Tim's concerns (listed at
https://bugzilla.wikimedia.org/show_bug.cgi?id=20814#c6) were:
* Lack of Vary: Origin breaks Squid caching
* Vary: Origin on everything would be disastrous, so add an origin param
* Origin header is space-separated list, wasn't treated as such
This commit:
* Remove CORS code from api.php and reimplement it in ApiMain.php
* Add 'origin' parameter to ApiMain
* If 'origin' parameter doesn't match Origin header, send a 403
* If origin is whitelisted, set CORS headers and set Vary: Origin
* Add https?:// to wildcard matching logic, wasn't there but is needed
CORS now works :) you can test it locally as follows:
Set $wgCrossSiteAJAXdomains[] = '*.wikipedia.org';
Log into MediaWiki on localhost
Go to Wikipedia, open a JS console, and run:
$.ajax( {
'url': 'http://localhost/w/api.php',
'data': {
'action': 'query',
'meta': 'userinfo',
'format': 'json',
'origin': 'https://en.wikipedia.org'
// or whichever domain you're on; must be correct!
},
'xhrFields': {
'withCredentials': true
},
'success': function( data ) {
alert( 'Foreign user ' + data.query.userinfo.name +
' (ID ' + data.query.userinfo.id + ')' );
}
} );
Change-Id: I725ce176866d7c81dd9ad6d7bc4a86b7160f2458
The only two usages left since r91590 are php version checks for index/load/api.php, and $wgAPIEnabled check in api.php. Consolidate all of the "bailing for invalid version" into PHPVersionError.php. Leaving $wgAPIEnabled as the only user was silly, so just echo and die like wfDie() would've done
* Added the ability to compile extensions. The build process is bootstrapped by running MediaWiki in interpreted mode. Extension setup file inclusions are slightly modified in a way that makes them register themselves for compilation. Then the same LocalSettings.php uses the compiled extension setup file when the compiled binary runs.
* Tested with Cite and ParserFunctions. The code which lets you have an extensions directory in a place other than $IP/../extensions is untested.
* Simplified WebStart.php slightly by using a custom $_SERVER variable to mark compiled mode. It will break if you don't use the supplied server.conf, but that will break a lot of things so don't do that.
* Fixed the core web entry points to include WebStart.php in compiled mode instead of interpreted.
* Made the build directory configurable. This is mostly so that I can grep the source tree without seeing loads of generated C++.
* In server.conf, added a rewrite rule allowing a /wiki/$1 article path.
* Removed server.conf log file location "/dev/stdout", breaks when you switch user
* Disable static content cache, breaks horribly when you set SourceRoot to a directory containing 7GB of files.
* Rewrote the run-server script in PHP, mostly to support the configurable build directory feature.
* Added an option to the run-server script to allow running in interpreted (hphpi) mode.
* Fix parsing of the three major entry points (index.php, api.php, load.php) back to PHP 4.4.9. We don't care what happens if you actually try to run these files on old versions, but the entry files need to parse correctly.
* consign /includes/templates/PHP4.php and /includes/templates/NoLocalSettings.php to the fiery pit of hell where they belong.
* Prevent loading of any other files for PHP < 5. WebStart.php was rendered unparseable in PHP 4 by the introduction of try/catch blocks in r85327.
* Die outright with a pretty error message on PHP < 5.2.3 as well as PHP 4. All versions of PHP below that throw parse errors of various sorts.
* Reimplement wfDie() to provide an entry-point-dependent die-with-readable-error-message function (for instance, we want a pretty human-readable page in index.php, something wrapped in CSS/JS /*...*/ comment block in load.php, etc).
* Standardise the appearance of the catastrophic errors thrown at the top of the stack with the ones lower down (exception-within-exception, etc). There isn't really a way to do this without duplication, AFAICT.
"I wouldn't object to stylizing the API code to bring it in line with
the rest of MW on principle, but I'm not gonna bother myself." --Roan
<http://www.mediawiki.org/wiki/Special:Code/MediaWiki/60657#c5108>
If you're seeing this commit in blames, tell your blame tool to ignore
whitespace, e.g., git blame -w or svn blame -x -w.
* Refactored the IE script entry point security check into WebRequest::isPathInfoBad(). Use the standard CGI variable PATH_INFO to do this check instead of the various potential non-standard solutions. Made the check fairly permissive to avoid a repeat of bug 13049 due to broken CGI setups especially with cgi.fix_pathinfo=0. This should theoretically be very portable and secure, but I have not tested it widely.
* Removed Chris Wrinn from the credits since his patch was wrong and has been removed.
* Made the error message more informative.
Uses the Access-Control-Allow-Origin header for browsers that support it.
<http://dev.w3.org/2006/waf/access-control/>
$wgCrossSiteAJAXdomains can be set to '*' to allow requests from any domain,
an array of domains to allow, or, if $wgCrossSiteAJAXdomainsRegex is true,
an array of regexes to match against the request origin
* Added full text search in titles and content (list=search)
* (bug 10684) Expanded list=allusers functionality
* Possible breaking change: prop=revisions no longer includes pageid for rvprop=ids
* Bug fix: proper search escaping for SQL LIKE queries.
