|
|
|
|
|
*
|
|
|
|
|
* Only use this for public data, not error message details.
|
2013-08-11 07:11:17 +00:00
|
|
|
*
|
2014-03-07 16:50:57 +00:00
|
|
|
* @param string $text
|
2013-08-11 07:11:17 +00:00
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public static function makeComment( $text ) {
|
2012-03-22 19:52:37 +00:00
|
|
|
$encText = str_replace( '*/', '* /', $text );
|
|
|
|
|
return "/*\n$encText\n*/\n";
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-16 23:20:26 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Handle exception display.
|
2013-08-16 23:20:26 +00:00
|
|
|
*
|
2020-06-14 18:40:02 +00:00
|
|
|
* @param Throwable $e Exception to be shown to the user
|
2014-11-11 20:00:17 +00:00
|
|
|
* @return string Sanitized text in a CSS/JS comment that can be returned to the user
|
2013-08-16 23:20:26 +00:00
|
|
|
*/
|
2020-06-14 18:40:02 +00:00
|
|
|
public static function formatException( Throwable $e ) {
|
2014-11-11 20:00:17 +00:00
|
|
|
return self::makeComment( self::formatExceptionNoComment( $e ) );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Handle exception display.
|
|
|
|
|
*
|
|
|
|
|
* @since 1.25
|
2020-06-14 18:40:02 +00:00
|
|
|
* @param Throwable $e Exception to be shown to the user
|
2014-11-11 20:00:17 +00:00
|
|
|
* @return string Sanitized text that can be returned to the user
|
|
|
|
|
*/
|
2020-06-14 18:40:02 +00:00
|
|
|
protected static function formatExceptionNoComment( Throwable $e ) {
|
2013-08-16 23:20:26 +00:00
|
|
|
global $wgShowExceptionDetails;
|
|
|
|
|
|
2015-09-15 18:35:13 +00:00
|
|
|
if ( !$wgShowExceptionDetails ) {
|
2015-09-23 16:36:10 +00:00
|
|
|
return MWExceptionHandler::getPublicLogMessage( $e );
|
2013-08-16 23:20:26 +00:00
|
|
|
}
|
2015-09-15 18:35:13 +00:00
|
|
|
|
2016-12-03 03:57:42 +00:00
|
|
|
return MWExceptionHandler::getLogMessage( $e ) .
|
|
|
|
|
"\nBacktrace:\n" .
|
|
|
|
|
MWExceptionHandler::getRedactedTraceAsString( $e );
|
2013-08-16 23:20:26 +00:00
|
|
|
}
|
|
|
|
|
|
2010-10-19 20:45:02 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Generate code for a response.
|
2011-06-17 16:05:05 +00:00
|
|
|
*
|
resourceloader: Add support for modules sending preload headers
ResourceLoaderModule objects gain a new method getPreloadLinks() which
returns an array with the meta data required to build a Link rel=preload
header according to the current draft for W3C Preload.
<https://w3c.github.io/preload/>
Another implementation of this is already in use in OutputPage for
preloading the logo image.
This array is formatted by the ResourceLoaderModule::getHeaders method,
which is implemented as "final" at this time, thus restricting use to
the Link rel=preload header.
Headers are exposed and process-cached, like all other content
(scripts, styles, etc.), through ResourceLoaderModule::getModuleContent,
and aggregated by ResoureLoader::makeModuleResponse.
I had hoped for the getPreloadLinks to be stateless (not vary on $context).
Whether something should be preloaded and what, should not vary on the
skin or language. However, while that conceptually holds true, the exact
url for any given resource may still vary. Even the main use case for this
feature (T164299, preloading base modules request) require $context to pass
down skin and lang to the load.php url.
Add full test coverage and example documentation.
Bug: T164299
Change-Id: I2bfe0796ceaa0c82579c501f5b10e931f2175681
2017-07-18 02:36:01 +00:00
|
|
|
* Calling this method also populates the `errors` and `headers` members,
|
|
|
|
|
* later used by respond().
|
|
|
|
|
*
|
2014-04-20 21:33:05 +00:00
|
|
|
* @param ResourceLoaderContext $context Context in which to generate a response
|
2015-09-28 19:18:46 +00:00
|
|
|
* @param ResourceLoaderModule[] $modules List of module objects keyed by module name
|
|
|
|
|
* @param string[] $missing List of requested module names that are unregistered (optional)
|
2013-10-17 10:33:26 +00:00
|
|
|
* @return string Response data
|
2010-10-19 20:45:02 +00:00
|
|
|
*/
|
2011-06-17 16:05:05 +00:00
|
|
|
public function makeModuleResponse( ResourceLoaderContext $context,
|
2016-02-17 09:09:32 +00:00
|
|
|
array $modules, array $missing = []
|
2013-04-02 20:28:40 +00:00
|
|
|
) {
|
2010-12-23 20:14:18 +00:00
|
|
|
$out = '';
|
2016-02-17 09:09:32 +00:00
|
|
|
$states = [];
|
2013-10-17 10:33:26 +00:00
|
|
|
|
2019-01-09 16:24:36 +00:00
|
|
|
if ( $modules === [] && $missing === [] ) {
|
2015-03-15 01:52:45 +00:00
|
|
|
return <<<MESSAGE
|
|
|
|
|
/* This file is the Web entry point for MediaWiki's ResourceLoader:
|
2014-01-17 07:43:31 +00:00
|
|
|
<https://www.mediawiki.org/wiki/ResourceLoader>. In this request,
|
2015-03-15 01:52:45 +00:00
|
|
|
no modules were requested. Max made me put this here. */
|
|
|
|
|
MESSAGE;
|
2010-12-10 17:21:09 +00:00
|
|
|
}
|
2011-06-17 16:05:05 +00:00
|
|
|
|
2014-11-11 19:50:44 +00:00
|
|
|
$image = $context->getImageObj();
|
|
|
|
|
if ( $image ) {
|
|
|
|
|
$data = $image->getImageData( $context );
|
2014-11-11 20:00:17 +00:00
|
|
|
if ( $data === false ) {
|
|
|
|
|
$data = '';
|
|
|
|
|
$this->errors[] = 'Image generation failed';
|
|
|
|
|
}
|
2014-11-11 19:50:44 +00:00
|
|
|
return $data;
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-17 10:33:26 +00:00
|
|
|
foreach ( $missing as $name ) {
|
|
|
|
|
$states[$name] = 'missing';
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-01 00:26:46 +00:00
|
|
|
$filter = $context->getOnly() === 'styles' ? 'minify-css' : 'minify-js';
|
|
|
|
|
|
2010-09-24 22:10:25 +00:00
|
|
|
foreach ( $modules as $name => $module ) {
|
2010-12-23 20:14:18 +00:00
|
|
|
try {
|
2015-05-14 19:05:47 +00:00
|
|
|
$content = $module->getModuleContent( $context );
|
2016-09-12 20:52:10 +00:00
|
|
|
$implementKey = $name . '@' . $module->getVersionHash( $context );
|
2015-10-01 00:26:46 +00:00
|
|
|
$strContent = '';
|
2010-12-23 20:14:18 +00:00
|
|
|
|
resourceloader: Add support for modules sending preload headers
ResourceLoaderModule objects gain a new method getPreloadLinks() which
returns an array with the meta data required to build a Link rel=preload
header according to the current draft for W3C Preload.
<https://w3c.github.io/preload/>
Another implementation of this is already in use in OutputPage for
preloading the logo image.
This array is formatted by the ResourceLoaderModule::getHeaders method,
which is implemented as "final" at this time, thus restricting use to
the Link rel=preload header.
Headers are exposed and process-cached, like all other content
(scripts, styles, etc.), through ResourceLoaderModule::getModuleContent,
and aggregated by ResoureLoader::makeModuleResponse.
I had hoped for the getPreloadLinks to be stateless (not vary on $context).
Whether something should be preloaded and what, should not vary on the
skin or language. However, while that conceptually holds true, the exact
url for any given resource may still vary. Even the main use case for this
feature (T164299, preloading base modules request) require $context to pass
down skin and lang to the load.php url.
Add full test coverage and example documentation.
Bug: T164299
Change-Id: I2bfe0796ceaa0c82579c501f5b10e931f2175681
2017-07-18 02:36:01 +00:00
|
|
|
if ( isset( $content['headers'] ) ) {
|
|
|
|
|
$this->extraHeaders = array_merge( $this->extraHeaders, $content['headers'] );
|
|
|
|
|
}
|
|
|
|
|
|
2010-12-23 20:14:18 +00:00
|
|
|
// Append output
|
|
|
|
|
switch ( $context->getOnly() ) {
|
|
|
|
|
case 'scripts':
|
2015-05-14 19:05:47 +00:00
|
|
|
$scripts = $content['scripts'];
|
2011-05-14 12:15:58 +00:00
|
|
|
if ( is_string( $scripts ) ) {
|
2011-07-28 05:48:57 +00:00
|
|
|
// Load scripts raw...
|
2015-10-01 00:26:46 +00:00
|
|
|
$strContent = $scripts;
|
2011-06-17 16:05:05 +00:00
|
|
|
} elseif ( is_array( $scripts ) ) {
|
ResourceLoader: Add support for packageFiles
Package files are files that are part of a module, but are not
immediately executed when the module executes. Instead, they are
lazy-excecuted when require() is called on them. Package files can be
scripts (JS) or data (JSON), and can be real files on the file system,
or virtual files generated by a callback.
Using virtual data files, server-side data and config variables can be
bundled with a module. Support for file-based require() allows us to
import npm modules into ResourceLoader more easily.
The require function passed to each script execution context, which was
previously a reference to the global mw.loader.require() function, is
changed to one that is scoped to the module and the file being executed.
This is needed to support relative paths: require( '../foo.js' ) can
mean a different file depending on the path of the calling file.
The results of require()ing each file (i.e. the value of module.exports
after executing it) are stored, and calling require() on the same file a
second time won't execute it again, but will return the stored value.
Miscellaneous changes:
- Add XmlJsCode::encodeObject(), which combines an associative array of
XmlJsCode objects into one larger XmlJsCode object. This is needed for
encoding the packageFiles parameter in mw.loader.implement() calls.
Bug: T133462
Change-Id: I78cc86e626de0720397718cd2bed8ed279579112
2018-11-03 00:53:17 +00:00
|
|
|
// ...except when $scripts is an array of URLs or an associative array
|
2019-09-09 15:50:13 +00:00
|
|
|
$strContent = self::makeLoaderImplementScript(
|
|
|
|
|
$context,
|
|
|
|
|
$implementKey,
|
|
|
|
|
$scripts,
|
|
|
|
|
[],
|
|
|
|
|
[],
|
|
|
|
|
[]
|
|
|
|
|
);
|
2011-05-14 12:15:58 +00:00
|
|
|
}
|
2010-12-23 20:14:18 +00:00
|
|
|
break;
|
|
|
|
|
case 'styles':
|
2015-05-14 19:05:47 +00:00
|
|
|
$styles = $content['styles'];
|
2018-08-14 07:56:35 +00:00
|
|
|
// We no longer separate into media, they are all combined now with
|
ResourceLoader: Refactor style loading
Fixes:
* bug 31676: Work around IE stylesheet limit.
* bug 35562: @import styles broken in modules that combine
multiple stylesheets.
* bug 40498: Don't output empty "@media print { }" blocks.
* bug 40500: Don't ignore media-type for urls in debug mode.
Approach:
* Re-use the same <style> tag so that we stay under the 31
stylesheet limit in IE. Unless the to-be-added css text from
the being-loaded module contains @import, in which case we do
create a new <style> tag and then re-use that one from that
point on (bug 31676).
* Return stylesheets as arrays, instead of a concatenated string.
This fixes bug 35562, because @import only works when at the
top of a stylesheet. By not unconditionally concatenating files
within a module on the server side already, @import will work
in e.g. module 'site' that contains 2 wiki pages.
This is normalized in ResourceLoader::makeCombinedStyles(),
so far only ResourceLoaderWikiModule makes use of this.
Misc. clean up and bug fixes:
* Reducing usage of jQuery() and mw.html.element() where
native DOM would be very simple and faster. Aside from
simplicity and speed, this is also working towards a more
stand-alone ResourceLoader.
