Previously, if the cache integrity check failed then it would emit a
warning but then continue to use the code. The integrity check could
genuinely fail if the secret key was changed, if the cache was
truncated, or other edge case scenarios.
Now TemplateParser will recompile if the cache fails the integrity
check, and then update the cache with the newly compiled version.
Bug: T163154
Change-Id: I9a6c8d528f84cfbabf402cfaf6468c162fab1f15
In practise this probably doesn't matter, since template names
are not user controlled, and php isn't stupid enough to fall for
tricks with nulls (afaict). Nonetheless, the code from Title is
only meant to prevent url traversal, it is not meant to prevent
file system path traversal.
Change-Id: Id690576326d03744acc8fbbe78f4b7a4b4c04d7e
Also:
* Use ternary shorthand.
* Remove verbose comment about APC fallback. APC always requires
a fallback and is enforced by the method being called. Stating
the obvious is confusing here.
Change-Id: Ie5cb3bdc60600806b01b57f1f1b352b981818b0d
This is sufficient to make https://gerrit.wikimedia.org/r/#/c/223165/
work. It hardcodes .mustache as the extension, but so does
existing getTemplateFilename().
Bug: T97188
Change-Id: Id588ae9b43b13fcf35ebd285c826dd502ac424ec
All of the other functions expose internal implementation details, which no
external caller should ever need. In fact, no external caller does use these
functions directly.
The TemplateParser::compile() tests were removed as they're simply just
checking LightnCandy functionality, which is something the library should be
doing.
Change-Id: If9003d40315e0e5aa361c174b764b799e3b88c34
Also add regression test, and coverage for more methods.
Was trying to eval the code which had the hmac integrity check in front of it,
which causes a syntax error in valid PHP code.
Follows-up db1866da4, 50c50bea2e.
Bug: T93436
Bug: T93511
Change-Id: Ie90074e4885de7340e53f59fdd479f5384b5eac6
In the unlikely event that no secret key is available, we shouldn't
rely on the cache at all in TemplateParser.
Adding new compileForEval() function and and moving eval() outside
of if statement to prevent code duplication.
Also, if the template fails integrity check, generate a notice
instead of throwing an exception in case we change the secret key.
Change-Id: Id44fdcc9533fc8a9c77e84fcebaa064f602477c6
The TemplateParser class provides a server-side interface to cachable
dynamically-compiled Mustache templates. It currently uses the
lightncandy library to do compilation (which is already included in
the vendor repo).
Also converting NoLocalSettings.php to use it as a proof-of-concept.
Bug: T379
Change-Id: I28cd13d4d1132bd386e2ae2f4f0d1dd88ad9162b
