This allows the body classes of skins to be customized for anonymous
users. Enable using $wgResourceLoaderClientPreferences = true;
* Only classes of the form <prefix>-(disabled|enabled)
can be toggled.
* For now no client side API is provided as this should not be
considered stable.
* Storage mechanism is cookie, stored under "mwclientprefs"
* Preferences apply to all skins. This means setting a preference
in Vector 2022 would also lead to class manipulation in Minerva.
This is by design to allow for skin-agnostic preferences. Up to
caller to make sure the class being manipulated is limited to the
skin if required ie. don't use generic classes.
* Avoids try/catch and JSON parsing by storaging as a string
* Places inline script before body tag before first stylesheet to
avoid breaking the article's ability to parse the article
concurrently with stylesheet download.
Usage:
Given a document with classes
"client-js vector-feature-limited-width-enabled ext-feature-enabled"
Set:
document.cookie = 'mwclientprefs=vector-feature-limited-width'
Will result in toggling off the limited width.
Bug: T321498
Change-Id: Ic3b6eec19953932c697ab5bf48c33a4ac1841b07
This was marked as deprecated to indicate that it shouldn't be used
to share arbitrary database tables between wikis. However, this has
never been officially supported and so doesn't actually warrant
deprecation.
The only use case for $wgSharedDB that MediaWiki supports (and even
encourages in documentation) is for global accounts shared between
wikis.
Recently, update.php started to block upgrades when a deprecated
setting is used, which has brought this otherwise-innocent deprecation
comment to light. Remove it as such since the feature for which it
exists isn't deprecated, and we don't have any other (supported and
documented) ways of sharing accounts between wikis.
In the future, we might rename this and turn it into a boolean so
that it is easier to understand and maintain, but that's for another
day.
Bug: T308536
Change-Id: I1598630f2ab2c9bd443a5f3e6fc0997ceb52c5b2
This patch introduces a configuration variable that allows one
to control the migration stage in production.
Bug: T299954
Change-Id: I36f1e3cd9fb0f25fd43f4dbb97f791da5eb1147b
Code moved as-is from the extension repo with minor changes:
* Adopt PSR-4 namespace.
* Keep backward-compatibility with "PoolCounter_Client"
in LocalSettings, from before the extension was namespaced recently.
* Document how `connect_timeout` actually works, and that it
was introduced in MW 1.28 (via extension).
* Add stable interface annotations.
Bug: T201223
Change-Id: Iadec5b4b5d2fc7e76509c9be0a8fa605d95c64a7
This restores a rewritten version of
commit 78483caaaf.
- Special:Contribute the default entry point in the menu when enabled
- Otherwise it will link to Special:Contributions (default behaviour)
Depends-On: I65336cfd56e1f6b92c1b3bc83cb5d91bbca065bf
Bug: T319327
Change-Id: I67779b88c4904462f9d847b3edb08a65306b2bfb
Introduced in 2017 with I7f14b9ca2533032 (2e5eb693) but remains
unused at WMF, and disabled by default.
Follows-up I62107789fa (9e49260fc9) which added reap to LinkCache
test cases in 2021.
Change-Id: I0654c29a671467dd6b366f462d1c09b90a273413
This only supports WRITE_BOTH for now, the rest will be implemented.
Tested locally, works fine.
Bug: T318606
Change-Id: I6f898aa89f7d36f3f8a4eb8c23706c64a90896b0
This allows config variables to be declared obsolete. Obsolete config
will be omitted from the schema, defaults, name constants, etc. The
purpose of keeping a declaration of obsolete config around is to allow
the updater to warn admins that they are using a config variable that no
longer has any effect, and provide them with a remedy.
The idea is that support for deprecated config can be removed after one
release per the stable interface policy, but the declaration of
obsolete config should be kept for as long as we support updates,
that is, at least two LTS releases.
See https://www.mediawiki.org/wiki/Topic:X4bh4nf3pe2ho5jj for
discussion.
Change-Id: Ia7a00742ea7a5311e820a6a43b11135a3f2a825f
This global variable was replaced by auto-discovery of parser test
files in extensions and is no longer needed (or used).