* Trim server output a little bit more
- Redundant new line after minify-css (it is now an array, so
no need to keep space afterwards)
- Redundant semi-colon after minify-js if it ends in a colon
* Allow space in styleTest.css.php
* Clean up and extend unit tests to cover for these features
and bug fixes.
* Don't set styleEl.rel = 'stylesheet'; that has no business
on a <style> tag.
* Fix bug in mw.loader's addStyleTag(). It turns out IE6
has an odd security measure that does not allow manipulation
of elements (at least style tags) that are created by a
different script (even if that script was served from the same
domain/origin etc.). We didn't ran into this before because
we only created new style tags, never appended to them. Now
that we do, this came up. Took a while to figure out because
it was created by mediawiki.js but it calls jQuery which did
the actual dom insertion. Odd thing is, we load jquery.js and
mediawiki.js in the same request even...
Without this all css-url related mw.loader tests would fail
in IE6.
* mediawiki.js and mediawiki.test.js now pass jshint again.
Tested (and passing qunit/?module=mediawiki; 123 of 123):
* Chrome 14, 21
* Firefox 3.0, 3.6, 4, 7, 14, 15, 16beta
* IE 6, 7, 8, 9
* Safari 4.0, 5.0, 5.1
* Opera 10.0, 11.1, 11.5, 11.6, 12.0, 12.5beta
* iPhone 3GS / iOS 3.0 / Mobile Safari 4.0
iPhone 4 / iOS 4.0.1 / Mobile Safari 4.0.5
iPhone 4S / iOS 6.0 Beta / Mobile Safari 6.0
Change-Id: I3e8227ddb87fd9441071ca935439fc6467751dab
2012-07-25 21:20:21 +00:00
|
|
|
// custom media type groups into @media .. {} sections as part of the css string.
|
|
|
|
|
// Module returns either an empty array or a numerical array with css strings.
|
2015-10-01 00:26:46 +00:00
|
|
|
$strContent = isset( $styles['css'] ) ? implode( '', $styles['css'] ) : '';
|
2010-12-23 20:14:18 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2017-10-06 22:17:58 +00:00
|
|
|
$scripts = $content['scripts'] ?? '';
|
2016-09-15 04:01:09 +00:00
|
|
|
if ( is_string( $scripts ) ) {
|
|
|
|
|
if ( $name === 'site' || $name === 'user' ) {
|
|
|
|
|
// Legacy scripts that run in the global scope without a closure.
|
|
|
|
|
// mw.loader.implement will use globalEval if scripts is a string.
|
|
|
|
|
// Minify manually here, because general response minification is
|
|
|
|
|
// not effective due it being a string literal, not a function.
|
resourceloader: Replace ResourceLoaderDebug config use with context
Reduce our reliance on static state and configuration, and
propagate more state in explicit ways, through context, and
request parameters.
OutputPage creates ResourceLoaderContext and ResourceLoaderClientHtml
based on the configuration (via ResourceLoader::inDebugMode).
Everything within those classes should not need to check it
again.
* ResourceLoaderClientHtml:
Already doesn't check MW config, but it's test was still
mocking it. Removed now, and confirmed that it passes both
with true and false. The individual test cases set
debug=true/false as needed already.
It's sets were previously relying on the accidental behaviour
that within a unit test, we don't serialise over HTTP, which
meant that a pure PHP boolean would survive. With the new
raw `=== 'true'` check, this no longer works. Set it as a
string explicitly instead, which is the only thing we support
outside unit tests as well.
* ResourceLoaderContext:
Remove fallback to MW config when 'debug' is unset.
This is never unset in practice given that all load.php
urls have it set by OutputPage based on ResourceLoader::inDebugMode.
This change means that manually constructed ad-hoc load.php
urls that are missing 'debug=' parameter, will now always be
read as debug=false. This was the default already, but could
previously be changed through wgResourceLoaderDebug.
When changing wgResourceLoaderDebug, everything will still have
debug=true as before. The only change is when constructing load.php
urls manually and explicitly not set it.
Bug: T32956
Change-Id: Ie3424be46e2b8311968f3068ca08ba6a1139224a
2019-03-08 20:33:04 +00:00
|
|
|
if ( !$context->getDebug() ) {
|
2016-09-15 04:01:09 +00:00
|
|
|
$scripts = self::filter( 'minify-js', $scripts ); // T107377
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
$scripts = new XmlJsCode( $scripts );
|
|
|
|
|
}
|
|
|
|
|
}
|
2015-10-01 00:26:46 +00:00
|
|
|
$strContent = self::makeLoaderImplementScript(
|
2019-09-09 15:50:13 +00:00
|
|
|
$context,
|
2016-09-12 20:52:10 +00:00
|
|
|
$implementKey,
|
2016-09-15 04:01:09 +00:00
|
|
|
$scripts,
|
2017-10-06 22:17:58 +00:00
|
|
|
$content['styles'] ?? [],
|
2016-02-17 09:09:32 +00:00
|
|
|
isset( $content['messagesBlob'] ) ? new XmlJsCode( $content['messagesBlob'] ) : [],
|
2017-10-06 22:17:58 +00:00
|
|
|
$content['templates'] ?? []
|
2012-06-13 23:50:13 +00:00
|
|
|
);
|
2010-12-23 20:14:18 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2015-10-01 00:26:46 +00:00
|
|
|
|
|
|
|
|
if ( !$context->getDebug() ) {
|
2015-10-01 18:05:08 +00:00
|
|
|
$strContent = self::filter( $filter, $strContent );
|
2019-04-07 09:12:04 +00:00
|
|
|
} else {
|
|
|
|
|
// In debug mode, separate each response by a new line.
|
|
|
|
|
// For example, between 'mw.loader.implement();' statements.
|
2021-07-20 10:10:21 +00:00
|
|
|
$strContent = self::ensureNewline( $strContent );
|
2015-10-01 00:26:46 +00:00
|
|
|
}
|
|
|
|
|
|
2017-06-28 02:51:03 +00:00
|
|
|
if ( $context->getOnly() === 'scripts' ) {
|
|
|
|
|
// Use a linebreak between module scripts (T162719)
|
2021-07-20 10:10:21 +00:00
|
|
|
$out .= self::ensureNewline( $strContent );
|
2017-06-28 02:51:03 +00:00
|
|
|
} else {
|
|
|
|
|
$out .= $strContent;
|
|
|
|
|
}
|
2015-10-01 00:26:46 +00:00
|
|
|
|
2010-12-23 20:14:18 +00:00
|
|
|
} catch ( Exception $e ) {
|
2016-12-03 03:57:42 +00:00
|
|
|
$this->outputErrorAndLog( $e, 'Generating module package failed: {exception}' );
|
2010-10-20 00:22:25 +00:00
|
|
|
|
2013-10-17 10:33:26 +00:00
|
|
|
// Respond to client with error-state instead of module implementation
|
|
|
|
|
$states[$name] = 'error';
|
2010-12-23 20:14:18 +00:00
|
|
|
unset( $modules[$name] );
|
|
|
|
|
}
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2010-09-24 18:49:19 +00:00
|
|
|
// Update module states
|
resourceloader: Remove support for raw modules
Being a raw module means that when it is requested from load.php with
"only=scripts" set, then the output is *not* wrapped in an
'mw.loader.implement' closure *and* there no 'mw.loader.state()' appendix.
Instead, it is served "raw".
Before 2018, the modules 'mediawiki' and 'jquery' were raw modules.
They were needed before the client could define 'mw.loader.implement', and
could never be valid dependencies. Module 'mediawiki' merged to 'startup',
and 'jquery' became a regular module (T192623). Based on the architecture
of modules being deliverable bundles, it doesn't make sense for there to
ever be raw modules again. Anything that 'startup' needs should be bundled
with it. Anything else is a regular module.
On top of that, we never actually needed this feature because specifying
the 'only=scripts' and 'raw=1' parameters does the same thing.
The only special bit about marking modules (not requests) as "raw" was that
it allowed the client to forget to specify "raw=1" and the server would
automatically omit the 'mw.loader.state()' appendix based on whether the
module is marked as raw. As of Ie4564ec8e26ad53f2, the two remaining use
cases for raw responses now specify the 'raw=1' request parameter, and we
can get rid of the "raw module" feature and all the complexity around it.
== Startup module
In the startup module there was an interesting use of isRaw() that has
little to do with the above. The "ATTENTION" warning there applies to the
startup module only, not raw modules in general. This is now fixed by
explicitly checking for StartupModule.
Above that warning, it talked about saving bytes, which was an optimisation
given that "raw" modules don't communicate with mw.loader, they also don't
need to be registered there because even if mw.loader would try to load
them, the server would never inform mw.loader about the module having
arrived. There are now no longer any such modules.
Bug: T201483
Change-Id: I8839036e7b2b76919b6cd3aa42ccfde4d1247899
2019-06-13 18:41:56 +00:00
|
|
|
if ( $context->shouldIncludeScripts() && !$context->getRaw() ) {
|
|
|
|
|
if ( $modules && $context->getOnly() === 'scripts' ) {
|
2013-10-17 10:33:26 +00:00
|
|
|
// Set the state of modules loaded as only scripts to ready as
|
|
|
|
|
// they don't have an mw.loader.implement wrapper that sets the state
|
|
|
|
|
foreach ( $modules as $name => $module ) {
|
|
|
|
|
$states[$name] = 'ready';
|
|
|
|
|
}
|
2010-09-24 18:49:19 +00:00
|
|
|
}
|
2013-10-17 10:33:26 +00:00
|
|
|
|
|
|
|
|
// Set the state of modules we didn't respond to with mw.loader.implement
|
resourceloader: Remove support for raw modules
Being a raw module means that when it is requested from load.php with
"only=scripts" set, then the output is *not* wrapped in an
'mw.loader.implement' closure *and* there no 'mw.loader.state()' appendix.
Instead, it is served "raw".
Before 2018, the modules 'mediawiki' and 'jquery' were raw modules.
They were needed before the client could define 'mw.loader.implement', and
could never be valid dependencies. Module 'mediawiki' merged to 'startup',
and 'jquery' became a regular module (T192623). Based on the architecture
of modules being deliverable bundles, it doesn't make sense for there to
ever be raw modules again. Anything that 'startup' needs should be bundled
with it. Anything else is a regular module.
On top of that, we never actually needed this feature because specifying
the 'only=scripts' and 'raw=1' parameters does the same thing.
The only special bit about marking modules (not requests) as "raw" was that
it allowed the client to forget to specify "raw=1" and the server would
automatically omit the 'mw.loader.state()' appendix based on whether the
module is marked as raw. As of Ie4564ec8e26ad53f2, the two remaining use
cases for raw responses now specify the 'raw=1' request parameter, and we
can get rid of the "raw module" feature and all the complexity around it.
== Startup module
In the startup module there was an interesting use of isRaw() that has
little to do with the above. The "ATTENTION" warning there applies to the
startup module only, not raw modules in general. This is now fixed by
explicitly checking for StartupModule.
Above that warning, it talked about saving bytes, which was an optimisation
given that "raw" modules don't communicate with mw.loader, they also don't
need to be registered there because even if mw.loader would try to load
them, the server would never inform mw.loader about the module having
arrived. There are now no longer any such modules.
