Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Introduce entry point classes for media files.

Browse source 
This moves a code out of file scope into classes to make it
testable. The code is left in the same structure as it was before,
global functions have been converted into methods on the new
ThumbnailEntryPoint and Thumbnail404EntryPoint classes.

This test introduces comprehensive phpunit tests covering all functional
code paths in ThumbnailEntryPoint. This is intended to support
refactoring of this code.

Change-Id: I459abc7b11d0ab4ee682a863c9525a945048296f
This commit is contained in:
daniel 2023-10-27 17:21:45 +02:00
parent 5c87a85f23
commit 9638fa314a
14 changed files with 2166 additions and 705 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
autoload.php
View file

@ -1151,6 +1151,8 @@ $wgAutoloadLocalClasses = [
'MediaWiki\\FileBackend\\FSFile\\TempFSFileFactory' => __DIR__ . '/includes/libs/filebackend/fsfile/TempFSFileFactory.php',
'MediaWiki\\FileBackend\\LockManager\\LockManagerGroupFactory' => __DIR__ . '/includes/filebackend/lockmanager/LockManagerGroupFactory.php',
'MediaWiki\\FileRepo\\File\\FileSelectQueryBuilder' => __DIR__ . '/includes/filerepo/file/FileSelectQueryBuilder.php',
'MediaWiki\\FileRepo\\Thumbnail404EntryPoint' => __DIR__ . '/includes/filerepo/Thumbnail404EntryPoint.php',
'MediaWiki\\FileRepo\\ThumbnailEntryPoint' => __DIR__ . '/includes/filerepo/ThumbnailEntryPoint.php',
'MediaWiki\\HTMLForm\\CodexHTMLForm' => __DIR__ . '/includes/htmlform/CodexHTMLForm.php',
'MediaWiki\\HTMLForm\\CollapsibleFieldsetLayout' => __DIR__ . '/includes/htmlform/CollapsibleFieldsetLayout.php',
'MediaWiki\\HTMLForm\\Field\\HTMLApiField' => __DIR__ . '/includes/htmlform/fields/HTMLApiField.php',

3
includes/MediaWikiEntryPoint.php
View file

@ -201,6 +201,7 @@ abstract class MediaWikiEntryPoint {
// Prepare for flushing the output. Will do nothing if it was already called by execute().
$this->prepareForOutput();
} catch ( Throwable $e ) {
$this->status( 500 );
$this->handleTopLevelError( $e );
}
@ -1202,7 +1203,7 @@ abstract class MediaWikiEntryPoint {
* @see HttpStatus
*/
protected function status( int $code ): void {
$this->header( HttpStatus::getHeader( $code ) );
$this->header( HttpStatus::getHeader( $code ), true, $code );
}
/**

3
includes/Output/StreamFile.php
View file

@ -79,6 +79,9 @@ class StreamFile {
* @return null|string
*/
public static function contentTypeFromPath( $filename, $safe = true ) {
// NOTE: TrivialMimeDetection is forced by ThumbnailEntryPoint. When this
// code is moved to a non-static method in a service object, we can no
// longer rely on that.
$trivialMimeDetection = MediaWikiServices::getInstance()->getMainConfig()
->get( MainConfigNames::TrivialMimeDetection );

2
includes/Request/FauxResponse.php
View file

@ -62,7 +62,7 @@ class FauxResponse extends WebResponse {
}
}
if ( $http_response_code !== null ) {
if ( $http_response_code ) {
$this->code = intval( $http_response_code );
}
}

112
includes/filerepo/Thumbnail404EntryPoint.php Normal file
View file

@ -0,0 +1,112 @@
<?php
/**
* Entry point implementation for automatically generating missing media thumbnails
* on the fly.
*
* @see \MediaWiki\FileRepo\ThumbnailEntryPoint
* @see /thumb.php The web entry point.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @file
* @ingroup entrypoint
* @ingroup Media
*/
namespace MediaWiki\FileRepo;
use MediaWiki\MainConfigNames;
class Thumbnail404EntryPoint extends ThumbnailEntryPoint {
protected function handleRequest() {
$thumbPath = $this->getConfig( MainConfigNames::ThumbPath );
if ( $thumbPath ) {
$relPath = $this->getRequestPathSuffix( $thumbPath );
} else {
// Determine the request path relative to the thumbnail zone base
$repo = $this->getServiceContainer()->getRepoGroup()->getLocalRepo();
$baseUrl = $repo->getZoneUrl( 'thumb' );
if ( substr( $baseUrl, 0, 1 ) === '/' ) {
$basePath = $baseUrl;
} else {
$basePath = parse_url( $baseUrl, PHP_URL_PATH );
}
$relPath = $this->getRequestPathSuffix( "$basePath" );
}
$params = $this->extractThumbRequestInfo( $relPath ); // basic wiki URL param extracting
if ( $params == null ) {
$this->thumbError( 400, 'The specified thumbnail parameters are not recognized.' );
return;
}
$this->streamThumb( $params ); // stream the thumbnail
}
/**
* Convert pathinfo type parameter, into normal request parameters
*
* So for example, if the request was redirected from
* /w/images/thumb/a/ab/Foo.png/120px-Foo.png. The $thumbRel parameter
* of this function would be set to "a/ab/Foo.png/120px-Foo.png".
* This method is responsible for turning that into an array
* with the following keys:
* * f => the filename (Foo.png)
* * rel404 => the whole thing (a/ab/Foo.png/120px-Foo.png)
* * archived => 1 (If the request is for an archived thumb)
* * temp => 1 (If the file is in the "temporary" zone)
* * thumbName => the thumbnail name, including parameters (120px-Foo.png)
*
* Transform specific parameters are set later via extractThumbParams().
*
* @param string $thumbRel Thumbnail path relative to the thumb zone
*
* @return array|null Associative params array or null
*/
protected function extractThumbRequestInfo( $thumbRel ) {
$repo = $this->getServiceContainer()->getRepoGroup()->getLocalRepo();
$hashDirReg = $subdirReg = '';
$hashLevels = $repo->getHashLevels();
for ( $i = 0; $i < $hashLevels; $i++ ) {
$subdirReg .= '[0-9a-f]';
$hashDirReg .= "$subdirReg/";
}
// Check if this is a thumbnail of an original in the local file repo
if ( preg_match( "!^((archive/)?$hashDirReg([^/]*)/([^/]*))$!", $thumbRel, $m ) ) {
[ /*all*/, $rel, $archOrTemp, $filename, $thumbname ] = $m;
// Check if this is a thumbnail of a temp file in the local file repo
} elseif ( preg_match( "!^(temp/)($hashDirReg([^/]*)/([^/]*))$!", $thumbRel, $m ) ) {
[ /*all*/, $archOrTemp, $rel, $filename, $thumbname ] = $m;
} else {
return null; // not a valid looking thumbnail request
}
$params = [ 'f' => $filename, 'rel404' => $rel ];
if ( $archOrTemp === 'archive/' ) {
$params['archived'] = 1;
} elseif ( $archOrTemp === 'temp/' ) {
$params['temp'] = 1;
}
$params['thumbName'] = $thumbname;
return $params;
}
}

