Folllows-up I4c2d478b492ff17.
* MW_ENTRY_POINT can only be undefined in very early WebStart/Setup
code. In code outside those files, and by the time MW_SETUP_CALLBACK
OutputHandler run, this is always filled in to at least "unknown".
* Inline extra code to the less common conditional block.
Bug: T290776
Change-Id: Ia7fa6cb0ff156ed6cb0212443ac3a97c91982d4b
The config variable check from 6c81f0b868d2 needed a negation.
The phase check from 374bdc0f7c should have been a conjuction.
Also add some debug logging statements.
Follow-up to 6c81f0b868d2 and 374bdc0f7c.
Bug: T290776
Change-Id: I4c2d478b492ff17bdad76bf75119b5926f7917e8
Replace the global variable hack in wfResetOutputBuffers() with a check
for the PHP_OUTPUT_HANDLER_CLEAN flag in the $phase parameter, available
since PHP 5.4.0. Aaron's Content-Length patch will work if applied on top
of this.
Bug: T278579
Change-Id: I9ec12f499821826038a39ebe94eed136f123b078
This fixes problem that arise with apache2/mod_php due to deferred updates
* Do not send unnecessary and invalid "Content-Encoding: identity" header
* Do not send "Connection: close" if HTTP2 is detected (per the HTTP spec)
pending, which reduces the use of output buffer and HTTP header tricks
* Make sure that no output is emitted in doPostOutputShutdown() from any
deferred updates since the response will have already been flushed to
the client by that point
* Make the Content-Length header logic in outputResponsePayload() account
for cases where there is a non-empty output buffer, cases where there
are several output buffers (bail out), and limit the use of the header
to HTTP 200/404 responses (avoids violation of the HTTP spec)
* Make sure OutputHandler::handle() does not send payloads for responses
that must not have one (e.g. "204 No Content")
* If an output buffer using OutputHandler::handle is active, then let it
handle the setting of Content-Length rather than outputResponsePayload()
* Do not bother trying to disable zlib.output_compression, since that did
not actually stop the client from getting blocked
* Set "no-gzip" via apache_setenv() unconditionally
Bug: T235554
Change-Id: I26f16457698c2c45e561b0c79c78a74e7f47126c
No need for three or more slashes
Except in some places where a bunch more are
used for drawing attention to something
Change-Id: Ic90358eb89a14a04d2b66c48e52e8fb20de0eb04
A terminating line break has not been required in wfDebug() since 2014,
however no migration was done. Some of these line breaks found their way
into LoggerInterface::debug() calls, where they mess up the formatting
of the debug log.
So, remove terminating line breaks from wfDebug() and
LoggerInterface::debug() calls.
Also:
* Fix the stripping of leading line breaks from the log header emitted
by Setup.php. This feature, accidentally broken in 2014, allows
requests to be distinguished in the log file.
* Avoid using the global variable $self.
* Move the logging of the client IP back to Setup.php. It was moved to
WebRequest in the hopes that it would not always be needed, however
$wgRequest->getIP() is now called unconditionally a few lines up in
Setup.php. This means that it is put in its proper place after the
"start request" message.
* Wrap the log header code in a closure so that variables like $name do
not leak into global scope.
* In Linker.php, remove a few instances of an unnecessary second
parameter to wfDebug().
Change-Id: I96651d3044a95b9d210b51cb8368edc76bebbb9e
These implemented a since-abandoned draft IETF spec, and the code was
broken due to (1) case-(in)sensitivity issues with the Accept-Language
header and (2) the BCP47 language code compatibility workaround we use.
Change-Id: Ia53d07cd8ce8ab1497294ea244c13c7499f632c7
The nice thing about explode() is that the resulting array is
guaranteed to contain at least one element. The array can not be
empty.
In some of these cases it might be possible to use strstr() instead,
but that returns an empty string when the needle character is not
found. explode() returns the original string in this case.
Change-Id: I6ad1f3273defeaf36e2305fd871eaaf9d3c1e134
* Convert OutputHandler.php from global functions to a class.
- wfOutputHandler → OutputHandler::handle
(no alias, no usage outside core)
- wfGzipHandler → OutputHandler::handleGzip
(private, no usage outside class)
- wfRequestExtension → OutputHandler::findUriExtension
(private, no usage outside class)
- wfMangleFlashPolicy → OutputHandler::mangleFlashPolicy
(private, no usage outside class)
- wfDoContentLength → OutputHandler::emitContentLength
(private, no usage outside class)
- wfHtmlValidationHandler → OutputHandler::validateAllHtml
(private, no usage outside class)
* Add the class to autoload.php for exposure outside WebStart.
Specifically, for use in ApiFormatPhpTest. This also removes the
need to manually load the class because this code runs after
Setup.php loads AutoLoader.php.