Bug: T201483
Change-Id: I8839036e7b2b76919b6cd3aa42ccfde4d1247899
2019-06-13 18:41:56 +00:00
|
|
|
if ( $states ) {
|
2019-09-09 15:50:13 +00:00
|
|
|
$stateScript = self::makeLoaderStateScript( $context, $states );
|
2015-10-01 00:26:46 +00:00
|
|
|
if ( !$context->getDebug() ) {
|
2015-10-01 18:05:08 +00:00
|
|
|
$stateScript = self::filter( 'minify-js', $stateScript );
|
2015-10-01 00:26:46 +00:00
|
|
|
}
|
2017-06-28 02:51:03 +00:00
|
|
|
// Use a linebreak between module script and state script (T162719)
|
2021-07-20 10:10:21 +00:00
|
|
|
$out = self::ensureNewline( $out ) . $stateScript;
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2019-03-29 20:12:24 +00:00
|
|
|
} elseif ( $states ) {
|
|
|
|
|
$this->errors[] = 'Problematic modules: '
|
2019-09-09 15:50:13 +00:00
|
|
|
. $context->encodeJson( $states );
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2010-09-04 12:53:01 +00:00
|
|
|
|
2014-11-11 20:00:17 +00:00
|
|
|
return $out;
|
2010-09-04 04:00:09 +00:00
|
|
|
}
|
2010-10-20 00:22:25 +00:00
|
|
|
|
2017-06-28 02:51:03 +00:00
|
|
|
/**
|
|
|
|
|
* Ensure the string is either empty or ends in a line break
|
|
|
|
|
* @param string $str
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
2021-07-20 10:10:21 +00:00
|
|
|
private static function ensureNewline( $str ) {
|
2017-06-28 02:51:03 +00:00
|
|
|
$end = substr( $str, -1 );
|
2019-04-07 10:08:17 +00:00
|
|
|
if ( $end === false || $end === '' || $end === "\n" ) {
|
2017-06-28 02:51:03 +00:00
|
|
|
return $str;
|
|
|
|
|
}
|
|
|
|
|
return $str . "\n";
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-06 23:20:16 +00:00
|
|
|
/**
|
|
|
|
|
* Get names of modules that use a certain message.
|
|
|
|
|
*
|
|
|
|
|
* @param string $messageKey
|
2020-02-21 00:26:07 +00:00
|
|
|
* @return string[] List of module names
|
2015-11-06 23:20:16 +00:00
|
|
|
*/
|
|
|
|
|
public function getModulesByMessage( $messageKey ) {
|
2016-02-17 09:09:32 +00:00
|
|
|
$moduleNames = [];
|
2015-11-06 23:20:16 +00:00
|
|
|
foreach ( $this->getModuleNames() as $moduleName ) {
|
|
|
|
|
$module = $this->getModule( $moduleName );
|
|
|
|
|
if ( in_array( $messageKey, $module->getMessages() ) ) {
|
|
|
|
|
$moduleNames[] = $moduleName;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $moduleNames;
|
|
|
|
|
}
|
|
|
|
|
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
/**
|
2014-03-07 16:50:57 +00:00
|
|
|
* Return JS code that calls mw.loader.implement with given module properties.
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*
|
2019-09-09 15:50:13 +00:00
|
|
|
* @param ResourceLoaderContext $context
|
2016-09-12 20:52:10 +00:00
|
|
|
* @param string $name Module name or implement key (format "`[name]@[version]`")
|
2016-09-15 04:01:09 +00:00
|
|
|
* @param XmlJsCode|array|string $scripts Code as XmlJsCode (to be wrapped in a closure),
|
ResourceLoader: Add support for packageFiles
Package files are files that are part of a module, but are not
immediately executed when the module executes. Instead, they are
lazy-excecuted when require() is called on them. Package files can be
scripts (JS) or data (JSON), and can be real files on the file system,
or virtual files generated by a callback.
Using virtual data files, server-side data and config variables can be
bundled with a module. Support for file-based require() allows us to
import npm modules into ResourceLoader more easily.
The require function passed to each script execution context, which was
previously a reference to the global mw.loader.require() function, is
changed to one that is scoped to the module and the file being executed.
This is needed to support relative paths: require( '../foo.js' ) can
mean a different file depending on the path of the calling file.
The results of require()ing each file (i.e. the value of module.exports
after executing it) are stored, and calling require() on the same file a
second time won't execute it again, but will return the stored value.
Miscellaneous changes:
- Add XmlJsCode::encodeObject(), which combines an associative array of
XmlJsCode objects into one larger XmlJsCode object. This is needed for
encoding the packageFiles parameter in mw.loader.implement() calls.
Bug: T133462
Change-Id: I78cc86e626de0720397718cd2bed8ed279579112
2018-11-03 00:53:17 +00:00
|
|
|
* list of URLs to JavaScript files, string of JavaScript for `$.globalEval`, or array with
|
|
|
|
|
* 'files' and 'main' properties (see ResourceLoaderModule::getScript())
|
2014-03-07 16:50:57 +00:00
|
|
|
* @param mixed $styles Array of CSS strings keyed by media type, or an array of lists of URLs
|
|
|
|
|
* to CSS files keyed by media type
|
|
|
|
|
* @param mixed $messages List of messages associated with this module. May either be an
|
|
|
|
|
* associative array mapping message key to value, or a JSON-encoded message blob containing
|
|
|
|
|
* the same data, wrapped in an XmlJsCode object.
|
2014-10-10 00:07:14 +00:00
|
|
|
* @param array $templates Keys are name of templates and values are the source of
|
|
|
|
|
* the template.
|
2017-06-08 13:11:13 +00:00
|
|
|
* @return string JavaScript code
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*/
|
2019-09-09 15:50:13 +00:00
|
|
|
private static function makeLoaderImplementScript(
|
|
|
|
|
ResourceLoaderContext $context, $name, $scripts, $styles, $messages, $templates
|
2014-10-10 00:07:14 +00:00
|
|
|
) {
|
2016-09-15 04:01:09 +00:00
|
|
|
if ( $scripts instanceof XmlJsCode ) {
|
2019-01-29 03:33:14 +00:00
|
|
|
if ( $scripts->value === '' ) {
|
|
|
|
|
$scripts = null;
|
2019-09-09 15:50:13 +00:00
|
|
|
} elseif ( $context->getDebug() ) {
|
2018-01-29 23:30:23 +00:00
|
|
|
$scripts = new XmlJsCode( "function ( $, jQuery, require, module ) {\n{$scripts->value}\n}" );
|
|
|
|
|
} else {
|
2021-07-20 10:10:21 +00:00
|
|
|
$scripts = new XmlJsCode(
|
|
|
|
|
'function($,jQuery,require,module){' . self::ensureNewline( $scripts->value ) . '}'
|
|
|
|
|
);
|
2018-01-29 23:30:23 +00:00
|
|
|
}
|
ResourceLoader: Add support for packageFiles
Package files are files that are part of a module, but are not
immediately executed when the module executes. Instead, they are
lazy-excecuted when require() is called on them. Package files can be
scripts (JS) or data (JSON), and can be real files on the file system,
or virtual files generated by a callback.
Using virtual data files, server-side data and config variables can be
bundled with a module. Support for file-based require() allows us to
import npm modules into ResourceLoader more easily.
The require function passed to each script execution context, which was
previously a reference to the global mw.loader.require() function, is
changed to one that is scoped to the module and the file being executed.
This is needed to support relative paths: require( '../foo.js' ) can
mean a different file depending on the path of the calling file.
The results of require()ing each file (i.e. the value of module.exports
after executing it) are stored, and calling require() on the same file a
second time won't execute it again, but will return the stored value.
Miscellaneous changes:
- Add XmlJsCode::encodeObject(), which combines an associative array of
XmlJsCode objects into one larger XmlJsCode object. This is needed for
encoding the packageFiles parameter in mw.loader.implement() calls.
Bug: T133462
Change-Id: I78cc86e626de0720397718cd2bed8ed279579112
2018-11-03 00:53:17 +00:00
|
|
|
} elseif ( is_array( $scripts ) && isset( $scripts['files'] ) ) {
|
|
|
|
|
$files = $scripts['files'];
|
|
|
|
|
foreach ( $files as $path => &$file ) {
|
|
|
|
|
// $file is changed (by reference) from a descriptor array to the content of the file
|
|
|
|
|
// All of these essentially do $file = $file['content'];, some just have wrapping around it
|
|
|
|
|
if ( $file['type'] === 'script' ) {
|
|
|
|
|
// Multi-file modules only get two parameters ($ and jQuery are being phased out)
|
2019-09-09 15:50:13 +00:00
|
|
|
if ( $context->getDebug() ) {
|
ResourceLoader: Add support for packageFiles
Package files are files that are part of a module, but are not
immediately executed when the module executes. Instead, they are
lazy-excecuted when require() is called on them. Package files can be
scripts (JS) or data (JSON), and can be real files on the file system,
or virtual files generated by a callback.
Using virtual data files, server-side data and config variables can be
bundled with a module. Support for file-based require() allows us to
import npm modules into ResourceLoader more easily.
The require function passed to each script execution context, which was
previously a reference to the global mw.loader.require() function, is
changed to one that is scoped to the module and the file being executed.
This is needed to support relative paths: require( '../foo.js' ) can
mean a different file depending on the path of the calling file.
The results of require()ing each file (i.e. the value of module.exports
after executing it) are stored, and calling require() on the same file a
second time won't execute it again, but will return the stored value.
Miscellaneous changes:
- Add XmlJsCode::encodeObject(), which combines an associative array of
XmlJsCode objects into one larger XmlJsCode object. This is needed for
encoding the packageFiles parameter in mw.loader.implement() calls.
Bug: T133462
Change-Id: I78cc86e626de0720397718cd2bed8ed279579112
2018-11-03 00:53:17 +00:00
|
|
|
$file = new XmlJsCode( "function ( require, module ) {\n{$file['content']}\n}" );
|
|
|
|
|
} else {
|
2021-07-20 10:10:21 +00:00
|
|
|
$file = new XmlJsCode(
|
|
|
|
|
'function(require,module){' . self::ensureNewline( $file['content'] ) . '}'
|
|
|
|
|
);
|
ResourceLoader: Add support for packageFiles
Package files are files that are part of a module, but are not
immediately executed when the module executes. Instead, they are
lazy-excecuted when require() is called on them. Package files can be
scripts (JS) or data (JSON), and can be real files on the file system,
or virtual files generated by a callback.
Using virtual data files, server-side data and config variables can be
bundled with a module. Support for file-based require() allows us to
import npm modules into ResourceLoader more easily.
The require function passed to each script execution context, which was
previously a reference to the global mw.loader.require() function, is
changed to one that is scoped to the module and the file being executed.
This is needed to support relative paths: require( '../foo.js' ) can
mean a different file depending on the path of the calling file.
The results of require()ing each file (i.e. the value of module.exports
after executing it) are stored, and calling require() on the same file a
second time won't execute it again, but will return the stored value.
Miscellaneous changes:
- Add XmlJsCode::encodeObject(), which combines an associative array of
XmlJsCode objects into one larger XmlJsCode object. This is needed for
encoding the packageFiles parameter in mw.loader.implement() calls.
Bug: T133462
Change-Id: I78cc86e626de0720397718cd2bed8ed279579112
2018-11-03 00:53:17 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
$file = $file['content'];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$scripts = XmlJsCode::encodeObject( [
|
|
|
|
|
'main' => $scripts['main'],
|
2019-09-09 15:50:13 +00:00
|
|
|
'files' => XmlJsCode::encodeObject( $files, $context->getDebug() )
|
|
|
|
|
], $context->getDebug() );
|
2016-09-15 04:01:09 +00:00
|
|
|
} elseif ( !is_string( $scripts ) && !is_array( $scripts ) ) {
|
2020-02-21 00:26:07 +00:00
|
|
|
throw new InvalidArgumentException( 'Script must be a string or an array of URLs' );
|
2010-09-24 18:49:19 +00:00
|
|
|
}
|
ResourceLoader: Add support for packageFiles
Package files are files that are part of a module, but are not
immediately executed when the module executes. Instead, they are
lazy-excecuted when require() is called on them. Package files can be
scripts (JS) or data (JSON), and can be real files on the file system,
or virtual files generated by a callback.
Using virtual data files, server-side data and config variables can be
bundled with a module. Support for file-based require() allows us to
import npm modules into ResourceLoader more easily.
The require function passed to each script execution context, which was
previously a reference to the global mw.loader.require() function, is
changed to one that is scoped to the module and the file being executed.
This is needed to support relative paths: require( '../foo.js' ) can
mean a different file depending on the path of the calling file.
The results of require()ing each file (i.e. the value of module.exports
after executing it) are stored, and calling require() on the same file a
second time won't execute it again, but will return the stored value.
Miscellaneous changes:
- Add XmlJsCode::encodeObject(), which combines an associative array of
XmlJsCode objects into one larger XmlJsCode object. This is needed for
encoding the packageFiles parameter in mw.loader.implement() calls.