680
includes/filerepo/ThumbnailEntryPoint.php Normal file
View file

@ -0,0 +1,680 @@
<?php
/**
* Entry point implementation for retrieving media thumbnails, created by a MediaHandler
* subclass or proxy request if FileRepo::getThumbProxyUrl is configured.
*
* This also supports resizing an image on-demand, if it isn't found in the
* configured FileBackend storage.
*
* @see /thumb.php The web entry point.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @file
* @ingroup entrypoint
* @ingroup Media
*/
namespace MediaWiki\FileRepo;
use Exception;
use File;
use InvalidArgumentException;
use MediaTransformInvalidParametersException;
use MediaTransformOutput;
use MediaWiki\Logger\LoggerFactory;
use MediaWiki\MainConfigNames;
use MediaWiki\MediaWikiEntryPoint;
use MediaWiki\MediaWikiServices;
use MediaWiki\Permissions\PermissionStatus;
use MediaWiki\PoolCounter\PoolCounterWorkViaCallback;
use MediaWiki\Profiler\ProfilingContext;
use MediaWiki\Request\HeaderCallback;
use MediaWiki\Status\Status;
use MediaWiki\Title\Title;
use MessageSpecifier;
use MWException;
use ObjectCache;
use UnregisteredLocalFile;
use Wikimedia\AtEase\AtEase;
class ThumbnailEntryPoint extends MediaWikiEntryPoint {
/**
* Main entry point
*/
public function execute() {
global $wgTrivialMimeDetection;
ProfilingContext::singleton()->init(
MW_ENTRY_POINT,
'stream'
);
// Don't use fancy MIME detection, just check the file extension for jpg/gif/png.
// NOTE: This only works as long as to StreamFile::contentTypeFromPath
// get this setting from global state. When StreamFile gets refactored,
// we need to find a better way.
$wgTrivialMimeDetection = true;
$this->handleRequest();
}
protected function doPrepareForOutput() {
// No-op.
// Do not call parent::doPrepareForOutput() to avoid
// commitMainTransaction() getting called.
}
protected function handleRequest() {
$this->streamThumb( $this->getRequest()->getQueryValuesOnly() );
}
/**
* Stream a thumbnail specified by parameters
*
* @param array $params List of thumbnailing parameters. In addition to parameters
* passed to the MediaHandler, this may also includes the keys:
* f (for filename), archived (if archived file), temp (if temp file),
* w (alias for width), p (alias for page), r (ignored; historical),
* rel404 (path for render on 404 to verify hash path correct),
* thumbName (thumbnail name to potentially extract more parameters from
* e.g. 'lossy-page1-120px-Foo.tiff' would add page, lossy and width
* to the parameters)
* @return void
*/
protected function streamThumb( array $params ) {
$varyOnXFP = $this->getConfig( MainConfigNames::VaryOnXFP );
$headers = []; // HTTP headers to send
$fileName = $params['f'] ?? '';
// Backwards compatibility parameters
if ( isset( $params['w'] ) ) {
$params['width'] = $params['w'];
unset( $params['w'] );
}
if ( isset( $params['width'] ) && substr( $params['width'], -2 ) == 'px' ) {
// strip the px (pixel) suffix, if found
$params['width'] = substr( $params['width'], 0, -2 );
}
if ( isset( $params['p'] ) ) {
$params['page'] = $params['p'];
}
// Is this a thumb of an archived file?
$isOld = ( isset( $params['archived'] ) && $params['archived'] );
unset( $params['archived'] ); // handlers don't care
// Is this a thumb of a temp file?
$isTemp = ( isset( $params['temp'] ) && $params['temp'] );
unset( $params['temp'] ); // handlers don't care
$services = MediaWikiServices::getInstance();
// Some basic input validation
$fileName = strtr( $fileName, '\\/', '__' );
$localRepo = $services->getRepoGroup()->getLocalRepo();
$archiveTimestamp = null;
// Actually fetch the image. Method depends on whether it is archived or not.
if ( $isTemp ) {
$repo = $localRepo->getTempRepo();
$img = new UnregisteredLocalFile( false, $repo,
# Temp files are hashed based on the name without the timestamp.
# The thumbnails will be hashed based on the entire name however.
# @todo fix this convention to actually be reasonable.
$repo->getZonePath( 'public' ) . '/' . $repo->getTempHashPath( $fileName ) . $fileName
);
} elseif ( $isOld ) {
// Format is <timestamp>!<name>
$bits = explode( '!', $fileName, 2 );
if ( count( $bits ) != 2 ) {
$this->thumbError( 404, $this->getContext()->msg( 'badtitletext' )->parse() );
return;
}
$archiveTimestamp = $bits[0];
$title = Title::makeTitleSafe( NS_FILE, $bits[1] );
if ( !$title ) {
$this->thumbError( 404, $this->getContext()->msg( 'badtitletext' )->parse() );
return;
}
$img = $localRepo->newFromArchiveName( $title, $fileName );
} else {
$img = $localRepo->newFile( $fileName );
}
// Check the source file title
if ( !$img ) {
$this->thumbError( 404, $this->getContext()->msg( 'badtitletext' )->parse() );
return;
}
// Check permissions if there are read restrictions
$varyHeader = [];
if ( !$services->getGroupPermissionsLookup()->groupHasPermission( '*', 'read' ) ) {
$authority = $this->getContext()->getAuthority();
$imgTitle = $img->getTitle();
if ( !$imgTitle || !$authority->authorizeRead( 'read', $imgTitle ) ) {
$this->thumbErrorText( 403, 'Access denied. You do not have permission to access ' .
'the source file.' );
return;
}
$headers[] = 'Cache-Control: private';
$varyHeader[] = 'Cookie';
}
// Check if the file is hidden
if ( $img->isDeleted( File::DELETED_FILE ) ) {
$this->thumbErrorText( 404, "The source file '$fileName' does not exist." );
return;
}
// Do rendering parameters extraction from thumbnail name.
if ( isset( $params['thumbName'] ) ) {
$params = $this->extractThumbParams( $img, $params );
}
if ( $params == null ) {
$this->thumbErrorText( 400, 'The specified thumbnail parameters are not recognized.' );
return;
}
// Check the source file storage path
if ( !$img->exists() ) {
$redirectedLocation = false;
if ( !$isTemp ) {
// Check for file redirect
// Since redirects are associated with pages, not versions of files,
// we look for the most current version to see if its a redirect.
$possRedirFile = $localRepo->findFile( $img->getName() );
if ( $possRedirFile && $possRedirFile->getRedirected() !== null ) {
$redirTarget = $possRedirFile->getName();
$targetFile = $localRepo->newFile( Title::makeTitleSafe( NS_FILE, $redirTarget ) );
if ( $targetFile->exists() ) {
$newThumbName = $targetFile->thumbName( $params );
if ( $isOld ) {
$newThumbUrl = $targetFile->getArchiveThumbUrl(
$archiveTimestamp . '!' . $targetFile->getName(), $newThumbName );
} else {
$newThumbUrl = $targetFile->getThumbUrl( $newThumbName );
}
$redirectedLocation = wfExpandUrl( $newThumbUrl, PROTO_CURRENT );
}
}
}
if ( $redirectedLocation ) {
// File has been moved. Give redirect.
$response = $this->getResponse();
$response->statusHeader( 302 );
$response->header( 'Location: ' . $redirectedLocation );
$response->header( 'Expires: ' .
gmdate( 'D, d M Y H:i:s', time() + 12 * 3600 ) . ' GMT' );
if ( $varyOnXFP ) {
$varyHeader[] = 'X-Forwarded-Proto';
}
if ( count( $varyHeader ) ) {
$response->header( 'Vary: ' . implode( ', ', $varyHeader ) );
}
$response->header( 'Content-Length: 0' );
return;
}
// If it's not a redirect that has a target as a local file, give 404.
$this->thumbErrorText( 404, "The source file '$fileName' does not exist." );
return;
} elseif ( $img->getPath() === false ) {
$this->thumbErrorText( 400, "The source file '$fileName' is not locally accessible." );
return;
}
// Check IMS against the source file
// This means that clients can keep a cached copy even after it has been deleted on the server
if ( $this->getServerInfo( 'HTTP_IF_MODIFIED_SINCE', '' ) !== '' ) {
// Fix IE brokenness
$imsString = preg_replace(
'/;.*$/',
'',
$this->getServerInfo( 'HTTP_IF_MODIFIED_SINCE' ) ?? ''
);
// Calculate time
AtEase::suppressWarnings();
$imsUnix = strtotime( $imsString );
AtEase::restoreWarnings();
if ( wfTimestamp( TS_UNIX, $img->getTimestamp() ) <= $imsUnix ) {
$this->status( 304 );
return;
}
}
$rel404 = $params['rel404'] ?? null;
unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER
unset( $params['f'] ); // We're done with 'f' parameter.
unset( $params['rel404'] ); // moved to $rel404
// Get the normalized thumbnail name from the parameters...
try {
$thumbName = $img->thumbName( $params );
if ( !strlen( $thumbName ?? '' ) ) { // invalid params?
throw new MediaTransformInvalidParametersException(
'Empty return from File::thumbName'
);
}
$thumbName2 = $img->thumbName( $params, File::THUMB_FULL_NAME ); // b/c; "long" style
} catch ( MediaTransformInvalidParametersException $e ) {
$this->thumbErrorText(
400,
'The specified thumbnail parameters are not valid: ' . $e->getMessage()
);
return;
} catch ( MWException $e ) {
$this->thumbError( 500, $e->getHTML(), 'Exception caught while extracting thumb name',
[ 'exception' => $e ] );
return;
}
// For 404 handled thumbnails, we only use the base name of the URI
// for the thumb params and the parent directory for the source file name.
// Check that the zone relative path matches up so CDN caches won't pick
// up thumbs that would not be purged on source file deletion (T36231).
if ( $rel404 !== null ) { // thumbnail was handled via 404
if ( rawurldecode( $rel404 ) === $img->getThumbRel( $thumbName ) ) {
// Request for the canonical thumbnail name
} elseif ( rawurldecode( $rel404 ) === $img->getThumbRel( $thumbName2 ) ) {
// Request for the "long" thumbnail name; redirect to canonical name
$this->status( 301 );
$this->header( 'Location: ' .
wfExpandUrl( $img->getThumbUrl( $thumbName ), PROTO_CURRENT ) );
$this->header( 'Expires: ' .
gmdate( 'D, d M Y H:i:s', time() + 7 * 86400 ) . ' GMT' );
if ( $varyOnXFP ) {
$varyHeader[] = 'X-Forwarded-Proto';
}
if ( count( $varyHeader ) ) {
$this->header( 'Vary: ' . implode( ', ', $varyHeader ) );
}
return;
} else {
$this->thumbErrorText( 404, "The given path of the specified thumbnail is incorrect;
expected '" . $img->getThumbRel( $thumbName ) . "' but got '" .
rawurldecode( $rel404 ) . "'." );
return;
}
}
$dispositionType = isset( $params['download'] ) ? 'attachment' : 'inline';
// Suggest a good name for users downloading this thumbnail
$headers[] =
'Content-Disposition: ' . $img->getThumbDisposition( $thumbName, $dispositionType );
if ( count( $varyHeader ) ) {
$headers[] = 'Vary: ' . implode( ', ', $varyHeader );
}
// Stream the file if it exists already...
$thumbPath = $img->getThumbPath( $thumbName );
if ( $img->getRepo()->fileExists( $thumbPath ) ) {
$starttime = microtime( true );
$status = $img->getRepo()->streamFileWithStatus( $thumbPath, $headers );
$streamtime = microtime( true ) - $starttime;
if ( $status->isOK() ) {
$services->getStatsdDataFactory()->timing(
'media.thumbnail.stream',
$streamtime
);
} else {
$this->thumbError(
500,
'Could not stream the file',
$status->getWikiText( false, false, 'en' ),
[
'file' => $thumbName,
'path' => $thumbPath,
'error' => $status->getWikiText( false, false, 'en' ),
]
);
}
return;
}
$authority = $this->getContext()->getAuthority();
$status = PermissionStatus::newEmpty();
if ( !wfThumbIsStandard( $img, $params )
&& !$authority->authorizeAction( 'renderfile-nonstandard', $status )
) {
$statusFormatter = $services->getFormatterFactory()
->getStatusFormatter( $this->getContext() );
$this->thumbError( 429, $statusFormatter->getHTML( $status ) );
return;
} elseif ( !$authority->authorizeAction( 'renderfile', $status ) ) {
$statusFormatter = $services->getFormatterFactory()
->getStatusFormatter( $this->getContext() );
$this->thumbError( 429, $statusFormatter->getHTML( $status ) );
return;
}
$thumbProxyUrl = $img->getRepo()->getThumbProxyUrl();
if ( strlen( $thumbProxyUrl ?? '' ) ) {
$this->proxyThumbnailRequest( $img, $thumbName );
// No local fallback when in proxy mode
return;
} else {
// Generate the thumbnail locally
[ $thumb, $errorMsg ] = $this->generateThumbnail( $img, $params, $thumbName, $thumbPath );
}
/** @var MediaTransformOutput|false $thumb */
// Check for thumbnail generation errors...
$msg = $this->getContext()->msg( 'thumbnail_error' );
$errorCode = 500;
if ( !$thumb ) {
$errorMsg = $errorMsg ?: $msg->rawParams( 'File::transform() returned false' )->escaped();
if ( $errorMsg instanceof MessageSpecifier &&
$errorMsg->getKey() === 'thumbnail_image-failure-limit'
) {
$errorCode = 429;
}
} elseif ( $thumb->isError() ) {
$errorMsg = $thumb->getHtmlMsg();
$errorCode = $thumb->getHttpStatusCode();
} elseif ( !$thumb->hasFile() ) {
$errorMsg = $msg->rawParams( 'No path supplied in thumbnail object' )->escaped();
} elseif ( $thumb->fileIsSource() ) {
$errorMsg = $msg
->rawParams( 'Image was not scaled, is the requested width bigger than the source?' )
->escaped();
$errorCode = 400;
}
$this->prepareForOutput();
if ( $errorMsg !== false ) {
$this->thumbError( $errorCode, $errorMsg, null, [ 'file' => $thumbName, 'path' => $thumbPath ] );
} else {
// Stream the file if there were no errors
'@phan-var MediaTransformOutput $thumb';
$status = $thumb->streamFileWithStatus( $headers );
if ( !$status->isOK() ) {
$this->thumbError( 500, 'Could not stream the file', $status->getWikiText( false, false, 'en' ), [
'file' => $thumbName, 'path' => $thumbPath,
'error' => $status->getWikiText( false, false, 'en' ) ] );
}
}
}
/**
* Proxies thumbnail request to a service that handles thumbnailing
*
* @param File $img
* @param string $thumbName
*/
private function proxyThumbnailRequest( $img, $thumbName ) {
$thumbProxyUrl = $img->getRepo()->getThumbProxyUrl();
// Instead of generating the thumbnail ourselves, we proxy the request to another service
$thumbProxiedUrl = $thumbProxyUrl . $img->getThumbRel( $thumbName );
$req = MediaWikiServices::getInstance()->getHttpRequestFactory()->create( $thumbProxiedUrl );
$secret = $img->getRepo()->getThumbProxySecret();
// Pass a secret key shared with the proxied service if any
if ( strlen( $secret ?? '' ) ) {
$req->setHeader( 'X-Swift-Secret', $secret );
}
// Send request to proxied service
$req->execute();
HeaderCallback::warnIfHeadersSent();
// Simply serve the response from the proxied service as-is
$this->header( 'HTTP/1.1 ' . $req->getStatus() );
$headers = $req->getResponseHeaders();
foreach ( $headers as $key => $values ) {
foreach ( $values as $value ) {
$this->header( $key . ': ' . $value, false );
}
}
$this->print( $req->getContent() );
}
/**
* Actually try to generate a new thumbnail
*
* @param File $file
* @param array $params
* @param string $thumbName
* @param string $thumbPath
* @return array (MediaTransformOutput|bool, string|bool error message HTML)
*/
protected function generateThumbnail( File $file, array $params, $thumbName, $thumbPath ) {
$attemptFailureEpoch = $this->getConfig( MainConfigNames::AttemptFailureEpoch );
$cache = ObjectCache::getLocalClusterInstance();
$key = $cache->makeKey(
'attempt-failures',
$attemptFailureEpoch,
$file->getRepo()->getName(),
$file->getSha1(),
md5( $thumbName )
);
// Check if this file keeps failing to render
if ( $cache->get( $key ) >= 4 ) {
return [ false, $this->getContext()->msg( 'thumbnail_image-failure-limit', 4 ) ];
}
$done = false;
// Record failures on PHP fatals in addition to caching exceptions
register_shutdown_function( static function () use ( $cache, &$done, $key ) {
if ( !$done ) { // transform() gave a fatal
// Randomize TTL to reduce stampedes
$cache->incrWithInit( $key, $cache::TTL_HOUR + mt_rand( 0, 300 ) );
}
} );
$thumb = false;
$errorHtml = false;
// guard thumbnail rendering with PoolCounter to avoid stampedes
// expensive files use a separate PoolCounter config so it is possible
// to set up a global limit on them
if ( $file->isExpensiveToThumbnail() ) {
$poolCounterType = 'FileRenderExpensive';
} else {
$poolCounterType = 'FileRender';
}
// Thumbnail isn't already there, so create the new thumbnail...
try {
$work = new PoolCounterWorkViaCallback( $poolCounterType, sha1( $file->getName() ),
[
'doWork' => static function () use ( $file, $params ) {
return $file->transform( $params, File::RENDER_NOW );
},
'doCachedWork' => static function () use ( $file, $params, $thumbPath ) {
// If the worker that finished made this thumbnail then use it.
// Otherwise, it probably made a different thumbnail for this file.
return $file->getRepo()->fileExists( $thumbPath )
? $file->transform( $params, File::RENDER_NOW )
: false; // retry once more in exclusive mode
},
'error' => function ( Status $status ) {
return $this->getContext()->msg( 'generic-pool-error' )->parse() . '<hr>' . $status->getHTML();
}
]
);
$result = $work->execute();
if ( $result instanceof MediaTransformOutput ) {
$thumb = $result;
} elseif ( is_string( $result ) ) { // error
$errorHtml = $result;
}
} catch ( Exception $e ) {
// Tried to select a page on a non-paged file?
}
/** @noinspection PhpUnusedLocalVariableInspection */
$done = true; // no PHP fatal occurred
if ( !$thumb || $thumb->isError() ) {
// Randomize TTL to reduce stampedes
$cache->incrWithInit( $key, $cache::TTL_HOUR + mt_rand( 0, 300 ) );
}
return [ $thumb, $errorHtml ];
}
/**
* Convert a thumbnail name (122px-foo.png) to parameters, using
* file handler.
*
* @param File $file File object for file in question
* @param array $params Array of parameters so far
* @return array|null Parameters array with more parameters, or null
*/
private function extractThumbParams( $file, $params ) {
if ( !isset( $params['thumbName'] ) ) {
throw new InvalidArgumentException( "No thumbnail name passed to extractThumbParams" );
}
$thumbname = $params['thumbName'];
unset( $params['thumbName'] );
// FIXME: Files in the temp zone don't set a MIME type, which means
// they don't have a handler. Which means we can't parse the param
// string. However, not a big issue as what good is a param string
// if you have no handler to make use of the param string and
// actually generate the thumbnail.
$handler = $file->getHandler();
// Based on UploadStash::parseKey
$fileNamePos = strrpos( $thumbname, $params['f'] );
if ( $fileNamePos === false ) {
// Maybe using a short filename? (see FileRepo::nameForThumb)
$fileNamePos = strrpos( $thumbname, 'thumbnail' );
}
if ( $handler && $fileNamePos !== false ) {
$paramString = substr( $thumbname, 0, $fileNamePos - 1 );
$extraParams = $handler->parseParamString( $paramString );
if ( $extraParams !== false ) {
return $params + $extraParams;
}
}
// As a last ditch fallback, use the traditional common parameters
if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) {
[ /* all */, /* pagefull */, $pagenum, $size ] = $matches;
$params['width'] = $size;
if ( $pagenum ) {
$params['page'] = $pagenum;
}
return $params; // valid thumbnail URL
}
return null;
}
/**
* Output a thumbnail generation error message
*
* @param int $status
* @param string $msgText Plain text (will be html escaped)
* @return void
*/
protected function thumbErrorText( $status, $msgText ) {
$this->thumbError( $status, htmlspecialchars( $msgText, ENT_NOQUOTES ) );
}
/**
* Output a thumbnail generation error message
*
* @param int $status
* @param string $msgHtml HTML
* @param string|null $msgText Short error description, for internal logging. Defaults to $msgHtml.
* Only used for HTTP 500 errors.
* @param array $context Error context, for internal logging. Only used for HTTP 500 errors.
* @return void
*/
protected function thumbError( $status, $msgHtml, $msgText = null, $context = [] ) {
$showHostnames = $this->getConfig( MainConfigNames::ShowHostnames );
HeaderCallback::warnIfHeadersSent();
if ( $this->getResponse()->headersSent() ) {
LoggerFactory::getInstance( 'thumbnail' )->error(
'Error after output had been started. Output may be corrupt or truncated. ' .
'Original error: ' . ( $msgText ?: $msgHtml ) . " (Status $status)",
$context
);
return;
}
$this->header( 'Cache-Control: no-cache' );
$this->header( 'Content-Type: text/html; charset=utf-8' );
if ( $status == 400 || $status == 404 || $status == 429 ) {
$this->status( $status );
} elseif ( $status == 403 ) {
$this->status( 403 );
$this->header( 'Vary: Cookie' );
} else {
LoggerFactory::getInstance( 'thumbnail' )->error( $msgText ?: $msgHtml, $context );
$this->status( 500 );
}
if ( $showHostnames ) {
$this->header( 'X-MW-Thumbnail-Renderer: ' . wfHostname() );
$url = htmlspecialchars(
$this->getServerInfo( 'REQUEST_URI' ) ?? '',
ENT_NOQUOTES
);
$hostname = htmlspecialchars( wfHostname(), ENT_NOQUOTES );
$debug = "<!-- $url -->\n<!-- $hostname -->\n";
} else {
$debug = '';
}
$content = <<<EOT
<!DOCTYPE html>
<html><head>
<meta charset="UTF-8" />
<title>Error generating thumbnail</title>
</head>
<body>
<h1>Error generating thumbnail</h1>
<p>
$msgHtml
</p>
$debug
</body>
</html>
EOT;
$this->header( 'Content-Length: ' . strlen( $content ) );
$this->print( $content );
}
}

