Extensions shouldn't be calling this, just the Parser, so make it
protected. And since the only caller passes an empty array for $query,
we can just remove it entirely.
Change-Id: I3adbcaabbb40870eb3df1495c3c2743ff21f0c64
noreferrer is used as support for noopener is very limited.
This is to prevent the attack detailed at
https://mathiasbynens.github.io/rel-noopener/ where you can
navigate the parent window, even if the new window is a cross-origin.
Bug: T133507
Change-Id: I6e4ab938861e246ff44048077b94847e303f1859
Signed-off-by: Chad Horohoe <chadh@wikimedia.org>
Strip markers get substituted for general html, which means the
substitution text general does not escape quote characters. If
someone can convince MW to put a strip marker in an attribute,
you can get around escaping requirements that way. This patch
adds the characters `"' to the strip marker text. At least one
of these characters should be escaped inside attributes (regardless
of what quote character you use for attributes), thus normal html
escaping will deactivate the strip markers, preventing the
vulnrability.
This will break any extension that escapes input with htmlspecialchars,
to add to html/half parsed html output, but assumes that strip markers
are unmangled. I don't think its very common to do this. The primary
example I found was some core usages of Xml::escapeTagsOnly(). (And
even in that case, it only affected the corner case of being called
via {{#tag:..}})
Based on MatmaRex's suggestion.
Change-Id: If887065e12026530f36e5f35dd7ab0831d313561
Signed-off-by: Chad Horohoe <chadh@wikimedia.org>
It's independent of the rest of the Parser, but quite intrusive, with
its own instance variables and several private functions. It's also
pretty big (500 lines).
I removed a few functions from Parser here which were always marked
@private in the doc comment, but were inappropriately marked
"public" in the function declaration after migration to PHP 5. I grepped
core and deployed extensions and found no callers.
The helper functions are now all private, and the constructor is
private, with just a single public static entry point, reflecting
the self-contained nature of the module and its lack of hooks.
Change-Id: I1693ed48a9194719611b4afd9d989d44f0610f8d
* 55313f4e almost got it right, but missed the str_replacing table
headings.
* Thankfully, this was doubly broken before that patch since the
StringUtils::explodeMarkup would have skipped the || which would
go on to be explode by table cell attribute parsing. The test case
provided would look like,
<table>
<tr>
<th class="">|">ha</div> ho
</th></tr></table>
Suffice it to say, noone is using this in production.
* Note that we can't just entity encode the ! since that would break
style attributes with !important.
* Also note, Parsoid already gets this right.
* Adds a StringUtils::replaceMarkup
Change-Id: Iab3ae4518fcb307b795d57eece420ba48af0a3bf
I searched for /\$(\S+) = (.+?\(.*?\);)\n.*?\$\1\[/, ignored
everything involving isset(), unset() or array assigments, then
skimmed through the remaining results and changed things where they
made sense. These changes were not automated, so please review them.
Change-Id: Ib37b4c66fc57648470f151ad412210b3629c2538
* At that point, element attributes are already escaped so it serves no
purpose. Before `doTableStuff` is called, `Sanitizer::removeHTMLtags`
has been invoked which calls `Sanitizer::fixTagAttributes` which
calls `Sanitizer::safeEncodeTagAttributes` and finally gets down to
`Sanitizer::safeEncodeAttribute`, with the goal of "extra armoring
against further wiki processing."
Change-Id: Ieeb9b21148c2909eb839d13195d7d10012b48e3b
* Currently, for images:
[[File:Foobar.jpg|hi|alt=100|ho]]
caption: ho
but for galleries:
<gallery>
File:Foobar.jpg|hi|alt=100|ho
</gallery>
caption: hi|ho
* This patch brings some consistency to them.
Change-Id: I3b73189b27cc35fade4809477cf18779b953aa3b
It is desirable in terms of user-friendly syntax to display an empty
list item if the user adds one to the source. However, we suspect that
this change will break the rendering of existing templates. So, preserve
the empty <li> element, but style it with display:none so that there is
no user-visible change. Changes can then be observed with a user script,
then eventually the CSS can be removed so that the desired behaviour will
be user visible.
This is imagined as a staged deployment of T89331, i.e. it is better to
resolve differences with Html5Depurate one at a time instead of
deploying it all at once.
The CSS module is specified in parser/MWTidy.php since the tidy driver
hierarchy is not meant to be so closely tied to the MW environment.