Bug: T133462
Change-Id: I78cc86e626de0720397718cd2bed8ed279579112
2018-11-03 00:53:17 +00:00
|
|
|
|
2014-12-09 01:17:53 +00:00
|
|
|
// mw.loader.implement requires 'styles', 'messages' and 'templates' to be objects (not
|
|
|
|
|
// arrays). json_encode considers empty arrays to be numerical and outputs "[]" instead
|
|
|
|
|
// of "{}". Force them to objects.
|
2016-02-17 09:09:32 +00:00
|
|
|
$module = [
|
2014-12-09 01:17:53 +00:00
|
|
|
$name,
|
|
|
|
|
$scripts,
|
2015-06-17 20:01:00 +00:00
|
|
|
(object)$styles,
|
|
|
|
|
(object)$messages,
|
ResourceLoader: Add support for packageFiles
Package files are files that are part of a module, but are not
immediately executed when the module executes. Instead, they are
lazy-excecuted when require() is called on them. Package files can be
scripts (JS) or data (JSON), and can be real files on the file system,
or virtual files generated by a callback.
Using virtual data files, server-side data and config variables can be
bundled with a module. Support for file-based require() allows us to
import npm modules into ResourceLoader more easily.
The require function passed to each script execution context, which was
previously a reference to the global mw.loader.require() function, is
changed to one that is scoped to the module and the file being executed.
This is needed to support relative paths: require( '../foo.js' ) can
mean a different file depending on the path of the calling file.
The results of require()ing each file (i.e. the value of module.exports
after executing it) are stored, and calling require() on the same file a
second time won't execute it again, but will return the stored value.
Miscellaneous changes:
- Add XmlJsCode::encodeObject(), which combines an associative array of
XmlJsCode objects into one larger XmlJsCode object. This is needed for
encoding the packageFiles parameter in mw.loader.implement() calls.
Bug: T133462
Change-Id: I78cc86e626de0720397718cd2bed8ed279579112
2018-11-03 00:53:17 +00:00
|
|
|
(object)$templates
|
2016-02-17 09:09:32 +00:00
|
|
|
];
|
2014-12-09 01:17:53 +00:00
|
|
|
self::trimArray( $module );
|
|
|
|
|
|
2019-09-09 15:50:13 +00:00
|
|
|
return Xml::encodeJsCall( 'mw.loader.implement', $module, $context->getDebug() );
|
2010-09-24 18:49:19 +00:00
|
|
|
}
|
|
|
|
|
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
/**
|
|
|
|
|
* Returns JS code which, when called, will register a given list of messages.
|
|
|
|
|
*
|
2019-09-10 05:30:07 +00:00
|
|
|
* @param mixed $messages Associative array mapping message key to value.
|
2017-06-08 13:11:13 +00:00
|
|
|
* @return string JavaScript code
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*/
|
2010-09-24 18:49:19 +00:00
|
|
|
public static function makeMessageSetScript( $messages ) {
|
2019-07-16 00:15:32 +00:00
|
|
|
return 'mw.messages.set('
|
|
|
|
|
. self::encodeJsonForScript( (object)$messages )
|
|
|
|
|
. ');';
|
2010-09-24 18:49:19 +00:00
|
|
|
}
|
|
|
|
|
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
/**
|
2011-06-17 16:05:05 +00:00
|
|
|
* Combines an associative array mapping media type to CSS into a
|
2012-07-10 12:48:06 +00:00
|
|
|
* single stylesheet with "@media" blocks.
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param array<string,string|string[]> $stylePairs Map from media type to CSS string(s)
|
|
|
|
|
* @return string[] CSS strings
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*/
|
2014-06-04 19:30:14 +00:00
|
|
|
public static function makeCombinedStyles( array $stylePairs ) {
|
2016-02-17 09:09:32 +00:00
|
|
|
$out = [];
|
ResourceLoader: Refactor style loading
Fixes:
* bug 31676: Work around IE stylesheet limit.
* bug 35562: @import styles broken in modules that combine
multiple stylesheets.
* bug 40498: Don't output empty "@media print { }" blocks.
* bug 40500: Don't ignore media-type for urls in debug mode.
Approach:
* Re-use the same <style> tag so that we stay under the 31
stylesheet limit in IE. Unless the to-be-added css text from
the being-loaded module contains @import, in which case we do
create a new <style> tag and then re-use that one from that
point on (bug 31676).
* Return stylesheets as arrays, instead of a concatenated string.
This fixes bug 35562, because @import only works when at the
top of a stylesheet. By not unconditionally concatenating files
within a module on the server side already, @import will work
in e.g. module 'site' that contains 2 wiki pages.
This is normalized in ResourceLoader::makeCombinedStyles(),
so far only ResourceLoaderWikiModule makes use of this.
Misc. clean up and bug fixes:
* Reducing usage of jQuery() and mw.html.element() where
native DOM would be very simple and faster. Aside from
simplicity and speed, this is also working towards a more
stand-alone ResourceLoader.
* Trim server output a little bit more
- Redundant new line after minify-css (it is now an array, so
no need to keep space afterwards)
- Redundant semi-colon after minify-js if it ends in a colon
* Allow space in styleTest.css.php
* Clean up and extend unit tests to cover for these features
and bug fixes.
* Don't set styleEl.rel = 'stylesheet'; that has no business
on a <style> tag.
* Fix bug in mw.loader's addStyleTag(). It turns out IE6
has an odd security measure that does not allow manipulation
of elements (at least style tags) that are created by a
different script (even if that script was served from the same
domain/origin etc.). We didn't ran into this before because
we only created new style tags, never appended to them. Now
that we do, this came up. Took a while to figure out because
it was created by mediawiki.js but it calls jQuery which did
the actual dom insertion. Odd thing is, we load jquery.js and
mediawiki.js in the same request even...
Without this all css-url related mw.loader tests would fail
in IE6.
* mediawiki.js and mediawiki.test.js now pass jshint again.
Tested (and passing qunit/?module=mediawiki; 123 of 123):
* Chrome 14, 21
* Firefox 3.0, 3.6, 4, 7, 14, 15, 16beta
* IE 6, 7, 8, 9
* Safari 4.0, 5.0, 5.1
* Opera 10.0, 11.1, 11.5, 11.6, 12.0, 12.5beta
* iPhone 3GS / iOS 3.0 / Mobile Safari 4.0
iPhone 4 / iOS 4.0.1 / Mobile Safari 4.0.5
iPhone 4S / iOS 6.0 Beta / Mobile Safari 6.0
Change-Id: I3e8227ddb87fd9441071ca935439fc6467751dab
2012-07-25 21:20:21 +00:00
|
|
|
foreach ( $stylePairs as $media => $styles ) {
|
|
|
|
|
// ResourceLoaderFileModule::getStyle can return the styles
|
|
|
|
|
// as a string or an array of strings. This is to allow separation in
|
|
|
|
|
// the front-end.
|
2013-04-02 20:28:40 +00:00
|
|
|
$styles = (array)$styles;
|
ResourceLoader: Refactor style loading
Fixes:
* bug 31676: Work around IE stylesheet limit.
* bug 35562: @import styles broken in modules that combine
multiple stylesheets.
* bug 40498: Don't output empty "@media print { }" blocks.
* bug 40500: Don't ignore media-type for urls in debug mode.
Approach:
* Re-use the same <style> tag so that we stay under the 31
stylesheet limit in IE. Unless the to-be-added css text from
the being-loaded module contains @import, in which case we do
create a new <style> tag and then re-use that one from that
point on (bug 31676).
* Return stylesheets as arrays, instead of a concatenated string.
This fixes bug 35562, because @import only works when at the
top of a stylesheet. By not unconditionally concatenating files
within a module on the server side already, @import will work
in e.g. module 'site' that contains 2 wiki pages.
This is normalized in ResourceLoader::makeCombinedStyles(),
so far only ResourceLoaderWikiModule makes use of this.
Misc. clean up and bug fixes:
* Reducing usage of jQuery() and mw.html.element() where
native DOM would be very simple and faster. Aside from
simplicity and speed, this is also working towards a more
stand-alone ResourceLoader.
* Trim server output a little bit more
- Redundant new line after minify-css (it is now an array, so
no need to keep space afterwards)
- Redundant semi-colon after minify-js if it ends in a colon
* Allow space in styleTest.css.php
* Clean up and extend unit tests to cover for these features
and bug fixes.
* Don't set styleEl.rel = 'stylesheet'; that has no business
on a <style> tag.
* Fix bug in mw.loader's addStyleTag(). It turns out IE6
has an odd security measure that does not allow manipulation
of elements (at least style tags) that are created by a
different script (even if that script was served from the same
domain/origin etc.). We didn't ran into this before because
we only created new style tags, never appended to them. Now
that we do, this came up. Took a while to figure out because
it was created by mediawiki.js but it calls jQuery which did
the actual dom insertion. Odd thing is, we load jquery.js and
mediawiki.js in the same request even...
Without this all css-url related mw.loader tests would fail
in IE6.
* mediawiki.js and mediawiki.test.js now pass jshint again.
Tested (and passing qunit/?module=mediawiki; 123 of 123):
* Chrome 14, 21
* Firefox 3.0, 3.6, 4, 7, 14, 15, 16beta
* IE 6, 7, 8, 9
* Safari 4.0, 5.0, 5.1
* Opera 10.0, 11.1, 11.5, 11.6, 12.0, 12.5beta
* iPhone 3GS / iOS 3.0 / Mobile Safari 4.0
iPhone 4 / iOS 4.0.1 / Mobile Safari 4.0.5
iPhone 4S / iOS 6.0 Beta / Mobile Safari 6.0
Change-Id: I3e8227ddb87fd9441071ca935439fc6467751dab
2012-07-25 21:20:21 +00:00
|
|
|
foreach ( $styles as $style ) {
|
|
|
|
|
$style = trim( $style );
|
2017-02-20 22:44:19 +00:00
|
|
|
// Don't output an empty "@media print { }" block (T42498)
|
ResourceLoader: Refactor style loading
Fixes:
* bug 31676: Work around IE stylesheet limit.
* bug 35562: @import styles broken in modules that combine
multiple stylesheets.
* bug 40498: Don't output empty "@media print { }" blocks.
* bug 40500: Don't ignore media-type for urls in debug mode.
Approach:
* Re-use the same <style> tag so that we stay under the 31
stylesheet limit in IE. Unless the to-be-added css text from
the being-loaded module contains @import, in which case we do
create a new <style> tag and then re-use that one from that
point on (bug 31676).
* Return stylesheets as arrays, instead of a concatenated string.
This fixes bug 35562, because @import only works when at the
top of a stylesheet. By not unconditionally concatenating files
within a module on the server side already, @import will work
in e.g. module 'site' that contains 2 wiki pages.
This is normalized in ResourceLoader::makeCombinedStyles(),
so far only ResourceLoaderWikiModule makes use of this.
Misc. clean up and bug fixes:
* Reducing usage of jQuery() and mw.html.element() where
native DOM would be very simple and faster. Aside from
simplicity and speed, this is also working towards a more
stand-alone ResourceLoader.
* Trim server output a little bit more
- Redundant new line after minify-css (it is now an array, so
no need to keep space afterwards)
- Redundant semi-colon after minify-js if it ends in a colon
* Allow space in styleTest.css.php
* Clean up and extend unit tests to cover for these features
and bug fixes.
* Don't set styleEl.rel = 'stylesheet'; that has no business
on a <style> tag.
* Fix bug in mw.loader's addStyleTag(). It turns out IE6
has an odd security measure that does not allow manipulation
of elements (at least style tags) that are created by a
different script (even if that script was served from the same
domain/origin etc.). We didn't ran into this before because
we only created new style tags, never appended to them. Now
that we do, this came up. Took a while to figure out because
it was created by mediawiki.js but it calls jQuery which did
the actual dom insertion. Odd thing is, we load jquery.js and
mediawiki.js in the same request even...
Without this all css-url related mw.loader tests would fail
in IE6.
* mediawiki.js and mediawiki.test.js now pass jshint again.