9
includes/filerepo/file/LocalFile.php
View file

@ -1729,10 +1729,6 @@ class LocalFile extends File {
$props['description'] = $comment;
$props['timestamp'] = wfTimestamp( TS_MW, $timestamp ); // DB -> TS_MW
$this->setProps( $props );
$mimeAnalyzer = MediaWikiServices::getInstance()->getMimeAnalyzer();
if ( !$mimeAnalyzer->isValidMajorMimeType( $this->major_mime ) ) {
$this->major_mime = 'unknown';
}
# Fail now if the file isn't there
if ( !$this->fileExists ) {
@ -1741,6 +1737,11 @@ class LocalFile extends File {
return Status::newFatal( 'filenotfound', $this->getRel() );
}
$mimeAnalyzer = MediaWikiServices::getInstance()->getMimeAnalyzer();
if ( !$mimeAnalyzer->isValidMajorMimeType( $this->major_mime ) ) {
$this->major_mime = 'unknown';
}
$actorNormalizaton = MediaWikiServices::getInstance()->getActorNormalization();
$dbw->startAtomic( __METHOD__ );

1
tests/common/TestsAutoLoader.php
View file

@ -252,6 +252,7 @@ $wgAutoloadClasses += [
'NullGuzzleClient' => "$testDir/phpunit/mocks/NullGuzzleClient.php",
'NullHttpRequestFactory' => "$testDir/phpunit/mocks/NullHttpRequestFactory.php",
'NullMultiHttpClient' => "$testDir/phpunit/mocks/NullMultiHttpClient.php",
'MediaWiki\Tests\FileRepo\TestRepoTrait' => "$testDir/phpunit/mocks/filerepo/TestRepoTrait.php",
'MediaWiki\\Tests\\MockEnvironment' => "$testDir/phpunit/mocks/MockEnvironment.php",
# tests/phpunit/unit/includes

306
tests/phpunit/includes/filerepo/Thumbnail404EntryPointTest.php Normal file
View file