Bug: T189966
Change-Id: I27a41ec0ae0ee30aeb313a616323b967605c4055
Take into account that the tag might have parameters.
Bug: T123653
Change-Id: Ie9799f5ea45badfb4e7b4be7e7fbc1c35cc86f26
Signed-off-by: Chad Horohoe <chadh@wikimedia.org>
MediaWiki currently has support for a header called X-Vary-Options
(XVO), used to communicate to upstream caches more granular cache
variance options than the Vary header can.
The header was envisioned by Tim Starling back in 2008 and implemented
into MediaWiki and Squid 2.0, with those patches submitted to the
squid-dev mailing list at the time:
http://www.squid-cache.org/mail-archive/squid-dev/200802/0085.html
The patches never actually made it into an upstream Squid release,
however, and Squid has since evolved in potentially significant ways.
Wikimedia has since switched to Varnish but XVO was not ported over as
it was deemed too complex at the time; custom VCL was used instead. To
our knowledge, noone else is using XVO in production and certainly not
with recent, up-to-date MediaWiki releases.
There is currently work at IETF's httpbis working group for a "Key"
header that is in concept and implementation very similar to Tim's XVO
header: https://datatracker.ietf.org/doc/draft-fielding-http-key/
Rather than rip XVO out of MediaWiki, replace it with support for the
Key header, as preliminary defined by the draft spec. This is an almost
straight search-and-replace.
No other software (caching proxy or user-agent) currently implements Key
to my knowledge, so this is essentially untested.
Change-Id: I949fc289dd5d48bd34f3b37f7739e2b9cd5db277
Add $wgMangleFlashPolicy so sites that define a safe master flash
policy can disable mangling of the <cross-domain-policy> string.
Bug: 66776
Change-Id: Ic0db939aae9d0bb6bdfc3cd9ce282661bad46783
Swapped some "$var type" to "type $var" or added missing types
before the $var. Changed some other types to match the more common
spelling. Makes beginning of some text in captial.
Also added some missing @param.
Change-Id: I7f605aa9e117b5fd80d9b1440864fe526d2b14a5
* $wgHtml5 = false; is now ignored completely.
* $wgDocType and $wgDTD have been removed.
* $wgXhtmlDefaultNamespace is now ignored.
* XHTML5 will be output if $wgMimeType is set to an XML mime type (according to HTML5's rules).
* For backwards compatibility with extensions $wgHtml5 and $wgXhtmlDefaultNamespace are set
in Setup.php but depending on them is deprecated.
Change-Id: Iad9634e2ee420b5a3bbffe550421fde4fa1819b0
* Ran spell-checker over code comments in /includes/
* A few spellchecking fixes for wfDebug() calls
Found one very strange (NOOP?) line in Linker.php - see "TODO: BUG?"
Change-Id: Ibb86b51073b980eda9ecce2cf0b8dd33f058adbf
$wgUseGzip check on wfClientAcceptsGzip() is removed since HTMLFileCache (the only wfClientAcceptsGzip() user) already checked that before calling it. This way, $wgUseGzip stays applying only for file cache, and $wgDisableOutputCompression for output handler.
wfGzipHandler should use wfClientAcceptsGzip() instead of reimplementing it. Patch does this and removes the $wgUseGzip check on wfClientAcceptsGzip() since HTMLFileCache (the only wfClientAcceptsGzip() user) already checked that before calling it. This way $wgUseGzip stays applying only for file cache, and $wgDisableOutputCompression for output handler.
* Refactored Tidy function in a new class, MWTidy
* Only added Parser::tidy() for b/c, Parser::internalTidy() and Parser::externalTidy() were marked as private and are unused in core and extensions
* Added RELEASE-NOTES entry
* Used the new functions in the relevant places throughout the core. Where this was not possible, used wfMsgNoTrans() to avoid double-parsing.
* Calling wfEscapeWikiText() on a title before passing it to a message is unnecessary and causes bugs. The best idea is to let the message do its own escaping. Removed wfEscapeWikiText() from the caller of addedwatchtext, removedwatchtext, deletedtext, protect-text, nosuchusershort and movepage-moved. Updated all message files to use <nowiki>$1</nowiki> where appropriate in these messages.
* Removed unnecessary empty message handling from semiprotectedpagewarning
* Removed nonsense warning about the output of wfMsg() not being safe for inclusion in HTML.
* Changed wfShellExec() to use passthru/ob_get_contents instead of exec(). This avoids corruption of whitespace in the response.
* Added $wgValidateAllHtml feature, to optionally validate HTML on output.
* Fixed missing newline in cascadeprotected in MessagesEn.php
* Belatedly updated addedwatchtext to take account of the new "monobook" skin. No unwatch link in the sidebar anymore.