Tested (and passing qunit/?module=mediawiki; 123 of 123):
* Chrome 14, 21
* Firefox 3.0, 3.6, 4, 7, 14, 15, 16beta
* IE 6, 7, 8, 9
* Safari 4.0, 5.0, 5.1
* Opera 10.0, 11.1, 11.5, 11.6, 12.0, 12.5beta
* iPhone 3GS / iOS 3.0 / Mobile Safari 4.0
iPhone 4 / iOS 4.0.1 / Mobile Safari 4.0.5
iPhone 4S / iOS 6.0 Beta / Mobile Safari 6.0
Change-Id: I3e8227ddb87fd9441071ca935439fc6467751dab
2012-07-25 21:20:21 +00:00
|
|
|
if ( $style !== '' ) {
|
|
|
|
|
// Transform the media type based on request params and config
|
|
|
|
|
// The way that this relies on $wgRequest to propagate request params is slightly evil
|
|
|
|
|
$media = OutputPage::transformCssMedia( $media );
|
|
|
|
|
|
|
|
|
|
if ( $media === '' || $media == 'all' ) {
|
|
|
|
|
$out[] = $style;
|
2013-04-17 14:52:47 +00:00
|
|
|
} elseif ( is_string( $media ) ) {
|
ResourceLoader: Refactor style loading
Fixes:
* bug 31676: Work around IE stylesheet limit.
* bug 35562: @import styles broken in modules that combine
multiple stylesheets.
* bug 40498: Don't output empty "@media print { }" blocks.
* bug 40500: Don't ignore media-type for urls in debug mode.
Approach:
* Re-use the same <style> tag so that we stay under the 31
stylesheet limit in IE. Unless the to-be-added css text from
the being-loaded module contains @import, in which case we do
create a new <style> tag and then re-use that one from that
point on (bug 31676).
* Return stylesheets as arrays, instead of a concatenated string.
This fixes bug 35562, because @import only works when at the
top of a stylesheet. By not unconditionally concatenating files
within a module on the server side already, @import will work
in e.g. module 'site' that contains 2 wiki pages.
This is normalized in ResourceLoader::makeCombinedStyles(),
so far only ResourceLoaderWikiModule makes use of this.
Misc. clean up and bug fixes:
* Reducing usage of jQuery() and mw.html.element() where
native DOM would be very simple and faster. Aside from
simplicity and speed, this is also working towards a more
stand-alone ResourceLoader.
* Trim server output a little bit more
- Redundant new line after minify-css (it is now an array, so
no need to keep space afterwards)
- Redundant semi-colon after minify-js if it ends in a colon
* Allow space in styleTest.css.php
* Clean up and extend unit tests to cover for these features
and bug fixes.
* Don't set styleEl.rel = 'stylesheet'; that has no business
on a <style> tag.
* Fix bug in mw.loader's addStyleTag(). It turns out IE6
has an odd security measure that does not allow manipulation
of elements (at least style tags) that are created by a
different script (even if that script was served from the same
domain/origin etc.). We didn't ran into this before because
we only created new style tags, never appended to them. Now
that we do, this came up. Took a while to figure out because
it was created by mediawiki.js but it calls jQuery which did
the actual dom insertion. Odd thing is, we load jquery.js and
mediawiki.js in the same request even...
Without this all css-url related mw.loader tests would fail
in IE6.
* mediawiki.js and mediawiki.test.js now pass jshint again.
Tested (and passing qunit/?module=mediawiki; 123 of 123):
* Chrome 14, 21
* Firefox 3.0, 3.6, 4, 7, 14, 15, 16beta
* IE 6, 7, 8, 9
* Safari 4.0, 5.0, 5.1
* Opera 10.0, 11.1, 11.5, 11.6, 12.0, 12.5beta
* iPhone 3GS / iOS 3.0 / Mobile Safari 4.0
iPhone 4 / iOS 4.0.1 / Mobile Safari 4.0.5
iPhone 4S / iOS 6.0 Beta / Mobile Safari 6.0
Change-Id: I3e8227ddb87fd9441071ca935439fc6467751dab
2012-07-25 21:20:21 +00:00
|
|
|
$out[] = "@media $media {\n" . str_replace( "\n", "\n\t", "\t" . $style ) . "}";
|
|
|
|
|
}
|
|
|
|
|
// else: skip
|
|
|
|
|
}
|
2011-01-07 20:22:50 +00:00
|
|
|
}
|
2010-09-24 18:49:19 +00:00
|
|
|
}
|
|
|
|
|
return $out;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-15 20:51:43 +00:00
|
|
|
/**
|
|
|
|
|
* Wrapper around json_encode that avoids needless escapes,
|
|
|
|
|
* and pretty-prints in debug mode.
|
|
|
|
|
*
|
2020-02-21 00:26:07 +00:00
|
|
|
* @internal For use within ResourceLoader classes only
|
2018-09-15 20:51:43 +00:00
|
|
|
* @since 1.32
|
2019-09-04 17:13:11 +00:00
|
|
|
* @param mixed $data
|
2019-09-10 06:07:57 +00:00
|
|
|
* @return string|false JSON string, false on error
|
2018-09-15 20:51:43 +00:00
|
|
|
*/
|
|
|
|
|
public static function encodeJsonForScript( $data ) {
|
|
|
|
|
// Keep output as small as possible by disabling needless escape modes
|
|
|
|
|
// that PHP uses by default.
|
|
|
|
|
// However, while most module scripts are only served on HTTP responses
|
|
|
|
|
// for JavaScript, some modules can also be embedded in the HTML as inline
|
|
|
|
|
// scripts. This, and the fact that we sometimes need to export strings
|
|
|
|
|
// containing user-generated content and labels that may genuinely contain
|
|
|
|
|
// a sequences like "</script>", we need to encode either '/' or '<'.
|
|
|
|
|
// By default PHP escapes '/'. Let's escape '<' instead which is less common
|
|
|
|
|
// and allows URLs to mostly remain readable.
|
|
|
|
|
$jsonFlags = JSON_UNESCAPED_SLASHES |
|
|
|
|
|
JSON_UNESCAPED_UNICODE |
|
|
|
|
|
JSON_HEX_TAG |
|
|
|
|
|
JSON_HEX_AMP;
|
|
|
|
|
if ( self::inDebugMode() ) {
|
|
|
|
|
$jsonFlags |= JSON_PRETTY_PRINT;
|
|
|
|
|
}
|
|
|
|
|
return json_encode( $data, $jsonFlags );
|
|
|
|
|
}
|
|
|
|
|
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
/**
|
2019-09-28 11:32:29 +00:00
|
|
|
* Returns a JS call to mw.loader.state, which sets the state of modules
|
|
|
|
|
* to a given value:
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*
|
2019-09-09 15:50:13 +00:00
|
|
|
* - ResourceLoader::makeLoaderStateScript( $context, [ $name => $state, ... ] ):
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
* Set the state of modules with the given names to the given states
|
2011-05-21 17:45:20 +00:00
|
|
|
*
|
2020-02-21 00:26:07 +00:00
|
|
|
* @internal For use by ResourceLoaderStartUpModule
|
2019-09-09 15:50:13 +00:00
|
|
|
* @param ResourceLoaderContext $context
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param array<string,string> $states
|
2017-06-08 13:11:13 +00:00
|
|
|
* @return string JavaScript code
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*/
|
2019-09-09 15:50:13 +00:00
|
|
|
public static function makeLoaderStateScript(
|
2019-09-28 11:32:29 +00:00
|
|
|
ResourceLoaderContext $context, array $states
|
2019-09-09 15:50:13 +00:00
|
|
|
) {
|
2019-07-16 00:15:32 +00:00
|
|
|
return 'mw.loader.state('
|
2019-09-09 15:50:13 +00:00
|
|
|
. $context->encodeJson( $states )
|
2019-07-16 00:15:32 +00:00
|
|
|
. ');';
|
2010-09-24 18:49:19 +00:00
|
|
|
}
|
2010-09-24 22:10:25 +00:00
|
|
|
|
2014-12-09 01:17:53 +00:00
|
|
|
private static function isEmptyObject( stdClass $obj ) {
|
2015-09-28 19:18:46 +00:00
|
|
|
foreach ( $obj as $key => $value ) {
|
2014-12-09 01:17:53 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2014-12-09 00:29:19 +00:00
|
|
|
/**
|
|
|
|
|
* Remove empty values from the end of an array.
|
|
|
|
|
*
|
|
|
|
|
* Values considered empty:
|
|
|
|
|
*
|
|
|
|
|
* - null
|
2016-09-12 10:06:37 +00:00
|
|
|
* - []
|
2014-12-09 01:17:53 +00:00
|
|
|
* - new XmlJsCode( '{}' )
|
2020-02-28 15:13:53 +00:00
|
|
|
* - new stdClass()
|
|
|
|
|
* - (object)[]
|
2014-12-09 00:29:19 +00:00
|
|
|
*
|
2019-11-23 22:28:57 +00:00
|
|
|
* @param array &$array
|
2014-12-09 00:29:19 +00:00
|
|
|
*/
|
2021-07-22 03:11:47 +00:00
|
|
|
private static function trimArray( array &$array ): void {
|
2014-12-09 00:29:19 +00:00
|
|
|
$i = count( $array );
|
|
|
|
|
while ( $i-- ) {
|
2014-12-09 01:17:53 +00:00
|
|
|
if ( $array[$i] === null
|
2016-02-17 09:09:32 +00:00
|
|
|
|| $array[$i] === []
|
2014-12-09 01:17:53 +00:00
|
|
|
|| ( $array[$i] instanceof XmlJsCode && $array[$i]->value === '{}' )
|
|
|
|
|
|| ( $array[$i] instanceof stdClass && self::isEmptyObject( $array[$i] ) )
|
|
|
|
|
) {
|
2014-12-09 00:29:19 +00:00
|
|
|
unset( $array[$i] );
|
|
|
|
|
} else {
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Format JS code which calls `mw.loader.register()` with the given parameters.
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*
|
2018-09-15 21:31:18 +00:00
|
|
|
* @par Example
|
|
|
|
|
* @code
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*
|
2019-09-09 15:50:13 +00:00
|
|
|
* ResourceLoader::makeLoaderRegisterScript( $context, [
|
2016-08-13 01:10:40 +00:00
|
|
|
* [ $name1, $version1, $dependencies1, $group1, $source1, $skip1 ],
|
|
|
|
|
* [ $name2, $version2, $dependencies1, $group2, $source2, $skip2 ],
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
* ...
|
2016-08-13 01:10:40 +00:00
|
|
|
* ] ):
|
2018-09-15 21:31:18 +00:00
|
|
|
* @endcode
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*
|
2019-09-09 15:50:13 +00:00
|
|
|
* @internal For use by ResourceLoaderStartUpModule only
|
|
|
|
|
* @param ResourceLoaderContext $context
|
2019-10-11 14:31:51 +00:00
|
|
|
* @param array[] $modules Array of module registration arrays, each containing
|
2018-09-15 21:31:18 +00:00
|
|
|
* - string: module name
|
|
|
|
|
* - string: module version
|
|
|
|
|
* - array|null: List of dependencies (optional)
|
|
|
|
|
* - string|null: Module group (optional)
|
|
|
|
|
* - string|null: Name of foreign module source, or 'local' (optional)
|
|
|
|
|
* - string|null: Script body of a skip function (optional)
|
2019-10-11 14:31:51 +00:00
|
|
|
* @phan-param array<int,array{0:string,1:string,2?:?array,3?:?string,4?:?string,5?:?string}> $modules
|
2017-06-08 13:11:13 +00:00
|
|
|
* @return string JavaScript code
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*/
|
2019-09-09 15:50:13 +00:00
|
|
|
public static function makeLoaderRegisterScript(
|
|
|
|
|
ResourceLoaderContext $context, array $modules
|
|
|
|
|
) {
|
2018-09-15 21:31:18 +00:00
|
|
|
// Optimisation: Transform dependency names into indexes when possible
|
|
|
|
|
// to produce smaller output. They are expanded by mw.loader.register on
|
|
|
|
|
// the other end using resolveIndexedDependencies().