@ -0,0 +1,306 @@
<?php
use MediaWiki\FileRepo\Thumbnail404EntryPoint;
use MediaWiki\MainConfigNames;
use MediaWiki\Request\FauxRequest;
use MediaWiki\Tests\FileRepo\TestRepoTrait;
use MediaWiki\Tests\MockEnvironment;
/**
* @covers \MediaWiki\FileRepo\Thumbnail404EntryPoint
* @group Database
*/
class Thumbnail404EntryPointTest extends MediaWikiIntegrationTestCase {
use TestRepoTrait;
use MockHttpTrait;
private const PNG_MAGIC = "\x89\x50\x4e\x47";
private const JPEG_MAGIC = "\xff\xd8\xff\xe0";
private const IMAGES_DIR = __DIR__ . '/../../data/media';
/**
* will be called only once per test class
*/
public function addDBDataOnce() {
// Create mock repo with test files
$this->initTestRepoGroup();
$this->importFileToTestRepo( self::IMAGES_DIR . '/greyscale-png.png', 'Test.png' );
$this->importFileToTestRepo( self::IMAGES_DIR . '/Animated_PNG_example_bouncing_beach_ball.png' );
$this->importFileToTestRepo( self::IMAGES_DIR . '/test.jpg', 'Icon.jpg' );
// Create a second version of Test.png
$this->importFileToTestRepo( self::IMAGES_DIR . '/greyscale-na-png.png', 'Test.png' );
// Create a redirect
$title = Title::makeTitle( NS_FILE, 'Redirect_to_Test.png' );
$this->editPage( $title, '#REDIRECT [[File:Test.png]]' );
}
public static function tearDownAfterClass(): void {
self::destroyTestRepo();
parent::tearDownAfterClass();
}
public function setUp(): void {
parent::setUp();
$this->installTestRepoGroup();
}
/**
* @param FauxRequest|string|null $request
*
* @return MockEnvironment
*/
private function makeEnvironment( $request ): MockEnvironment {
if ( !$request ) {
$request = new FauxRequest();
}
if ( is_string( $request ) ) {
$req = new FauxRequest( [] );
$req->setRequestURL( $request );
$request = $req;
}
return new MockEnvironment( $request );
}
/**
* @param MockEnvironment|null $environment
* @param FauxRequest|RequestContext|string|array|null $request
*
* @return Thumbnail404EntryPoint
*/
private function getEntryPoint(
MockEnvironment $environment = null,
$request = null
) {
if ( !$request && $environment ) {
$request = $environment->getFauxRequest();
}
if ( $request instanceof RequestContext ) {
$context = $request;
$request = $context->getRequest();
} else {
$context = new RequestContext();
$context->setRequest( $request );
$context->setUser( $this->getTestUser()->getUser() );
}
if ( !$environment ) {
$environment = $this->makeEnvironment( $request );
}
$entryPoint = new Thumbnail404EntryPoint(
$context,
$environment,
$this->getServiceContainer()
);
$entryPoint->enableOutputCapture();
return $entryPoint;
}
public static function provideNotFound() {
yield 'non-existing image' => [
'/w/images/thumb/a/aa/Xyzzy.png/13px-Xyzzy.png',
404
];
yield 'malformed name' => [
'/w/images/thumb/x/xx/XyzzyXyzzy',
400
];
}
/**
* @dataProvider provideNotFound
*/
public function testNotFound( $req, $expectedStatus ) {
$env = $this->makeEnvironment( $req );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( $expectedStatus );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
$this->assertStringContainsString(
'<title>Error generating thumbnail</title>',
$output
);
}
public function testStreamFile() {
$file = $this->getTestRepo()->newFile( 'Test.png' );
$rel = $file->getRel();
$name = $file->getName();
$env = $this->makeEnvironment( "/w/images/thumb/$rel/13px-$name" );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertThumbnail(
[ 'magic' => self::PNG_MAGIC, 'width' => 13, ],
$output
);
return [ 'data' => $output, 'width' => 13 ];
}
public function testStreamFileWithThumbPath() {
$this->overrideConfigValue( MainConfigNames::ThumbPath, '/thumbnails/' );
$file = $this->getTestRepo()->newFile( 'Test.png' );
$rel = $file->getRel();
$env = $this->makeEnvironment( "/thumbnails/$rel/13px-Test.png" );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertThumbnail(
[ 'magic' => self::PNG_MAGIC, 'width' => 13, ],
$output
);
}
public function testStreamFileWithLongName() {
$this->overrideConfigValue( MainConfigNames::VaryOnXFP, true );
// Note that abbrvThreshold is 16 per MockRepTrait
$file = $this->getTestRepo()->newFile( 'Animated_PNG_example_bouncing_beach_ball.png' );
$rel = $file->getRel();
$name = $file->getName();
// use abbreviated name
$env = $this->makeEnvironment( "/w/images/thumb/$rel/13px-thumbnail.png" );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200, $output );
$env->assertHeaderValue( null, 'Vary' );
// use long name
$env = $this->makeEnvironment( "/w/images/thumb/$rel/13px-$name" );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 301, $output );
$env->assertHeaderValue( 'X-Forwarded-Proto', 'Vary' );
$this->assertStringEndsWith(
"/w/images/thumb/$rel/13px-thumbnail.png",
$env->getFauxResponse()->getHeader( 'Location' )
);
}
/**
* @depends testStreamFile
*/
public function testStreamOldFile( array $latestThumbnailInfo ) {
$file = $this->getTestRepo()->newFile( 'Test.png' );
$history = $file->getHistory();
$oldFile = $history[0];
$uri = '/w/images/thumb/' . $oldFile->getArchiveRel()
. '/' . $oldFile->getArchiveName() . '/13px-Test.png';
$env = $this->makeEnvironment( $uri );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertNotSame(
$latestThumbnailInfo['data'],
$output,
'Thumbnail for the old version should not be the same as the ' .
'thumbnail for the latest version'
);
$this->assertThumbnail(
[ 'magic' => self::PNG_MAGIC, 'width' => 13, ],
$output
);
}
public function testStreamTempFile() {
$user = $this->getTestUser()->getUser();
$stash = new UploadStash( $this->getTestRepo(), $user );
$file = $stash->stashFile( self::IMAGES_DIR . '/adobergb.jpg' );
$uri = '/w/images/thumb/temp/' . $file->getRel()
. '/13px-' . $file->getName();
$env = $this->makeEnvironment( $uri );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertThumbnail(
[ 'magic' => self::JPEG_MAGIC, 'width' => 13, ],
$output
);
}
public function testBadPath() {
$file = $this->getTestRepo()->newFile( 'Test.png' );
$rel = $file->getRel();
$uri = "/w/images/thumb/$rel/148px-XYZZY";
$env = $this->makeEnvironment( $uri );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$entryPoint->getCapturedOutput();
$env->assertStatusCode( 404 );
}
/**
* @param array $props
* @param string $output binary data
*/
private function assertThumbnail( array $props, string $output ): void {
if ( isset( $props['magic'] ) ) {
$this->assertStringStartsWith(
$props['magic'],
$output,
'Magic number should match'
);
}
if ( isset( $props['width'] ) && function_exists( 'getimagesizefromstring' ) ) {
[ $width, ] = getimagesizefromstring( $output );
$this->assertSame(
$props['width'],
$width
);
}
}
}

812
tests/phpunit/includes/filerepo/ThumbnailEntryPointTest.php Normal file
View file