Bug: T49673
Change-Id: Ifb44b782c617240e3de73dcdf76c8737c7307d94
* Setting mCacheTime to -1 is for old callers that
only check getCacheTime() instead of getCacheExpiry().
Most of them are already broken (WikiLog/SemanticForms) as
they check for -1 which is in fact never returned
due to the TS_MW conversion in Parser::getCacheTime.
* By using -1, the value of page_links_updated can end up
as 1969, which is confusing and broken.
Change-Id: I8809a4258eacff05992a2c27ade7f6a0c1731c51
The warnings are only shown during preview. It seems silly to
split the parser cache for this. There should be no parser cache
pollution to just using the user language without registering it
for use.
See also: 889e988cce
Change-Id: Ib42e8885e23a3c8bef8cf72948359d71254064c3
This doesn't fix all the files under includes/parser -
some of them deserve their own patches.
Bug: T102614
Change-Id: I2fcbc19ee337e1b7db4635b5e5f324c651b4d144
Move the added module from Parser.php to TraditionalImageGallery,
because there the gallerybox class is added to the html and at the
moment all core image galleries are extending the traditional one.
That brings the styles back for special pages like Special:NewFiles,
Special:MostImages and also on category pages with media files.
Follows Ib1aef04dc4fece78e6615386ecaef6a9f368f49e
Bug: T113511
Change-Id: I32697c2c65824d7622c1840330d6074ebb68b488
MWTimestamp::getTimezoneString() returns the timezone name as a message,
that supports wiki localization. The code is moved from Parser::pstPass2.
The default file revert message is currently always in UTC.
This patch sets the default timestamp to be in the wiki timezone (similar
to ~~~~). The timezone is passed as a new parameter to the message, with
the date / time parameters being merged and handled by
$wgContentLang->timeanddate
Bug: T36948
Change-Id: I48772f5f3b1635d33b6185776cedfc4ee1882494
* Split tidy implementations into a class hierarchy
* Bring all tidy configuration into a single associative array and
deprecate the old configuration.
* Remove $wgAlwaysUseTidy
This is preparatory to replacement of Tidy (T89331). I used the name
"Raggett" for things relating to Dave Raggett's Tidy, since if we use
"tidy" to mean the new abstract system as well as Raggett's tidy, it
gets confusing.
Change-Id: I77af1a16cbbb47fc226d05fb9aad56c58e8910b5
The labels are not localized, because I think this ought to be outputted as a
JSON blob, with uniform field names. But not doing that in this patch.
Change-Id: I235839b276632308ddeac7afe763d355b73c2a25
* Double load styling rules in legacy modules so we have time for
cached pages to catch up
** Double loading styles is acceptable for 30 days. There is no better way.
* Load gallery css when gallery tag invoked.
To test:
* Visit a page with a gallery tag and purge it, note styles are present.
* Visit a page without a gallery tag and purge it, note styles are not present
Bug: T98878
Change-Id: Ib1aef04dc4fece78e6615386ecaef6a9f368f49e
This change adds the possibility to enable OOUI out of the parser,
which enabled parser tag functions to easily enable OOUI, if they
need it, for every page view out of the function that handles the
parser tag.
Bug: T106949
Change-Id: If1e139d4f07be98e418e11470794ea42e8a9b2eb
* \s matches the trim on the line.
* Since leading space is ok for table start tags, and you can use them
in ":" context, you should be able to compose the two together.
Bug: T105238
Change-Id: Id08e24e5dd2bb8ca09453adec87b21225df4a840
Non-string input shouldn't be fed into newFromText(). We currently handle this
indirectly with relying on Title to do it. Instead just return earlier and not
try to construct a title from bad input.
Bug: T102321
Change-Id: I9bc96111378d9d4ed5981bffc6f150cbd0c1e331
If someone renames a section but wants old targeted links to still work,
<span id="old-anchor"></span> is the usual solution. And sometimes
people put it inside the section header markup, like
== <span id="old-anchor"></span>New name ==
since putting it before makes it be considered part of the previous section
while putting it after causes the browser to scroll the section header
off the screen.
But this has the unfortunate side effect that the TOC text for that
section will be "<span></span>New name". We should strip that useless
empty span.
Bug: T96153
Change-Id: I47a33ceb79d48f6d0c38fa3b3814a378feb5e31e