|
|
|
|
|
$index = [];
|
|
|
|
|
foreach ( $modules as $i => &$module ) {
|
2014-10-25 00:18:24 +00:00
|
|
|
// Build module name index
|
2018-09-15 21:31:18 +00:00
|
|
|
$index[$module[0]] = $i;
|
|
|
|
|
}
|
|
|
|
|
foreach ( $modules as &$module ) {
|
|
|
|
|
if ( isset( $module[2] ) ) {
|
|
|
|
|
foreach ( $module[2] as &$dependency ) {
|
|
|
|
|
if ( isset( $index[$dependency] ) ) {
|
|
|
|
|
// Replace module name in dependency list with index
|
|
|
|
|
$dependency = $index[$dependency];
|
2014-10-25 00:18:24 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-09-15 21:31:18 +00:00
|
|
|
}
|
2014-10-25 00:18:24 +00:00
|
|
|
|
2019-04-07 11:49:26 +00:00
|
|
|
array_walk( $modules, [ self::class, 'trimArray' ] );
|
2014-12-09 00:29:19 +00:00
|
|
|
|
2019-07-16 00:15:32 +00:00
|
|
|
return 'mw.loader.register('
|
2019-09-09 15:50:13 +00:00
|
|
|
. $context->encodeJson( $modules )
|
2019-07-16 00:15:32 +00:00
|
|
|
. ');';
|
2011-07-26 21:10:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Format JS code which calls `mw.loader.addSource()` with the given parameters.
|
2011-10-14 08:06:54 +00:00
|
|
|
*
|
2019-09-09 15:50:13 +00:00
|
|
|
* - ResourceLoader::makeLoaderSourcesScript( $context,
|
|
|
|
|
* [ $id1 => $loadUrl, $id2 => $loadUrl, ... ]
|
|
|
|
|
* );
|
2011-07-26 21:10:34 +00:00
|
|
|
* Register sources with the given IDs and properties.
|
2011-10-14 08:06:54 +00:00
|
|
|
*
|
2019-09-09 15:50:13 +00:00
|
|
|
* @internal For use by ResourceLoaderStartUpModule only
|
|
|
|
|
* @param ResourceLoaderContext $context
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param array<string,string> $sources
|
2017-06-08 13:11:13 +00:00
|
|
|
* @return string JavaScript code
|
2011-07-26 21:10:34 +00:00
|
|
|
*/
|
2019-09-09 15:50:13 +00:00
|
|
|
public static function makeLoaderSourcesScript(
|
2019-09-28 11:32:29 +00:00
|
|
|
ResourceLoaderContext $context, array $sources
|
2019-09-09 15:50:13 +00:00
|
|
|
) {
|
2019-07-16 00:15:32 +00:00
|
|
|
return 'mw.loader.addSource('
|
2019-09-09 15:50:13 +00:00
|
|
|
. $context->encodeJson( $sources )
|
2019-07-16 00:15:32 +00:00
|
|
|
. ');';
|
2010-09-24 21:03:29 +00:00
|
|
|
}
|
2010-09-24 22:10:25 +00:00
|
|
|
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Wrap JavaScript code to run after the startup module.
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*
|
2013-03-11 17:15:01 +00:00
|
|
|
* @param string $script JavaScript code
|
2017-06-08 13:11:13 +00:00
|
|
|
* @return string JavaScript code
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*/
|
2010-09-24 22:10:25 +00:00
|
|
|
public static function makeLoaderConditionalScript( $script ) {
|
2018-08-07 18:45:10 +00:00
|
|
|
// Adds a function to lazy-created RLQ
|
2019-04-14 01:15:55 +00:00
|
|
|
return '(RLQ=window.RLQ||[]).push(function(){' .
|
2016-02-18 16:33:15 +00:00
|
|
|
trim( $script ) . '});';
|
2010-09-24 22:10:25 +00:00
|
|
|
}
|
|
|
|
|
|
2018-08-07 18:45:10 +00:00
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Wrap JavaScript code to run after a required module.
|
2018-08-07 18:45:10 +00:00
|
|
|
*
|
|
|
|
|
* @since 1.32
|
|
|
|
|
* @param string|string[] $modules Module name(s)
|
|
|
|
|
* @param string $script JavaScript code
|
|
|
|
|
* @return string JavaScript code
|
|
|
|
|
*/
|
|
|
|
|
public static function makeInlineCodeWithModule( $modules, $script ) {
|
|
|
|
|
// Adds an array to lazy-created RLQ
|
2019-04-14 01:15:55 +00:00
|
|
|
return '(RLQ=window.RLQ||[]).push(['
|
2018-09-15 20:51:43 +00:00
|
|
|
. self::encodeJsonForScript( $modules ) . ','
|
2018-08-07 18:45:10 +00:00
|
|
|
. 'function(){' . trim( $script ) . '}'
|
|
|
|
|
. ']);';
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-25 04:48:02 +00:00
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Make an HTML script that runs given JS code after startup and base modules.
|
2015-03-25 04:48:02 +00:00
|
|
|
*
|
2018-03-02 01:12:03 +00:00
|
|
|
* The code will be wrapped in a closure, and it will be executed by ResourceLoader's
|
|
|
|
|
* startup module if the client has adequate support for MediaWiki JavaScript code.
|
2015-03-25 04:48:02 +00:00
|
|
|
*
|
|
|
|
|
* @param string $script JavaScript code
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param string|null $nonce Content-Security-Policy nonce
|
|
|
|
|
* (from `OutputPage->getCSP()->getNonce()`)
|
2018-05-24 13:10:48 +00:00
|
|
|
* @return string|WrappedString HTML
|
2015-03-25 04:48:02 +00:00
|
|
|
*/
|
Initial support for Content Security Policy, disabled by default
The primary goal here is a defense in depth measure to
stop an attacker who found a bug in the parser allowing
them to insert malicious attributes.
This wouldn't stop someone who could insert a full
script tag (since at current it can't distinguish between
malicious and legit user js). It also would not prevent
DOM-based or reflected XSS for anons, as the nonce value
is guessable for anons when receiving a response cached
by varnish. However, the limited protection of just stopping
stored XSS where the attacker only has control of attributes,
is still a big win in my opinion. (But it wouldn't prevent
someone who has that type of xss from abusing things like
data-ooui attribute).
This will likely break many gadgets. Its expected that any
sort of rollout on Wikimedia will be done very slowly, with
lots of testing and the report-only option to begin with.
This is behind feature flags that are off by default, so
merging this patch should not cause any change in default
behaviour.
This may break some extensions (The most obvious one
is charinsert (See fe648d41005), but will probably need
some testing in report-only mode to see if anything else breaks)
This uses the unsafe-eval option of CSP, in order to
support RL's local storage thingy. For better security,
we may want to remove some of the sillier uses of eval
(e.g. jquery.ui.datepicker.js).
For more info, see spec: https://www.w3.org/TR/CSP2/
Additionally see:
https://www.mediawiki.org/wiki/Requests_for_comment/Content-Security-Policy
Bug: T135963
Change-Id: I80f6f469ba4c0b608385483457df96ccb7429ae5
2016-02-29 04:13:10 +00:00
|
|
|
public static function makeInlineScript( $script, $nonce = null ) {
|
2015-03-25 04:48:02 +00:00
|
|
|
$js = self::makeLoaderConditionalScript( $script );
|
Initial support for Content Security Policy, disabled by default
The primary goal here is a defense in depth measure to
stop an attacker who found a bug in the parser allowing
them to insert malicious attributes.
This wouldn't stop someone who could insert a full
script tag (since at current it can't distinguish between
malicious and legit user js). It also would not prevent
DOM-based or reflected XSS for anons, as the nonce value
is guessable for anons when receiving a response cached
by varnish. However, the limited protection of just stopping
stored XSS where the attacker only has control of attributes,
is still a big win in my opinion. (But it wouldn't prevent
someone who has that type of xss from abusing things like
data-ooui attribute).
This will likely break many gadgets. Its expected that any
sort of rollout on Wikimedia will be done very slowly, with
lots of testing and the report-only option to begin with.
This is behind feature flags that are off by default, so
merging this patch should not cause any change in default
behaviour.
This may break some extensions (The most obvious one
is charinsert (See fe648d41005), but will probably need
some testing in report-only mode to see if anything else breaks)
This uses the unsafe-eval option of CSP, in order to
support RL's local storage thingy. For better security,
we may want to remove some of the sillier uses of eval
(e.g. jquery.ui.datepicker.js).
For more info, see spec: https://www.w3.org/TR/CSP2/
Additionally see:
https://www.mediawiki.org/wiki/Requests_for_comment/Content-Security-Policy
Bug: T135963
Change-Id: I80f6f469ba4c0b608385483457df96ccb7429ae5
2016-02-29 04:13:10 +00:00
|
|
|
$escNonce = '';
|
|
|
|
|
if ( $nonce === null ) {
|
|
|
|
|
wfWarn( __METHOD__ . " did not get nonce. Will break CSP" );
|
|
|
|
|
} elseif ( $nonce !== false ) {
|
|
|
|
|
// If it was false, CSP is disabled, so no nonce attribute.
|
|
|
|
|
// Nonce should be only base64 characters, so should be safe,
|
|
|
|
|
// but better to be safely escaped than sorry.
|
|
|
|
|
$escNonce = ' nonce="' . htmlspecialchars( $nonce ) . '"';
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-31 00:13:04 +00:00
|
|
|
return new WrappedString(
|
Initial support for Content Security Policy, disabled by default
The primary goal here is a defense in depth measure to
stop an attacker who found a bug in the parser allowing
them to insert malicious attributes.
This wouldn't stop someone who could insert a full
script tag (since at current it can't distinguish between
malicious and legit user js). It also would not prevent
DOM-based or reflected XSS for anons, as the nonce value
is guessable for anons when receiving a response cached
by varnish. However, the limited protection of just stopping
stored XSS where the attacker only has control of attributes,
is still a big win in my opinion. (But it wouldn't prevent
someone who has that type of xss from abusing things like
data-ooui attribute).
This will likely break many gadgets. Its expected that any
sort of rollout on Wikimedia will be done very slowly, with
lots of testing and the report-only option to begin with.
This is behind feature flags that are off by default, so
merging this patch should not cause any change in default
behaviour.
This may break some extensions (The most obvious one
is charinsert (See fe648d41005), but will probably need
some testing in report-only mode to see if anything else breaks)
This uses the unsafe-eval option of CSP, in order to
support RL's local storage thingy. For better security,
we may want to remove some of the sillier uses of eval
(e.g. jquery.ui.datepicker.js).
For more info, see spec: https://www.w3.org/TR/CSP2/
Additionally see:
https://www.mediawiki.org/wiki/Requests_for_comment/Content-Security-Policy
Bug: T135963
Change-Id: I80f6f469ba4c0b608385483457df96ccb7429ae5
2016-02-29 04:13:10 +00:00
|
|
|
Html::inlineScript( $js, $nonce ),
|
2019-04-14 01:15:55 +00:00
|
|
|
"<script$escNonce>(RLQ=window.RLQ||[]).push(function(){",
|
2016-02-18 16:33:15 +00:00
|
|
|
'});</script>'
|
2015-07-31 00:13:04 +00:00
|
|
|
);
|
2015-03-25 04:48:02 +00:00
|
|
|
}
|
|
|
|
|
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Return JS code which will set the MediaWiki configuration array to
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
* the given value.
|
|
|
|
|
*
|
2013-03-11 17:15:01 +00:00
|
|
|
* @param array $configuration List of configuration values keyed by variable name
|
2017-06-08 13:11:13 +00:00
|
|
|
* @return string JavaScript code
|
2018-10-09 20:43:56 +00:00
|
|
|
* @throws Exception
|
* Introduced Xml::encodeJsCall(), to replace the awkward repetitive code that was doing the same thing throughout the resource loader with varying degrees of security and correctness.