@ -0,0 +1,812 @@
<?php
use MediaWiki\FileRepo\ThumbnailEntryPoint;
use MediaWiki\MainConfigNames;
use MediaWiki\Permissions\SimpleAuthority;
use MediaWiki\Request\FauxRequest;
use MediaWiki\Tests\FileRepo\TestRepoTrait;
use MediaWiki\Tests\MockEnvironment;
use MediaWiki\User\UserIdentityValue;
/**
* @covers \MediaWiki\FileRepo\ThumbnailEntryPoint
* @group Database
*/
class ThumbnailEntryPointTest extends MediaWikiIntegrationTestCase {
use TestRepoTrait;
use MockHttpTrait;
private const PNG_MAGIC = "\x89\x50\x4e\x47";
private const JPEG_MAGIC = "\xff\xd8\xff\xe0";
private const IMAGES_DIR = __DIR__ . '/../../data/media';
// Counter for getting unique width values
private static $uniqueWidth = 20;
/**
* will be called only once per test class
*/
public function addDBDataOnce() {
// Create mock repo with test files
$this->initTestRepoGroup();
$this->importFileToTestRepo( self::IMAGES_DIR . '/greyscale-png.png', 'Test.png' );
$this->importFileToTestRepo( self::IMAGES_DIR . '/test.jpg', 'Icon.jpg' );
// Create a second version of Test.png
$this->importFileToTestRepo( self::IMAGES_DIR . '/greyscale-na-png.png', 'Test.png' );
$this->importFileToTestRepo( self::IMAGES_DIR . '/portrait-rotated.jpg', 'Icon.jpg' );
// Create a redirect
$title = Title::makeTitle( NS_FILE, 'Redirect_to_Test.png' );
$this->editPage( $title, '#REDIRECT [[File:Test.png]]' );
// Suppress the old version of Icon
$file = $this->getTestRepo()->newFile( 'Icon.jpg' );
$history = $file->getHistory();
$oldFile = $history[0];
$this->db->newUpdateQueryBuilder()
->table( 'oldimage' )
->set( [ 'oi_deleted' => 1 ] )
->where( [ 'oi_archive_name' => $oldFile->getArchiveName() ] )
->caller( __METHOD__ )
->execute();
}
public static function tearDownAfterClass(): void {
self::destroyTestRepo();
parent::tearDownAfterClass();
}
public function setUp(): void {
parent::setUp();
$this->overrideConfigValue( MainConfigNames::ThumbLimits, [ 16, 24 ] );
$this->installTestRepoGroup();
}
/**
* @param FauxRequest|string|array|null $request
*
* @return MockEnvironment
*/
private function makeEnvironment( $request ): MockEnvironment {
if ( !$request ) {
$request = new FauxRequest();
}
if ( is_string( $request ) ) {
$request = [ 'f' => $request, 'width' => self::$uniqueWidth++ ];
}
if ( is_array( $request ) ) {
$request = new FauxRequest( $request );
$request->setRequestURL( '/w/img.php' );
}
return new MockEnvironment( $request );
}
/**
* @param MockEnvironment|null $environment
* @param FauxRequest|RequestContext|string|array|null $request
*
* @return ThumbnailEntryPoint
*/
private function getEntryPoint(
MockEnvironment $environment = null,
$request = null
) {
if ( !$request && $environment ) {
$request = $environment->getFauxRequest();
}
if ( $request instanceof RequestContext ) {
$context = $request;
$request = $context->getRequest();
} else {
$context = new RequestContext();
$context->setRequest( $request );
$context->setUser( $this->getTestUser()->getUser() );
}
if ( !$environment ) {
$environment = $this->makeEnvironment( $request );
}
$context->setLanguage( 'qqx' );
$entryPoint = new ThumbnailEntryPoint(
$context,
$environment,
$this->getServiceContainer()
);
$entryPoint->enableOutputCapture();
return $entryPoint;
}
public function testNotFound() {
$env = $this->makeEnvironment( 'Missing_puppy.jpeg' );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$env->assertStatusCode( 404 );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
$output = $entryPoint->getCapturedOutput();
$this->assertStringContainsString(
'<title>Error generating thumbnail</title>',
$output
);
}
public function testGenerateAndStreamThumbnail() {
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'width' => 12 // Must match the width in testStreamExistingThumbnail
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
// TODO: Assert Content-Type and Content-Length headers.
// Needs FileStreamer to use WebResponse.
$env->assertStatusCode( 200, $output );
$this->assertThumbnail(
[ 'magic' => self::PNG_MAGIC, 'width' => 12, ],
$output
);
return [ 'data' => $output, 'width' => 12 ];
}
/**
* @depends testGenerateAndStreamThumbnail
*/
public function testStreamExistingThumbnail() {
// Sabotage transformations, so this test will fail if we do not
// use the existing thumbnail generated by testGenerateAndStreamThumbnail.
$handler = $this->getMockBuilder( BitmapHandler::class )
->onlyMethods( [ 'doTransform' ] )
->getMock();
$handler->expects( $this->never() )->method( 'doTransform' );
$factory = $this->createNoOpMock( MediaHandlerFactory::class, [ 'getHandler' ] );
$factory->method( 'getHandler' )->willReturn( $handler );
$this->setService( 'MediaHandlerFactory', $factory );
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'width' => 12 // Must match the width in testGenerateAndStreamThumbnail
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertThumbnail(
[ 'magic' => self::PNG_MAGIC, 'width' => 12, ],
$output
);
}
public function testNoThumbName() {
// Make sure no handler is set, so that File::generateThumbName() returns null
$factory = $this->createNoOpMock( MediaHandlerFactory::class, [ 'getHandler' ] );
$factory->method( 'getHandler' )->willReturn( false );
$this->setService( 'MediaHandlerFactory', $factory );
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'width' => self::$uniqueWidth++
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 400, $output );
}
public function testTransformError() {
// Mock transformations to return an error
$handler = $this->getMockBuilder( BitmapHandler::class )
->onlyMethods( [ 'doTransform' ] )
->getMock();
$transformOutput = new MediaTransformError( 'testing', 200, 100 );
$handler->method( 'doTransform' )->willReturn( $transformOutput );
$factory = $this->createNoOpMock( MediaHandlerFactory::class, [ 'getHandler' ] );
$factory->method( 'getHandler' )->willReturn( $handler );
$this->setService( 'MediaHandlerFactory', $factory );
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'width' => self::$uniqueWidth++
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 500, $output );
}
public function testContentDisposition() {
// TODO...
$this->markTestSkipped( 'Needs refactoring of HTTPFileStreamer to capture headers' );
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'width' => 12,
'download' => 1
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertThumbnail( [ 'magic' => self::PNG_MAGIC, ], $output );
$env->assertHeaderValue( 'attachment', 'Content-Disposition' );
}
public static function provideThumbNameParam() {
yield [ '12px-Test.png' ];
yield [ 'page123456-12px-xyz' ];
yield [ '12px-xyz' ];
yield [ 'xyzzy', 400 ];
}
/**
* @dataProvider provideThumbNameParam
*/
public function testThumbNameParam( $thumbName, $expected = 200 ) {
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'thumbName' => $thumbName,
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( $expected, $output );
if ( $expected < 300 ) {
$expectedProps = [ 'magic' => self::PNG_MAGIC ];
// get expected width
if ( preg_match( '/\b(\d+)px/', $thumbName, $matches ) ) {
$expectedProps['width'] = (int)$matches[1];
}
$this->assertThumbnail(
$expectedProps,
$output
);
}
}
public function testAccessDenied() {
// Make the wiki non-public
$groupPermissions = $this->getConfVar( MainConfigNames::GroupPermissions );
$groupPermissions['*']['read'] = false;
$this->overrideConfigValue(
'GroupPermissions',
$groupPermissions
);
// Make the user have no rights
$authority = new SimpleAuthority(
new UserIdentityValue( 7, 'Heather' ),
[]
);
$env = $this->makeEnvironment( 'Test.png' );
$context = $env->makeFauxContext();
$context->setAuthority( $authority );
$entryPoint = $this->getEntryPoint(
$env,
$context
);
$entryPoint->run();
$env->assertStatusCode( 403 );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
$output = $entryPoint->getCapturedOutput();
$this->assertStringContainsString(
'<title>Error generating thumbnail</title>',
$output
);
}
public function testAccessOnPrivateWiki() {
// Make the wiki non-public, so we don't use the short-circuit code
$groupPermissions = $this->getConfVar( MainConfigNames::GroupPermissions );
$groupPermissions['*']['read'] = false;
$this->overrideConfigValue(
'GroupPermissions',
$groupPermissions
);
// Make a user who is allowed to read
$authority = new SimpleAuthority(
new UserIdentityValue( 7, 'Heather' ),
[ 'read', 'renderfile', 'renderfile-nonstandard' ]
);
$env = $this->makeEnvironment( 'Test.png' );
$context = $env->makeFauxContext();
$context->setAuthority( $authority );
$entryPoint = $this->getEntryPoint(
$env,
$context
);
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertThumbnail( [ 'magic' => self::PNG_MAGIC, ], $output );
}
public static function provideRateLimit() {
// NOTE: The 12px thumbnail will have been generated at this point.
// We force 16 and 24 to be standard sizes during setup.
// Once the thumbnail is generated, the rate limit is no longer
// triggered.
yield [ '16', '24', 'renderfile' ];
yield [ self::$uniqueWidth++, self::$uniqueWidth++, 'renderfile-nonstandard' ];
}
/**
* @dataProvider provideRateLimit
*/
public function testRateLimited( $width1, $width2, $limit ) {
// Set up rate limit config
$rateLimits = $this->getConfVar( MainConfigNames::RateLimits );
$rateLimits[$limit] = [
'ip' => [ 1, 60 ],
'newbie' => [ 1, 60 ],
'user' => [ 1, 60 ],
];
$this->overrideConfigValue( MainConfigNames::RateLimits, $rateLimits );
// First run should pass
$env = $this->makeEnvironment( [ 'f' => 'Test.png', 'width' => $width1 ] );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
// Second run should fail
$env = $this->makeEnvironment( [ 'f' => 'Test.png', 'width' => $width2 ] );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$entryPoint->getCapturedOutput();
$env->assertStatusCode( 429 );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
}
/**
* @depends testGenerateAndStreamThumbnail
*/
public function testStreamOldFile( array $latestThumbnailInfo ) {
$file = $this->getTestRepo()->newFile( 'Test.png' );
$history = $file->getHistory();
$oldFile = $history[0];
$env = $this->makeEnvironment(
[
'f' => $oldFile->getArchiveName(),
'width' => '12px', // use "px" suffix, just so we also cover that code path
'archived' => 1,
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertNotSame(
$latestThumbnailInfo['data'],
$output,
'Thumbnail for the old version should not be the same as the ' .
'thumbnail for the latest version'
);
$this->assertThumbnail(
[ 'magic' => self::PNG_MAGIC, 'width' => 12, ],
$output
);
}
public function testOldDeletedFile() {
// Note that we manually set oi_deleted for this revision
// in addDBDataOnce().
$file = $this->getTestRepo()->newFile( 'Icon.jpg' );
$history = $file->getHistory();
$oldFile = $history[0];
$env = $this->makeEnvironment(
[
'f' => $oldFile->getArchiveName(),
'width' => '12px', // use "px" suffix, just so we also cover that code path
'archived' => 1,
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 404, $output );
}
/**
* @depends testGenerateAndStreamThumbnail
*/
public function testStreamOldFileRedirect( array $latestThumbnailInfo ) {
$file = $this->getTestRepo()->newFile( 'Test.png' );
$history = $file->getHistory();
$oldFile = $history[0];
// Try accessing the old revision using a redirected title
$archiveName = str_replace(
'Test.png',
'Redirect_to_Test.png',
$oldFile->getArchiveName()
);
$env = $this->makeEnvironment(
[
'f' => $archiveName,
'width' => 12,
'archived' => 1,
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$response = $env->getFauxResponse();
$this->assertSame( 302, $response->getStatusCode() );
$expected = '/' . urlencode( $oldFile->getArchiveName() ) . '/12px-Test.png';
$this->assertStringEndsWith(
$expected,
$response->getHeader( 'Location' )
);
$this->assertSame( '', $output );
}
public function testStreamTempFile() {
$user = $this->getTestUser()->getUser();
$stash = new UploadStash( $this->getTestRepo(), $user );
$file = $stash->stashFile( self::IMAGES_DIR . '/adobergb.jpg' );
$env = $this->makeEnvironment(
[
'f' => $file->getName(),
'width' => 12,
'temp' => 'yes',
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 200 );
$this->assertThumbnail(
[ 'magic' => self::JPEG_MAGIC, 'width' => 12, ],
$output
);
}
public function testRedirect() {
$this->overrideConfigValue( MainConfigNames::VaryOnXFP, true );
$env = $this->makeEnvironment(
[
'f' => 'Redirect_to_Test.png',
'w' => 12
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$response = $env->getFauxResponse();
$this->assertSame( 302, $response->getStatusCode() );
$this->assertStringEndsWith(
'/Test.png/12px-Test.png',
$response->getHeader( 'Location' )
);
$this->assertSame( '', $output );
$env->assertHeaderValue( 'X-Forwarded-Proto', 'Vary' );
}
public function testBadTitle() {
$env = $this->makeEnvironment( '_/_' );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 404 );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
$this->assertStringContainsString(
'(badtitletext)',
$output
);
}
public static function provideOldFileWithBadTitle() {
yield 'invalid title' => [ '_/_' ];
yield 'valid title without timestamp' => [ 'Test.png' ];
yield 'invalid title with timestamp' => [ '20200101002233!_/_' ];
}
/**
* @dataProvider provideOldFileWithBadTitle
*/
public function testOldFileWithBadTitle( $badTitle ) {
$env = $this->makeEnvironment( [
'f' => $badTitle,
'width' => 12,
'archived' => 1
] );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 404 );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
$this->assertStringContainsString(
'(badtitletext)',
$output
);
}
public function testTooMuchWidth() {
// Set the width larger than the size of the image
$env = $this->makeEnvironment( [ 'f' => 'Test.png', 'width' => 1200 ] );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 400 );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
$this->assertStringContainsString(
'(thumbnail_error: ',
$output
);
$this->assertStringContainsString(
'bigger than the source',
$output
);
}
public function testDeletedFile() {
// Delete Icon.jpg
$icon = $this->getTestRepo()->newFile( 'Icon.jpg' );
$this->assertTrue( $icon->exists() );// sanity
$icon->deleteFile( 'testing', new UserIdentityValue( 0, 'Test' ) );
$env = $this->makeEnvironment( 'Icon.jpg' );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 404 );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
$this->assertStringContainsString(
'<title>Error generating thumbnail</title>',
$output
);
}
public function testNotModified() {
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'width' => 12
]
);
$env->setServerInfo( 'HTTP_IF_MODIFIED_SINCE', '25250101001122' );
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$response = $env->getFauxResponse();
$this->assertSame( 304, $response->getStatusCode() );
$this->assertSame( '', $output );
}
public function testProxy() {
$this->installTestRepoGroup( [ 'thumbProxyUrl' => 'https://images.acme.test/thumbnails/' ] );
$this->installMockHttp( 'PROXY RESPONSE' );
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'width' => self::$uniqueWidth++
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$this->assertSame( 'PROXY RESPONSE', $output );
}
public static function provideRepoCouldNotStreamFile() {
// The width must match the one generated by testGenerateAndStreamThumbnail
// This error comes from FileBackend::doStreamFile.
yield 'existing thumbnail' => [ 12, 'xyzzy-error' ];
// TODO: also test the case where we fail to stream a newly created
// thumbnail. In that case, the expected error comes from
// MediaTransformOutput::streamFileWithStatus, not FileBackend::doStreamFile.
}
/**
* @dataProvider provideRepoCouldNotStreamFile
* @depends testGenerateAndStreamThumbnail
*/
public function testRepoCouldNotStreamFile( int $width, string $expectedError ) {
// Sabotage streaming in file backend
$backend = $this->createFileBackend( [
'overrides' => [
'doStreamFile' => Status::newFatal( 'xyzzy-error' )
]
] );
$this->installTestRepoGroup(
[ 'backend' => $backend ]
);
// TODO: figure out how to provoke an error in
// MediaTransformOutput::streamFileWithStatus.
// The below causes an error to be triggered too early.
// Since MediaTransformOutput uses StreamFile directly, we have to also
// sabotage transformations in the handler to return a ThumbnailImage
// with no path. This is unfortunately brittle to implementation changes.
$handler = $this->getMockBuilder( BitmapHandler::class )
->onlyMethods( [ 'doTransform' ] )
->getMock();
$file = $this->getTestRepo()->newFile( 'Test.png' );
$params = [ 'width' => $width, 'height' => $width ];
$handler->method( 'doTransform' )->willReturn(
new ThumbnailImage( $file, '', false, $params )
);
$factory = $this->createNoOpMock( MediaHandlerFactory::class, [ 'getHandler' ] );
$factory->method( 'getHandler' )->willReturn( $handler );
$this->setService( 'MediaHandlerFactory', $factory );
$env = $this->makeEnvironment(
[
'f' => 'Test.png',
'width' => $width
]
);
$entryPoint = $this->getEntryPoint( $env );
$entryPoint->run();
$output = $entryPoint->getCapturedOutput();
$env->assertStatusCode( 500, $output );
$env->assertHeaderValue(
'text/html; charset=utf-8',
'Content-Type'
);
// TODO: check the log for the specific error.
$this->assertStringContainsString( 'Could not stream the file', $output );
}
/**
* @param array $props
* @param string $output binary data
*/
private function assertThumbnail( array $props, string $output ): void {
if ( isset( $props['magic'] ) ) {
$this->assertStringStartsWith(
$props['magic'],
$output,
'Magic number should match'
);
}
if ( isset( $props['width'] ) && function_exists( 'getimagesizefromstring' ) ) {
[ $width, ] = getimagesizefromstring( $output );
$this->assertSame(
$props['width'],
$width
);
}
}
}