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
2010-11-04 07:53:37 +00:00
|
|
|
*/
|
2016-11-08 21:03:21 +00:00
|
|
|
public static function makeConfigSetScript( array $configuration ) {
|
2019-09-10 06:07:57 +00:00
|
|
|
$json = self::encodeJsonForScript( $configuration );
|
|
|
|
|
if ( $json === false ) {
|
2018-11-07 23:04:50 +00:00
|
|
|
$e = new Exception(
|
2018-10-09 20:43:56 +00:00
|
|
|
'JSON serialization of config data failed. ' .
|
|
|
|
|
'This usually means the config data is not valid UTF-8.'
|
|
|
|
|
);
|
2018-11-07 23:04:50 +00:00
|
|
|
MWExceptionHandler::logException( $e );
|
2019-09-10 06:07:57 +00:00
|
|
|
return 'mw.log.error(' . self::encodeJsonForScript( $e->__toString() ) . ');';
|
2018-10-09 20:43:56 +00:00
|
|
|
}
|
2019-09-10 06:07:57 +00:00
|
|
|
return "mw.config.set($json);";
|
2010-09-24 22:10:25 +00:00
|
|
|
}
|
2011-05-21 17:45:20 +00:00
|
|
|
|
2011-05-05 13:46:47 +00:00
|
|
|
/**
|
|
|
|
|
* Convert an array of module names to a packed query string.
|
2011-06-17 16:05:05 +00:00
|
|
|
*
|
2018-03-01 00:23:02 +00:00
|
|
|
* For example, `[ 'foo.bar', 'foo.baz', 'bar.baz', 'bar.quux' ]`
|
|
|
|
|
* becomes `'foo.bar,baz|bar.baz,quux'`.
|
|
|
|
|
*
|
2019-04-11 20:28:53 +00:00
|
|
|
* This process is reversed by ResourceLoader::expandModuleNames().
|
2018-03-01 00:23:02 +00:00
|
|
|
* See also mw.loader#buildModulesString() which is a port of this, used
|
|
|
|
|
* on the client-side.
|
|
|
|
|
*
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param string[] $modules List of module names (strings)
|
2011-05-05 13:46:47 +00:00
|
|
|
* @return string Packed query string
|
|
|
|
|
*/
|
2019-10-05 07:38:41 +00:00
|
|
|
public static function makePackedModulesString( array $modules ) {
|
2018-03-01 00:23:02 +00:00
|
|
|
$moduleMap = []; // [ prefix => [ suffixes ] ]
|
2011-05-05 13:46:47 +00:00
|
|
|
foreach ( $modules as $module ) {
|
|
|
|
|
$pos = strrpos( $module, '.' );
|
|
|
|
|
$prefix = $pos === false ? '' : substr( $module, 0, $pos );
|
|
|
|
|
$suffix = $pos === false ? $module : substr( $module, $pos + 1 );
|
2018-03-01 00:23:02 +00:00
|
|
|
$moduleMap[$prefix][] = $suffix;
|
2011-05-05 13:46:47 +00:00
|
|
|
}
|
2011-05-21 17:45:20 +00:00
|
|
|
|
2016-02-17 09:09:32 +00:00
|
|
|
$arr = [];
|
2018-03-01 00:23:02 +00:00
|
|
|
foreach ( $moduleMap as $prefix => $suffixes ) {
|
2011-05-05 13:46:47 +00:00
|
|
|
$p = $prefix === '' ? '' : $prefix . '.';
|
|
|
|
|
$arr[] = $p . implode( ',', $suffixes );
|
|
|
|
|
}
|
2018-03-01 00:23:02 +00:00
|
|
|
return implode( '|', $arr );
|
2011-05-05 13:46:47 +00:00
|
|
|
}
|
2011-05-21 17:45:20 +00:00
|
|
|
|
2019-04-11 20:28:53 +00:00
|
|
|
/**
|
|
|
|
|
* Expand a string of the form `jquery.foo,bar|jquery.ui.baz,quux` to
|
|
|
|
|
* an array of module names like `[ 'jquery.foo', 'jquery.bar',
|
|
|
|
|
* 'jquery.ui.baz', 'jquery.ui.quux' ]`.
|
|
|
|
|
*
|
|
|
|
|
* This process is reversed by ResourceLoader::makePackedModulesString().
|
|
|
|
|
*
|
|
|
|
|
* @since 1.33
|
|
|
|
|
* @param string $modules Packed module name list
|
2020-02-21 00:26:07 +00:00
|
|
|
* @return string[] Array of module names
|
2019-04-11 20:28:53 +00:00
|
|
|
*/
|
|
|
|
|
public static function expandModuleNames( $modules ) {
|
|
|
|
|
$retval = [];
|
|
|
|
|
$exploded = explode( '|', $modules );
|
|
|
|
|
foreach ( $exploded as $group ) {
|
|
|
|
|
if ( strpos( $group, ',' ) === false ) {
|
|
|
|
|
// This is not a set of modules in foo.bar,baz notation
|
|
|
|
|
// but a single module
|
|
|
|
|
$retval[] = $group;
|
|
|
|
|
} else {
|
|
|
|
|
// This is a set of modules in foo.bar,baz notation
|
|
|
|
|
$pos = strrpos( $group, '.' );
|
|
|
|
|
if ( $pos === false ) {
|
|
|
|
|
// Prefixless modules, i.e. without dots
|
|
|
|
|
$retval = array_merge( $retval, explode( ',', $group ) );
|
|
|
|
|
} else {
|
|
|
|
|
// We have a prefix and a bunch of suffixes
|
|
|
|
|
$prefix = substr( $group, 0, $pos ); // 'foo'
|
|
|
|
|
$suffixes = explode( ',', substr( $group, $pos + 1 ) ); // [ 'bar', 'baz' ]
|
|
|
|
|
foreach ( $suffixes as $suffix ) {
|
|
|
|
|
$retval[] = "$prefix.$suffix";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $retval;
|
|
|
|
|
}
|
|
|
|
|
|
2010-11-05 20:36:13 +00:00
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Determine whether debug mode is on.
|
|
|
|
|
*
|
|
|
|
|
* Order of priority is:
|
|
|
|
|
* - 1) Request parameter,
|
|
|
|
|
* - 2) Cookie,
|
|
|
|
|
* - 3) Site configuration.
|
|
|
|
|
*
|
2020-05-22 02:01:42 +00:00
|
|
|
* @return int
|
2010-11-05 20:36:13 +00:00
|
|
|
*/
|
|
|
|
|
public static function inDebugMode() {
|
2014-04-30 21:06:51 +00:00
|
|
|
if ( self::$debugMode === null ) {
|
|
|
|
|
global $wgRequest, $wgResourceLoaderDebug;
|
2020-05-22 02:01:42 +00:00
|
|
|
$str = $wgRequest->getRawVal( 'debug',
|
|
|
|
|
$wgRequest->getCookie( 'resourceLoaderDebug', '', $wgResourceLoaderDebug ? 'true' : '' )
|
2014-04-30 21:06:51 +00:00
|
|
|
);
|
2020-05-22 02:01:42 +00:00
|
|
|
self::$debugMode = ResourceLoaderContext::debugFromString( $str );
|
2011-05-21 17:45:20 +00:00
|
|
|
}
|
2014-04-30 21:06:51 +00:00
|
|
|
return self::$debugMode;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Reset static members used for caching.
|
|
|
|
|
*
|
|
|
|
|
* Global state and $wgRequest are evil, but we're using it right
|
|
|
|
|
* now and sometimes we need to be able to force ResourceLoader to
|
|
|
|
|
* re-evaluate the context because it has changed (e.g. in the test suite).
|
2018-09-22 16:45:18 +00:00
|
|
|
*
|
|
|
|
|
* @internal For use by unit tests
|
|
|
|
|
* @codeCoverageIgnore
|
2014-04-30 21:06:51 +00:00
|
|
|
*/
|
|
|
|
|
public static function clearCache() {
|
|
|
|
|
self::$debugMode = null;
|
2010-11-05 20:36:13 +00:00
|
|
|
}
|
2011-09-13 20:36:24 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Build a load.php URL
|
2014-06-28 02:57:40 +00:00
|
|
|
*
|
|
|
|
|
* @since 1.24
|
2014-07-24 17:43:25 +00:00
|
|
|
* @param string $source Name of the ResourceLoader source
|
2014-06-28 02:57:40 +00:00
|
|
|
* @param ResourceLoaderContext $context
|
|
|
|
|
* @param array $extraQuery
|
2015-07-31 02:07:43 +00:00
|
|
|
* @return string URL to load.php. May be protocol-relative if $wgLoadScript is, too.
|
2014-06-28 02:57:40 +00:00
|
|
|
*/
|
|
|
|
|
public function createLoaderURL( $source, ResourceLoaderContext $context,
|
2019-10-05 07:38:41 +00:00
|
|
|
array $extraQuery = []
|
2014-06-28 02:57:40 +00:00
|
|
|
) {
|
|
|
|
|
$query = self::createLoaderQuery( $context, $extraQuery );
|
|
|
|
|
$script = $this->getLoadScript( $source );
|
|
|
|
|
|
2015-09-15 20:21:04 +00:00
|
|
|
return wfAppendQuery( $script, $query );
|
2014-06-28 02:57:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Helper for createLoaderURL()
|
|
|
|
|
*
|
|
|
|
|
* @since 1.24
|
|
|
|
|
* @see makeLoaderQuery
|
|
|
|
|
* @param ResourceLoaderContext $context
|
|
|
|
|
* @param array $extraQuery
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
2019-10-05 07:38:41 +00:00
|
|
|
protected static function createLoaderQuery(
|
|
|
|
|
ResourceLoaderContext $context, array $extraQuery = []
|
|
|
|
|
) {
|
2014-06-28 02:57:40 +00:00
|
|
|
return self::makeLoaderQuery(
|
|
|
|
|
$context->getModules(),
|
|
|
|
|
$context->getLanguage(),
|
|
|
|
|
$context->getSkin(),
|
|
|
|
|
$context->getUser(),
|
|
|
|
|
$context->getVersion(),
|
|
|
|
|
$context->getDebug(),
|
|
|
|
|
$context->getOnly(),
|
|
|
|
|
$context->getRequest()->getBool( 'printable' ),
|
|
|
|
|
$context->getRequest()->getBool( 'handheld' ),
|
|
|
|
|
$extraQuery
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-13 20:36:24 +00:00
|
|
|
/**
|
|
|
|
|
* Build a query array (array representation of query string) for load.php. Helper
|
2016-07-20 19:43:54 +00:00
|
|
|
* function for createLoaderURL().
|
2013-07-01 18:01:11 +00:00
|
|
|
*
|
2020-02-21 00:26:07 +00:00
|
|
|
* @param string[] $modules
|
2013-07-01 18:01:11 +00:00
|
|
|
* @param string $lang
|
|
|
|
|
* @param string $skin
|
2018-06-26 21:14:43 +00:00
|
|
|
* @param string|null $user
|
|
|
|
|
* @param string|null $version
|
2020-05-22 02:01:42 +00:00
|
|
|
* @param int $debug
|
2018-06-26 21:14:43 +00:00
|
|
|
* @param string|null $only
|
2013-07-01 18:01:11 +00:00
|
|
|
* @param bool $printable
|
|
|
|
|
* @param bool $handheld
|
|
|
|
|
* @param array $extraQuery
|
2011-09-13 20:36:24 +00:00
|
|
|
* @return array
|
|
|
|
|
*/
|
2019-10-05 07:38:41 +00:00
|
|
|
public static function makeLoaderQuery( array $modules, $lang, $skin, $user = null,
|
2020-05-22 02:01:42 +00:00
|
|
|
$version = null, $debug = ResourceLoaderContext::DEBUG_OFF, $only = null,
|
|
|
|
|
$printable = false, $handheld = false, array $extraQuery = []
|
2014-05-10 08:39:37 +00:00
|
|
|
) {
|
2016-02-17 09:09:32 +00:00
|
|
|
$query = [
|
2011-09-13 20:36:24 +00:00
|
|
|
'modules' => self::makePackedModulesString( $modules ),
|
2016-02-17 09:09:32 +00:00
|
|
|
];
|
2019-06-10 17:38:05 +00:00
|
|
|
// Keep urls short by omitting query parameters that
|
|
|
|
|
// match the defaults assumed by ResourceLoaderContext.
|
|
|
|
|
// Note: This relies on the defaults either being insignificant or forever constant,
|
|
|
|
|
// as otherwise cached urls could change in meaning when the defaults change.