3
tests/phpunit/mocks/MockEnvironment.php
View file

@ -136,7 +136,8 @@ class MockEnvironment extends EntryPointEnvironment {
public function assertStatusCode( int $expected, $message = null ) {
$message ??= "HTTP status";
Assert::assertSame( $expected, $this->getFauxResponse()->getStatusCode(), $message );
$code = $this->getFauxResponse()->getStatusCode() ?? 200;
Assert::assertSame( $expected, $code, $message );
}
public function assertHeaderValue( ?string $expected, string $name, $message = null ) {

215
tests/phpunit/mocks/filerepo/TestRepoTrait.php Normal file
View file

@ -0,0 +1,215 @@
<?php
namespace MediaWiki\Tests\FileRepo;
use FileBackend;
use FSFileBackend;
use LocalRepo;
use LogicException;
use MediaWiki\MediaWikiServices;
use PHPUnit\Framework\Assert;
use RepoGroup;
use Title;
trait TestRepoTrait {
private static ?string $mockRepoTraitDir = null;
/**
* Initializes a mock repository in a temporary directory.
* Must only be called in addDbDataOnce().
* Must be paired with a call to destroyTestRepo() in tearDownAfterClass().
*/
private function initTestRepoGroup(): RepoGroup {
if ( self::$mockRepoTraitDir ) {
throw new LogicException( 'Mock repo already initialized. ' .
'initTestRepogroup() must only be called from addDBDataOnce() ' .
'and must be paired with a call to destroyTestRepo() in ' .
'tearDownAfterClass().' );
}
$tmp = tempnam( wfTempDir(), 'mw-mock-repo-' );
// tmpnam creates a file, we need a directory
if ( file_exists( $tmp ) ) {
unlink( $tmp );
}
mkdir( $tmp );
self::$mockRepoTraitDir = $tmp;
$this->installTestRepoGroup();
return $this->getTestRepoGroup();
}
private function getTestRepoGroup(): RepoGroup {
if ( self::$mockRepoTraitDir === null ) {
throw new LogicException( 'Mock repo not initialized. ' .
'Call initTestRepo() from addDBDataOnce() and a call ' .
'to destroyTestRepo() in tearDownAfterClass().' );
}
return $this->getServiceContainer()->getRepoGroup();
}
private function getTestRepo(): LocalRepo {
return $this->getTestRepoGroup()->getLocalRepo();
}
/**
* Destroys a mock repo.
* Should be called in tearDownAfterClass()
*/
private static function destroyTestRepo() {
if ( !self::$mockRepoTraitDir ) {
return;
}
$dir = self::$mockRepoTraitDir;
if ( !is_dir( $dir ) ) {
return;
}
if ( !str_starts_with( $dir, wfTempDir() ) ) {
throw new \InvalidArgumentException( "Not in temp dir: $dir" );
}
$name = basename( $dir );
if ( !str_starts_with( $name, 'mw-mock-repo-' ) ) {
throw new \InvalidArgumentException( "Not a mock repo dir: $dir" );
}
// TODO: Recursively delete the directory. Scary!
self::$mockRepoTraitDir = null;
}
private function installTestRepoGroup( array $options = [] ) {
$this->setService( 'RepoGroup', $this->createTestRepoGroup( $options ) );
}
private function createTestRepoGroup( $options = [], ?MediaWikiServices $services = null ) {
$services ??= $this->getServiceContainer();
$localFileRepo = $this->getLocalFileRepoConfig( $options );
$mimeAnalyzer = $services->getMimeAnalyzer();
$repoGroup = new RepoGroup(
$localFileRepo,
[],
$services->getMainWANObjectCache(),
$mimeAnalyzer
);
return $repoGroup;
}
private function getLocalFileRepoConfig( $options = [] ): array {
if ( self::$mockRepoTraitDir === null ) {
throw new LogicException( 'Mock repo not initialized. ' .
'Call initTestRepo() from addDBDataOnce() and a call ' .
'to destroyTestRepo() in tearDownAfterClass().' );
}
$options['directory'] ??= self::$mockRepoTraitDir;
$options['scriptDirUrl'] ??= '/w';
$scriptPath = $options['scriptDirUrl'];
$dir = $options['directory'];
$info = $options + [
"class" => "LocalRepo",
"name" => "test",
"domainId" => "mywiki",
"directory" => $dir,
"scriptDirUrl" => $scriptPath,
"favicon" => "/favicon.ico",
"url" => "$scriptPath/images",
"hashLevels" => 2,
"abbrvThreshold" => 16,
"thumbScriptUrl" => "$scriptPath/thumb.php",
"transformVia404" => false,
"deletedDir" => "$dir/deleted",
"deletedHashLevels" => 0,
"updateCompatibleMetadata" => false,
"reserializeMetadata" => false,
"backend" => 'local-backend'
];
if ( !$info['backend'] instanceof FileBackend ) {
$info['backend'] = $this->createFileBackend( $info );
}
return $info;
}
private function createFileBackend( array $info = [] ) {
$dir = $info['directory'] ?? self::$mockRepoTraitDir;
$name = $info['name'] ?? 'test';
$info += [
"domainId" => "mywiki",
'name' => $info['backend'] ?? 'local-backend',
'basePath' => $dir,
'obResetFunc' => static function () {
ob_end_flush();
},
'containerPaths' => [
"$name-public" => "$dir",
"$name-thumb" => "$dir/thumb",
"$name-transcoded" => "$dir/transcoded",
"$name-deleted" => "$dir/deleted",
"$name-temp" => "$dir/temp",
]
];
$overrides = $info['overrides'] ?? [];
unset( $info['overrides'] );
if ( !$overrides ) {
return new FSFileBackend( $info );
}
$backend = $this->getMockBuilder( FSFileBackend::class )
->setConstructorArgs( [ $info ] )
->onlyMethods( array_keys( $overrides ) )
->getMock();
foreach ( $overrides as $name => $will ) {
if ( is_callable( $will ) ) {
$backend->method( $name )->willReturnCallback( $will );
} else {
$backend->method( $name )->willReturn( $will );
}
}
return $backend;
}
private function importDirToTestRepo( string $dir ) {
foreach ( new \DirectoryIterator( $dir ) as $name ) {
$path = "$dir/$name";
if ( is_file( $path ) ) {
$this->importFileToTestRepo( $path );
}
}
}
private function importFileToTestRepo( string $path, ?string $destName = null ) {
$repo = self::getTestRepo();
$destName ??= pathinfo( $path, PATHINFO_BASENAME );
$title = Title::makeTitleSafe( NS_FILE, $destName );
$name = $title->getDBkey();
$file = $repo->newFile( $name );
$status = $file->upload( $path, 'test import', 'test image' );
if ( !$status->isOK() ) {
Assert::fail( "Error recording file $name: " . $status->getWikiText() );
}
return $file;
}
}

705
thumb.php
View file

@ -1,10 +1,8 @@
<?php
/**
* The web entry point for retrieving media thumbnails, created by a MediaHandler
* subclass or proxy request if FileRepo::getThumbProxyUrl is configured.
* The web entry point for retrieving media thumbnails.
*
* This script may also resize an image on-demand, if it isn't found in the
* configured FileBackend storage.
* @see MediaWiki\FileRepo\FileEntryPoint The implementation.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -26,698 +24,17 @@
* @ingroup Media
*/
use MediaWiki\Context\RequestContext;
use MediaWiki\Logger\LoggerFactory;
use MediaWiki\EntryPointEnvironment;
use MediaWiki\FileRepo\ThumbnailEntryPoint;
use MediaWiki\MediaWikiServices;
use MediaWiki\Permissions\PermissionStatus;
use MediaWiki\PoolCounter\PoolCounterWorkViaCallback;
use MediaWiki\Profiler\ProfilingContext;
use MediaWiki\Request\WebRequest;
use MediaWiki\Status\Status;
use MediaWiki\Title\Title;
use Wikimedia\AtEase\AtEase;
define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
// T241340: thumb.php is included by thumb_handler.php which already defined
// MW_ENTRY_POINT to 'thumb_handler'
if ( !defined( 'MW_ENTRY_POINT' ) ) {
define( 'MW_ENTRY_POINT', 'thumb' );
}
define( 'MW_ENTRY_POINT', 'thumb' );
require __DIR__ . '/includes/WebStart.php';
wfThumbMain();
function wfThumbMain() {
global $wgTrivialMimeDetection, $wgRequest;
ProfilingContext::singleton()->init( MW_ENTRY_POINT, 'stream' );
// Don't use fancy MIME detection, just check the file extension for jpg/gif/png
$wgTrivialMimeDetection = true;
if ( defined( 'THUMB_HANDLER' ) ) {
// Called from thumb_handler.php via 404; extract params from the URI...
wfThumbHandle404();
} else {
// Called directly, use $_GET params
wfStreamThumb( $wgRequest->getQueryValuesOnly() );
}
$mediawiki = new MediaWiki();
$mediawiki->doPostOutputShutdown();
}
/**
* Handle a thumbnail request via thumbnail file URL
*
* @return void
*/
function wfThumbHandle404() {
global $wgThumbPath;
if ( $wgThumbPath ) {
$relPath = WebRequest::getRequestPathSuffix( $wgThumbPath );
} else {
// Determine the request path relative to the thumbnail zone base
$repo = MediaWikiServices::getInstance()->getRepoGroup()->getLocalRepo();
$baseUrl = $repo->getZoneUrl( 'thumb' );
if ( substr( $baseUrl, 0, 1 ) === '/' ) {
$basePath = $baseUrl;
} else {
$basePath = parse_url( $baseUrl, PHP_URL_PATH );
}
$relPath = WebRequest::getRequestPathSuffix( $basePath );
}
$params = wfExtractThumbRequestInfo( $relPath ); // basic wiki URL param extracting
if ( $params == null ) {
wfThumbError( 400, 'The specified thumbnail parameters are not recognized.' );
return;
}
wfStreamThumb( $params ); // stream the thumbnail
}
/**
* Stream a thumbnail specified by parameters
*
* @param array $params List of thumbnailing parameters. In addition to parameters
* passed to the MediaHandler, this may also includes the keys:
* f (for filename), archived (if archived file), temp (if temp file),
* w (alias for width), p (alias for page), r (ignored; historical),
* rel404 (path for render on 404 to verify hash path correct),
* thumbName (thumbnail name to potentially extract more parameters from
* e.g. 'lossy-page1-120px-Foo.tiff' would add page, lossy and width
* to the parameters)
* @return void
*/
function wfStreamThumb( array $params ) {
global $wgVaryOnXFP;
$headers = []; // HTTP headers to send
$fileName = $params['f'] ?? '';
// Backwards compatibility parameters
if ( isset( $params['w'] ) ) {
$params['width'] = $params['w'];
unset( $params['w'] );
}
if ( isset( $params['width'] ) && substr( $params['width'], -2 ) == 'px' ) {
// strip the px (pixel) suffix, if found
$params['width'] = substr( $params['width'], 0, -2 );
}
if ( isset( $params['p'] ) ) {
$params['page'] = $params['p'];
}
// Is this a thumb of an archived file?
$isOld = ( isset( $params['archived'] ) && $params['archived'] );
unset( $params['archived'] ); // handlers don't care
// Is this a thumb of a temp file?
$isTemp = ( isset( $params['temp'] ) && $params['temp'] );
unset( $params['temp'] ); // handlers don't care
$services = MediaWikiServices::getInstance();
// Some basic input validation
$fileName = strtr( $fileName, '\\/', '__' );
$localRepo = $services->getRepoGroup()->getLocalRepo();
// Actually fetch the image. Method depends on whether it is archived or not.
if ( $isTemp ) {
$repo = $localRepo->getTempRepo();
$img = new UnregisteredLocalFile( null, $repo,
# Temp files are hashed based on the name without the timestamp.
# The thumbnails will be hashed based on the entire name however.
# @todo fix this convention to actually be reasonable.
$repo->getZonePath( 'public' ) . '/' . $repo->getTempHashPath( $fileName ) . $fileName
);
} elseif ( $isOld ) {
// Format is <timestamp>!<name>
$bits = explode( '!', $fileName, 2 );
if ( count( $bits ) != 2 ) {
wfThumbError( 404, wfMessage( 'badtitletext' )->parse() );
return;
}
$title = Title::makeTitleSafe( NS_FILE, $bits[1] );
if ( !$title ) {
wfThumbError( 404, wfMessage( 'badtitletext' )->parse() );
return;
}
$img = $localRepo->newFromArchiveName( $title, $fileName );
} else {
$img = $localRepo->newFile( $fileName );
}
// Check the source file title
if ( !$img ) {
wfThumbError( 404, wfMessage( 'badtitletext' )->parse() );
return;
}
// Check permissions if there are read restrictions
$varyHeader = [];
if ( !$services->getGroupPermissionsLookup()->groupHasPermission( '*', 'read' ) ) {
$authority = RequestContext::getMain()->getAuthority();
$imgTitle = $img->getTitle();
if ( !$imgTitle || !$authority->authorizeRead( 'read', $imgTitle ) ) {
wfThumbError( 403, 'Access denied. You do not have permission to access ' .
'the source file.' );
return;
}
$headers[] = 'Cache-Control: private';
$varyHeader[] = 'Cookie';
}
// Check if the file is hidden
if ( $img->isDeleted( File::DELETED_FILE ) ) {
wfThumbErrorText( 404, "The source file '$fileName' does not exist." );
return;
}
// Do rendering parameters extraction from thumbnail name.
if ( isset( $params['thumbName'] ) ) {
$params = wfExtractThumbParams( $img, $params );
}
if ( $params == null ) {
wfThumbError( 400, 'The specified thumbnail parameters are not recognized.' );
return;
}
// Check the source file storage path
if ( !$img->exists() ) {
$redirectedLocation = false;
if ( !$isTemp ) {
// Check for file redirect
// Since redirects are associated with pages, not versions of files,
// we look for the most current version to see if its a redirect.
$possRedirFile = $localRepo->findFile( $img->getName() );
if ( $possRedirFile && $possRedirFile->getRedirected() !== null ) {
$redirTarget = $possRedirFile->getName();
$targetFile = $localRepo->newFile( Title::makeTitleSafe( NS_FILE, $redirTarget ) );
if ( $targetFile->exists() ) {
$newThumbName = $targetFile->thumbName( $params );
if ( $isOld ) {
/** @var array $bits */
$newThumbUrl = $targetFile->getArchiveThumbUrl(
$bits[0] . '!' . $targetFile->getName(), $newThumbName );
} else {
$newThumbUrl = $targetFile->getThumbUrl( $newThumbName );
}
$redirectedLocation = wfExpandUrl( $newThumbUrl, PROTO_CURRENT );
}
}
}
if ( $redirectedLocation ) {
// File has been moved. Give redirect.
$response = RequestContext::getMain()->getRequest()->response();
$response->statusHeader( 302 );
$response->header( 'Location: ' . $redirectedLocation );
$response->header( 'Expires: ' .
gmdate( 'D, d M Y H:i:s', time() + 12 * 3600 ) . ' GMT' );
if ( $wgVaryOnXFP ) {
$varyHeader[] = 'X-Forwarded-Proto';
}
if ( count( $varyHeader ) ) {
$response->header( 'Vary: ' . implode( ', ', $varyHeader ) );
}
$response->header( 'Content-Length: 0' );
return;
}
// If its not a redirect that has a target as a local file, give 404.
wfThumbErrorText( 404, "The source file '$fileName' does not exist." );
return;
} elseif ( $img->getPath() === false ) {
wfThumbErrorText( 400, "The source file '$fileName' is not locally accessible." );
return;
}
// Check IMS against the source file
// This means that clients can keep a cached copy even after it has been deleted on the server
if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
// Fix IE brokenness
$imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] );
// Calculate time
AtEase::suppressWarnings();
$imsUnix = strtotime( $imsString );
AtEase::restoreWarnings();
if ( wfTimestamp( TS_UNIX, $img->getTimestamp() ) <= $imsUnix ) {
HttpStatus::header( 304 );
return;
}
}
$rel404 = $params['rel404'] ?? null;
unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER
unset( $params['f'] ); // We're done with 'f' parameter.
unset( $params['rel404'] ); // moved to $rel404
// Get the normalized thumbnail name from the parameters...
try {
$thumbName = $img->thumbName( $params );
if ( !strlen( $thumbName ?? '' ) ) { // invalid params?
throw new MediaTransformInvalidParametersException(
'Empty return from File::thumbName'
);
}
$thumbName2 = $img->thumbName( $params, File::THUMB_FULL_NAME ); // b/c; "long" style
} catch ( MediaTransformInvalidParametersException $e ) {
wfThumbError(
400,
'The specified thumbnail parameters are not valid: ' . $e->getMessage()
);
return;
}
// For 404 handled thumbnails, we only use the base name of the URI
// for the thumb params and the parent directory for the source file name.
// Check that the zone relative path matches up so CDN caches won't pick
// up thumbs that would not be purged on source file deletion (T36231).
if ( $rel404 !== null ) { // thumbnail was handled via 404
if ( rawurldecode( $rel404 ) === $img->getThumbRel( $thumbName ) ) {
// Request for the canonical thumbnail name
} elseif ( rawurldecode( $rel404 ) === $img->getThumbRel( $thumbName2 ) ) {
// Request for the "long" thumbnail name; redirect to canonical name
$response = RequestContext::getMain()->getRequest()->response();
$response->statusHeader( 301 );
$response->header( 'Location: ' .
wfExpandUrl( $img->getThumbUrl( $thumbName ), PROTO_CURRENT ) );
$response->header( 'Expires: ' .
gmdate( 'D, d M Y H:i:s', time() + 7 * 86400 ) . ' GMT' );
if ( $wgVaryOnXFP ) {
$varyHeader[] = 'X-Forwarded-Proto';
}
if ( count( $varyHeader ) ) {
$response->header( 'Vary: ' . implode( ', ', $varyHeader ) );
}
return;
} else {
wfThumbErrorText( 404, "The given path of the specified thumbnail is incorrect;
expected '" . $img->getThumbRel( $thumbName ) . "' but got '" .
rawurldecode( $rel404 ) . "'." );
return;
}
}
$dispositionType = isset( $params['download'] ) ? 'attachment' : 'inline';
// Suggest a good name for users downloading this thumbnail
$headers[] =
'Content-Disposition: ' . $img->getThumbDisposition( $thumbName, $dispositionType );
if ( count( $varyHeader ) ) {
$headers[] = 'Vary: ' . implode( ', ', $varyHeader );
}
// Stream the file if it exists already...
$thumbPath = $img->getThumbPath( $thumbName );
if ( $img->getRepo()->fileExists( $thumbPath ) ) {
$starttime = microtime( true );
$status = $img->getRepo()->streamFileWithStatus( $thumbPath, $headers );
$streamtime = microtime( true ) - $starttime;
if ( $status->isOK() ) {
$services->getStatsdDataFactory()->timing(
'media.thumbnail.stream', $streamtime
);
} else {
wfThumbError( 500, 'Could not stream the file', null, [ 'file' => $thumbName,
'path' => $thumbPath, 'error' => $status->getWikiText( false, false, 'en' ) ] );
}
return;
}
$authority = RequestContext::getMain()->getAuthority();
$status = PermissionStatus::newEmpty();
if ( !wfThumbIsStandard( $img, $params )
&& !$authority->authorizeAction( 'renderfile-nonstandard', $status )
) {
$statusFormatter = $services->getFormatterFactory()
->getStatusFormatter( RequestContext::getMain() );
wfThumbError( 429, $statusFormatter->getHTML( $status ) );
return;
} elseif ( !$authority->authorizeAction( 'renderfile', $status ) ) {
$statusFormatter = $services->getFormatterFactory()