|
2019-06-16 20:30:15 +00:00
|
|
|
if ( $lang !== ResourceLoaderContext::DEFAULT_LANG ) {
|
2019-06-10 17:38:05 +00:00
|
|
|
$query['lang'] = $lang;
|
|
|
|
|
}
|
2019-06-16 20:30:15 +00:00
|
|
|
if ( $skin !== ResourceLoaderContext::DEFAULT_SKIN ) {
|
2019-06-10 17:38:05 +00:00
|
|
|
$query['skin'] = $skin;
|
|
|
|
|
}
|
2020-05-22 02:01:42 +00:00
|
|
|
if ( $debug !== ResourceLoaderContext::DEBUG_OFF ) {
|
|
|
|
|
$query['debug'] = strval( $debug );
|
2019-03-08 20:37:12 +00:00
|
|
|
}
|
2011-09-13 20:36:24 +00:00
|
|
|
if ( $user !== null ) {
|
|
|
|
|
$query['user'] = $user;
|
|
|
|
|
}
|
|
|
|
|
if ( $version !== null ) {
|
|
|
|
|
$query['version'] = $version;
|
|
|
|
|
}
|
|
|
|
|
if ( $only !== null ) {
|
|
|
|
|
$query['only'] = $only;
|
|
|
|
|
}
|
|
|
|
|
if ( $printable ) {
|
|
|
|
|
$query['printable'] = 1;
|
|
|
|
|
}
|
|
|
|
|
if ( $handheld ) {
|
|
|
|
|
$query['handheld'] = 1;
|
|
|
|
|
}
|
|
|
|
|
$query += $extraQuery;
|
2011-10-14 08:06:54 +00:00
|
|
|
|
2011-09-13 20:36:24 +00:00
|
|
|
// Make queries uniform in order
|
|
|
|
|
ksort( $query );
|
|
|
|
|
return $query;
|
|
|
|
|
}
|
2012-05-09 21:10:33 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check a module name for validity.
|
|
|
|
|
*
|
|
|
|
|
* Module names may not contain pipes (|), commas (,) or exclamation marks (!) and can be
|
|
|
|
|
* at most 255 bytes.
|
|
|
|
|
*
|
2013-03-11 17:15:01 +00:00
|
|
|
* @param string $moduleName Module name to check
|
2012-05-09 21:10:33 +00:00
|
|
|
* @return bool Whether $moduleName is a valid module name
|
|
|
|
|
*/
|
|
|
|
|
public static function isValidModuleName( $moduleName ) {
|
2020-10-03 15:09:40 +00:00
|
|
|
$len = strlen( $moduleName );
|
|
|
|
|
return $len <= 255 && strcspn( $moduleName, '!,|', 0, $len ) === $len;
|
2012-05-09 21:10:33 +00:00
|
|
|
}
|
2013-09-28 07:40:03 +00:00
|
|
|
|
|
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Return a LESS compiler that is set up for use with MediaWiki.
|
2013-09-28 07:40:03 +00:00
|
|
|
*
|
2016-01-08 22:09:36 +00:00
|
|
|
* @since 1.27
|
2018-04-10 22:35:49 +00:00
|
|
|
* @param array $vars Associative array of variables that should be used
|
|
|
|
|
* for compilation. Since 1.32, this method no longer automatically includes
|
|
|
|
|
* global LESS vars from ResourceLoader::getLessVars (T191937).
|
2018-05-20 18:32:57 +00:00
|
|
|
* @param array $importDirs Additional directories to look in for @import (since 1.36)
|
2014-08-07 10:25:56 +00:00
|
|
|
* @throws MWException
|
2015-09-10 22:22:13 +00:00
|
|
|
* @return Less_Parser
|
2013-09-28 07:40:03 +00:00
|
|
|
*/
|
2018-05-20 18:32:57 +00:00
|
|
|
public function getLessCompiler( array $vars = [], array $importDirs = [] ) {
|
2018-05-19 18:37:21 +00:00
|
|
|
global $IP;
|
2013-10-14 01:34:58 +00:00
|
|
|
// When called from the installer, it is possible that a required PHP extension
|
2017-02-20 22:44:19 +00:00
|
|
|
// is missing (at least for now; see T49564). If this is the case, throw an
|
2013-10-14 01:34:58 +00:00
|
|
|
// exception (caught by the installer) to prevent a fatal error later on.
|
2021-04-08 19:17:42 +00:00
|
|
|
if ( !class_exists( Less_Parser::class ) ) {
|
2015-09-10 22:22:13 +00:00
|
|
|
throw new MWException( 'MediaWiki requires the less.php parser' );
|
2013-10-14 01:34:58 +00:00
|
|
|
}
|
|
|
|
|
|
2018-05-20 18:32:57 +00:00
|
|
|
$importDirs[] = "$IP/resources/src/mediawiki.less";
|
|
|
|
|
|
2015-09-10 22:22:13 +00:00
|
|
|
$parser = new Less_Parser;
|
2018-04-10 22:35:49 +00:00
|
|
|
$parser->ModifyVars( $vars );
|
2018-05-20 18:32:57 +00:00
|
|
|
// SetImportDirs expects an array like [ 'path1' => '', 'path2' => '' ]
|
|
|
|
|
$parser->SetImportDirs( array_fill_keys( $importDirs, '' ) );
|
2015-09-10 22:22:13 +00:00
|
|
|
$parser->SetOption( 'relativeUrls', false );
|
|
|
|
|
|
|
|
|
|
return $parser;
|
2013-09-28 07:40:03 +00:00
|
|
|
}
|
2020-02-06 20:24:56 +00:00
|
|
|
|
|
|
|
|
/**
|
2020-02-21 00:26:07 +00:00
|
|
|
* Get site configuration settings to expose to JavaScript on all pages via `mw.config`.
|
|
|
|
|
*
|
2020-02-06 20:24:56 +00:00
|
|
|
* @internal Exposed for use from Resources.php
|
|
|
|
|
* @param ResourceLoaderContext $context
|
|
|
|
|
* @param Config $conf
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
public static function getSiteConfigSettings(
|
|
|
|
|
ResourceLoaderContext $context, Config $conf
|
2021-07-22 03:11:47 +00:00
|
|
|
): array {
|
2020-02-21 00:26:07 +00:00
|
|
|
// Namespace related preparation
|
|
|
|
|
// - wgNamespaceIds: Key-value pairs of all localized, canonical and aliases for namespaces.
|
|
|
|
|
// - wgCaseSensitiveNamespaces: Array of namespaces that are case-sensitive.
|
2020-02-06 20:24:56 +00:00
|
|
|
$contLang = MediaWikiServices::getInstance()->getContentLanguage();
|
|
|
|
|
$namespaceIds = $contLang->getNamespaceIds();
|
|
|
|
|
$caseSensitiveNamespaces = [];
|
|
|
|
|
$nsInfo = MediaWikiServices::getInstance()->getNamespaceInfo();
|
|
|
|
|
foreach ( $nsInfo->getCanonicalNamespaces() as $index => $name ) {
|
|
|
|
|
$namespaceIds[$contLang->lc( $name )] = $index;
|
|
|
|
|
if ( !$nsInfo->isCapitalized( $index ) ) {
|
|
|
|
|
$caseSensitiveNamespaces[] = $index;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$illegalFileChars = $conf->get( 'IllegalFileChars' );
|
|
|
|
|
|
|
|
|
|
// Build list of variables
|
|
|
|
|
$skin = $context->getSkin();
|
|
|
|
|
|
|
|
|
|
// Start of supported and stable config vars (for use by extensions/gadgets).
|
|
|
|
|
$vars = [
|
|
|
|
|
'debug' => $context->getDebug(),
|
|
|
|
|
'skin' => $skin,
|
|
|
|
|
'stylepath' => $conf->get( 'StylePath' ),
|
|
|
|
|
'wgArticlePath' => $conf->get( 'ArticlePath' ),
|
|
|
|
|
'wgScriptPath' => $conf->get( 'ScriptPath' ),
|
|
|
|
|
'wgScript' => $conf->get( 'Script' ),
|
|
|
|
|
'wgSearchType' => $conf->get( 'SearchType' ),
|
|
|
|
|
'wgVariantArticlePath' => $conf->get( 'VariantArticlePath' ),
|
|
|
|
|
'wgServer' => $conf->get( 'Server' ),
|
|
|
|
|
'wgServerName' => $conf->get( 'ServerName' ),
|
|
|
|
|
'wgUserLanguage' => $context->getLanguage(),
|
|
|
|
|
'wgContentLanguage' => $contLang->getCode(),
|
2020-02-25 01:33:18 +00:00
|
|
|
'wgVersion' => MW_VERSION,
|
2020-02-06 20:24:56 +00:00
|
|
|
'wgFormattedNamespaces' => $contLang->getFormattedNamespaces(),
|
|
|
|
|
'wgNamespaceIds' => $namespaceIds,
|
|
|
|
|
'wgContentNamespaces' => $nsInfo->getContentNamespaces(),
|
|
|
|
|
'wgSiteName' => $conf->get( 'Sitename' ),
|
|
|
|
|
'wgDBname' => $conf->get( 'DBname' ),
|
2020-03-03 15:59:33 +00:00
|
|
|
'wgWikiID' => WikiMap::getCurrentWikiId(),
|
2020-02-06 20:24:56 +00:00
|
|
|
'wgCaseSensitiveNamespaces' => $caseSensitiveNamespaces,
|
|
|
|
|
'wgCommentByteLimit' => null,
|
|
|
|
|
'wgCommentCodePointLimit' => CommentStore::COMMENT_CHARACTER_LIMIT,
|
|
|
|
|
'wgExtensionAssetsPath' => $conf->get( 'ExtensionAssetsPath' ),
|
|
|
|
|
];
|
|
|
|
|
// End of stable config vars.
|
|
|
|
|
|
|
|
|
|
// Internal variables for use by MediaWiki core and/or ResourceLoader.
|
|
|
|
|
$vars += [
|
|
|
|
|
// @internal For mediawiki.widgets
|
|
|
|
|
'wgUrlProtocols' => wfUrlProtocols(),
|
|
|
|
|
// @internal For mediawiki.page.watch
|
|
|
|
|
// Force object to avoid "empty" associative array from
|
|
|
|
|
// becoming [] instead of {} in JS (T36604)
|
|
|
|
|
'wgActionPaths' => (object)$conf->get( 'ActionPaths' ),
|
|
|
|
|
// @internal For mediawiki.language
|
|
|
|
|
'wgTranslateNumerals' => $conf->get( 'TranslateNumerals' ),
|
|
|
|
|
// @internal For mediawiki.Title
|
|
|
|
|
'wgExtraSignatureNamespaces' => $conf->get( 'ExtraSignatureNamespaces' ),
|
|
|
|
|
// @internal For mediawiki.cookie
|
|
|
|
|
'wgCookiePrefix' => $conf->get( 'CookiePrefix' ),
|
|
|
|
|
'wgCookieDomain' => $conf->get( 'CookieDomain' ),
|
|
|
|
|
'wgCookiePath' => $conf->get( 'CookiePath' ),
|
|
|
|
|
'wgCookieExpiration' => $conf->get( 'CookieExpiration' ),
|
|
|
|
|
// @internal For mediawiki.Title
|
|
|
|
|
'wgLegalTitleChars' => Title::convertByteClassToUnicodeClass( Title::legalChars() ),
|
|
|
|
|
'wgIllegalFileChars' => Title::convertByteClassToUnicodeClass( $illegalFileChars ),
|
|
|
|
|
// @internal For mediawiki.ForeignUpload
|
|
|
|
|
'wgForeignUploadTargets' => $conf->get( 'ForeignUploadTargets' ),
|
|
|
|
|
'wgEnableUploads' => $conf->get( 'EnableUploads' ),
|
|
|
|
|
];
|
|
|
|
|
|
Hooks::run() call site migration
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
|
|
|
Hooks::runner()->onResourceLoaderGetConfigVars( $vars, $skin, $conf );
|
2020-02-06 20:24:56 +00:00
|
|
|
|
|
|
|
|
return $vars;
|
|
|
|
|
}
|
2010-09-17 11:45:49 +00:00
|
|
|
}
|