->getStatusFormatter( RequestContext::getMain() );
wfThumbError( 429, $statusFormatter->getHTML( $status ) );
return;
}
$thumbProxyUrl = $img->getRepo()->getThumbProxyUrl();
if ( strlen( $thumbProxyUrl ?? '' ) ) {
wfProxyThumbnailRequest( $img, $thumbName );
// No local fallback when in proxy mode
return;
} else {
// Generate the thumbnail locally
[ $thumb, $errorMsg ] = wfGenerateThumbnail( $img, $params, $thumbName, $thumbPath );
}
/** @var MediaTransformOutput|MediaTransformError|bool $thumb */
// Check for thumbnail generation errors...
$msg = wfMessage( 'thumbnail_error' );
$errorCode = 500;
if ( !$thumb ) {
$errorMsg = $errorMsg ?: $msg->rawParams( 'File::transform() returned false' )->escaped();
if ( $errorMsg instanceof MessageSpecifier &&
$errorMsg->getKey() === 'thumbnail_image-failure-limit'
) {
$errorCode = 429;
}
} elseif ( $thumb->isError() ) {
$errorMsg = $thumb->getHtmlMsg();
$errorCode = $thumb->getHttpStatusCode();
} elseif ( !$thumb->hasFile() ) {
$errorMsg = $msg->rawParams( 'No path supplied in thumbnail object' )->escaped();
} elseif ( $thumb->fileIsSource() ) {
$errorMsg = $msg
->rawParams( 'Image was not scaled, is the requested width bigger than the source?' )
->escaped();
$errorCode = 400;
}
if ( $errorMsg !== false ) {
wfThumbError( $errorCode, $errorMsg, null, [ 'file' => $thumbName, 'path' => $thumbPath ] );
} else {
// Stream the file if there were no errors
$status = $thumb->streamFileWithStatus( $headers );
if ( !$status->isOK() ) {
wfThumbError( 500, 'Could not stream the file', null, [
'file' => $thumbName, 'path' => $thumbPath,
'error' => $status->getWikiText( false, false, 'en' ) ] );
}
}
}
/**
* Proxies thumbnail request to a service that handles thumbnailing
*
* @param File $img
* @param string $thumbName
*/
function wfProxyThumbnailRequest( $img, $thumbName ) {
$thumbProxyUrl = $img->getRepo()->getThumbProxyUrl();
// Instead of generating the thumbnail ourselves, we proxy the request to another service
$thumbProxiedUrl = $thumbProxyUrl . $img->getThumbRel( $thumbName );
$req = MediaWikiServices::getInstance()->getHttpRequestFactory()->create( $thumbProxiedUrl );
$secret = $img->getRepo()->getThumbProxySecret();
// Pass a secret key shared with the proxied service if any
if ( strlen( $secret ?? '' ) ) {
$req->setHeader( 'X-Swift-Secret', $secret );
}
// Send request to proxied service
$req->execute();
\MediaWiki\Request\HeaderCallback::warnIfHeadersSent();
// Simply serve the response from the proxied service as-is
header( 'HTTP/1.1 ' . $req->getStatus() );
$headers = $req->getResponseHeaders();
foreach ( $headers as $key => $values ) {
foreach ( $values as $value ) {
header( $key . ': ' . $value, false );
}
}
echo $req->getContent();
}
/**
* Actually try to generate a new thumbnail
*
* @param File $file
* @param array $params
* @param string $thumbName
* @param string $thumbPath
* @return array (MediaTransformOutput|bool, string|bool error message HTML)
*/
function wfGenerateThumbnail( File $file, array $params, $thumbName, $thumbPath ) {
global $wgAttemptFailureEpoch;
$cache = ObjectCache::getLocalClusterInstance();
$key = $cache->makeKey(
'attempt-failures',
$wgAttemptFailureEpoch,
$file->getRepo()->getName(),
$file->getSha1(),
md5( $thumbName )
);
// Check if this file keeps failing to render
if ( $cache->get( $key ) >= 4 ) {
return [ false, wfMessage( 'thumbnail_image-failure-limit', 4 ) ];
}
$done = false;
// Record failures on PHP fatals in addition to caching exceptions
register_shutdown_function( static function () use ( $cache, &$done, $key ) {
if ( !$done ) { // transform() gave a fatal
// Randomize TTL to reduce stampedes
$cache->incrWithInit( $key, $cache::TTL_HOUR + mt_rand( 0, 300 ) );
}
} );
$thumb = false;
$errorHtml = false;
// guard thumbnail rendering with PoolCounter to avoid stampedes
// expensive files use a separate PoolCounter config so it is possible
// to set up a global limit on them
if ( $file->isExpensiveToThumbnail() ) {
$poolCounterType = 'FileRenderExpensive';
} else {
$poolCounterType = 'FileRender';
}
// Thumbnail isn't already there, so create the new thumbnail...
try {
$work = new PoolCounterWorkViaCallback( $poolCounterType, sha1( $file->getName() ),
[
'doWork' => static function () use ( $file, $params ) {
return $file->transform( $params, File::RENDER_NOW );
},
'doCachedWork' => static function () use ( $file, $params, $thumbPath ) {
// If the worker that finished made this thumbnail then use it.
// Otherwise, it probably made a different thumbnail for this file.
return $file->getRepo()->fileExists( $thumbPath )
? $file->transform( $params, File::RENDER_NOW )
: false; // retry once more in exclusive mode
},
'error' => static function ( Status $status ) {
return wfMessage( 'generic-pool-error' )->parse() . '<hr>' . $status->getHTML();
}
]
);
$result = $work->execute();
if ( $result instanceof MediaTransformOutput ) {
$thumb = $result;
} elseif ( is_string( $result ) ) { // error
$errorHtml = $result;
}
} catch ( Exception $e ) {
// Tried to select a page on a non-paged file?
}
/** @noinspection PhpUnusedLocalVariableInspection */
$done = true; // no PHP fatal occurred
if ( !$thumb || $thumb->isError() ) {
// Randomize TTL to reduce stampedes
$cache->incrWithInit( $key, $cache::TTL_HOUR + mt_rand( 0, 300 ) );
}
return [ $thumb, $errorHtml ];
}
/**
* Convert pathinfo type parameter, into normal request parameters
*
* So for example, if the request was redirected from
* /w/images/thumb/a/ab/Foo.png/120px-Foo.png. The $thumbRel parameter
* of this function would be set to "a/ab/Foo.png/120px-Foo.png".
* This method is responsible for turning that into an array
* with the following keys:
* * f => the filename (Foo.png)
* * rel404 => the whole thing (a/ab/Foo.png/120px-Foo.png)
* * archived => 1 (If the request is for an archived thumb)
* * temp => 1 (If the file is in the "temporary" zone)
* * thumbName => the thumbnail name, including parameters (120px-Foo.png)
*
* Transform specific parameters are set later via wfExtractThumbParams().
*
* @param string $thumbRel Thumbnail path relative to the thumb zone
* @return array|null Associative params array or null
*/
function wfExtractThumbRequestInfo( $thumbRel ) {
$repo = MediaWikiServices::getInstance()->getRepoGroup()->getLocalRepo();
$hashDirReg = $subdirReg = '';
$hashLevels = $repo->getHashLevels();
for ( $i = 0; $i < $hashLevels; $i++ ) {
$subdirReg .= '[0-9a-f]';
$hashDirReg .= "$subdirReg/";
}
// Check if this is a thumbnail of an original in the local file repo
if ( preg_match( "!^((archive/)?$hashDirReg([^/]*)/([^/]*))$!", $thumbRel, $m ) ) {
[ /*all*/, $rel, $archOrTemp, $filename, $thumbname ] = $m;
// Check if this is a thumbnail of a temp file in the local file repo
} elseif ( preg_match( "!^(temp/)($hashDirReg([^/]*)/([^/]*))$!", $thumbRel, $m ) ) {
[ /*all*/, $archOrTemp, $rel, $filename, $thumbname ] = $m;
} else {
return null; // not a valid looking thumbnail request
}
$params = [ 'f' => $filename, 'rel404' => $rel ];
if ( $archOrTemp === 'archive/' ) {
$params['archived'] = 1;
} elseif ( $archOrTemp === 'temp/' ) {
$params['temp'] = 1;
}
$params['thumbName'] = $thumbname;
return $params;
}
/**
* Convert a thumbnail name (122px-foo.png) to parameters, using
* file handler.
*
* @param File $file File object for file in question
* @param array $params Array of parameters so far
* @return array|null Parameters array with more parameters, or null
*/
function wfExtractThumbParams( $file, $params ) {
if ( !isset( $params['thumbName'] ) ) {
throw new InvalidArgumentException( "No thumbnail name passed to wfExtractThumbParams" );
}
$thumbname = $params['thumbName'];
unset( $params['thumbName'] );
// FIXME: Files in the temp zone don't set a MIME type, which means
// they don't have a handler. Which means we can't parse the param
// string. However, not a big issue as what good is a param string
// if you have no handler to make use of the param string and
// actually generate the thumbnail.
$handler = $file->getHandler();
// Based on UploadStash::parseKey
$fileNamePos = strrpos( $thumbname, $params['f'] );
if ( $fileNamePos === false ) {
// Maybe using a short filename? (see FileRepo::nameForThumb)
$fileNamePos = strrpos( $thumbname, 'thumbnail' );
}
if ( $handler && $fileNamePos !== false ) {
$paramString = substr( $thumbname, 0, $fileNamePos - 1 );
$extraParams = $handler->parseParamString( $paramString );
if ( $extraParams !== false ) {
return $params + $extraParams;
}
}
// As a last ditch fallback, use the traditional common parameters
if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) {
[ /* all */, /* pagefull */, $pagenum, $size ] = $matches;
$params['width'] = $size;
if ( $pagenum ) {
$params['page'] = $pagenum;
}
return $params; // valid thumbnail URL
}
return null;
}
/**
* Output a thumbnail generation error message
*
* @param int $status
* @param string $msgText Plain text (will be html escaped)
* @return void
*/
function wfThumbErrorText( $status, $msgText ) {
wfThumbError( $status, htmlspecialchars( $msgText, ENT_NOQUOTES ) );
}
/**
* Output a thumbnail generation error message
*
* @param int $status
* @param string $msgHtml HTML
* @param string|null $msgText Short error description, for internal logging. Defaults to $msgHtml.
* Only used for HTTP 500 errors.
* @param array $context Error context, for internal logging. Only used for HTTP 500 errors.
* @return void
*/
function wfThumbError( $status, $msgHtml, $msgText = null, $context = [] ) {
global $wgShowHostnames;
\MediaWiki\Request\HeaderCallback::warnIfHeadersSent();
if ( headers_sent() ) {
LoggerFactory::getInstance( 'thumbnail' )->error(
'Error after output had been started. Output may be corrupt or truncated. ' .
'Original error: ' . ( $msgText ?: $msgHtml ) . " (Status $status)",
$context
);
return;
}
header( 'Cache-Control: no-cache' );
header( 'Content-Type: text/html; charset=utf-8' );
if ( $status == 400 || $status == 404 || $status == 429 ) {
HttpStatus::header( $status );
} elseif ( $status == 403 ) {
HttpStatus::header( 403 );
header( 'Vary: Cookie' );
} else {
LoggerFactory::getInstance( 'thumbnail' )->error( $msgText ?: $msgHtml, $context );
HttpStatus::header( 500 );
}
if ( $wgShowHostnames ) {
header( 'X-MW-Thumbnail-Renderer: ' . wfHostname() );
$url = htmlspecialchars(
$_SERVER['REQUEST_URI'] ?? '',
ENT_NOQUOTES
);
$hostname = htmlspecialchars( wfHostname(), ENT_NOQUOTES );
$debug = "<!-- $url -->\n<!-- $hostname -->\n";
} else {
$debug = '';
}
$content = <<<EOT
<!DOCTYPE html>
<html><head>
<meta charset="UTF-8" />
<title>Error generating thumbnail</title>
</head>
<body>
<h1>Error generating thumbnail</h1>
<p>
$msgHtml
</p>
$debug
</body>
</html>
EOT;
header( 'Content-Length: ' . strlen( $content ) );
echo $content;
}
( new ThumbnailEntryPoint(
RequestContext::getMain(),
new EntryPointEnvironment(),
MediaWikiServices::getInstance()
) )->run();

18
thumb_handler.php
View file

@ -8,6 +8,8 @@
* if it was a request to thumb.php with the relevant query parameters filled
* out. See also $wgGenerateThumbnailOnParse.
*
* @see thumb.php
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
@ -28,9 +30,17 @@
* @ingroup Media
*/
define( 'THUMB_HANDLER', true );
use MediaWiki\EntryPointEnvironment;
use MediaWiki\FileRepo\Thumbnail404EntryPoint;
use MediaWiki\MediaWikiServices;
define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
define( 'MW_ENTRY_POINT', 'thumb_handler' );
// Execute thumb.php, having set THUMB_HANDLER so that
// it knows to extract params from a thumbnail file URL.
require __DIR__ . '/thumb.php';
require __DIR__ . '/includes/WebStart.php';
( new Thumbnail404EntryPoint(
RequestContext::getMain(),
new EntryPointEnvironment(),
MediaWikiServices::getInstance()
) )->run();