Change-Id: Ib616e60f36db32ffd8bc69c71a096f23c0a27910
What was previously a REST API-only feature (the thumbnails
hook allowing for thumbnails for non-file pages via the
PageImages extension) is now also being adopted in the main
search page.
That hook will now be called with NS_FILE result thumbnails
pre-filled, which was not the case previously. PageImages
essentially duplicated NS_FILE thumbnail logic that was
already present in Special:Search, so that can (and will
in a follow-up patch) then be removed there. Special:Search
will then simply take whatever is produced from the provider
(which will include both NS_FILE thumbs - which it handled
already - as well as whatever else it receives from the hook),
as will the REST API (which already received both)
Since thumbnails can now come in for multiple namespaces &
having some of those results with & others without a thumbnail
can be quite jarring, it was decided that we'd display
placeholder images (for certain namespaces). This is now
controlled by $wgThumbnailNamespaces.
I also split up a few things in FullSearchResultWidget::
generateFileHtml for more clarity.
Meanwhile also updated mediawiki.special.search.styles.less
to use variables for known colors.
Also implemented a 'transform' (required for testing this
change properly) and 'getDisplayWidthHeight' (it became
needed after implementing transform) callback function for
mock Files, and updated some existing tests in response to
these changes.
And some more Rest test files have been updated to allow
passing around a HookContainer instead of only an array of
hooks (from which a new HookContainer would then be created)
to allow the same container to be used across all relevant
objects, who may have it injected as dependency.
Bug: T306883
Change-Id: I2a679b51758020d3e822da01a1bde1ae632b0b0a
This reverts commit cfed8e7743.
Reason for revert: Will implement a hook rather than changing config at runtime
Change-Id: I5a941b871f9a6347744e800ea63cd82450ab6da3
This patch changes the Special:Preferences menu layout to display as a vertical menu. This function will only work for users with AMC enabled.
It also creates a variable (SpecialPreferencesUseMobileLayout) that changes when a user navigates to Special:Preferences on mobile and has AMC enabled.
Bug: T311717
Change-Id: Ia7a730cd7f009dbb921a810f27fae4a9ee66f793
When the deprecation of wikibits.js originally started, it contained
a ton of things [1] such as:
* user-agent utils, `clientPC` and `is_gecko`.
* addOnloadHook.
* importScript.
* appendCSS.
* stylepath and other config vars.
* tooltip, e.g. updateTooltipAccessKeys.
* portlet, addPortletLink.
* tablesorter, e.g. ts_makeSortable, ts_getInnerText
* searchsuggest.
* notify utils, e.g. jsMsg.
* spinner utils, e.g. injectSpinner.
* event utils, e.g. hookEvent.
* siblings scripts included: mwsuggest, sajax.
Except for two (addOnloadHook, and importScript), these have all found
new homes and been succesfully migrated and replaced over the years
with other platform APIs.
The $wgIncludeLegacyJavaScript variable hasn't been needed for a while
as what it gated no longer exits. Remove it and fold the two remaining
functions into mediawiki.base as defacto stable APIs.
* addOnloadHook: Not worth breaking imho. I've shortened the
implementation which saves a few bytes in WMF prod, and adds a few
bytes for CI/third-party where it was previously absent for new
wikis (thus reducing portability).
* importScript: Never deprecated in the first place as there is no
mw.loader equivalent to this. In order to achieve optimal cache
performance, and benefit from automatic purging after edits, one
must craft a very specificly encoded and ordered canonical
action=raw URL. This is not something end-users need to know about,
and is what imporScript exists for to abstract. Plus, it ensures
de-duplication. One day something like Gadgets 3.0 (T36958) might
take off, but for many years to come, importScript remains the best
and only supported and usable means within the platform to share
and load user scripts.
Tested with: `curl 'http://localhost:8080/w/load.php?modules=mediawiki.String%2Cbase%2Cuser%2Cutil&skin=vector' | gzip -9 | wc -c`.
Before: 9.53KB
After: 9.45KB
[1] https://gerrit.wikimedia.org/g/mediawiki/core/+/1.17.0/skins/common/wikibits.js
[2] https://www.mediawiki.org/wiki/ResourceLoader/Migration_guide_(users)
Change-Id: I10f17f68fea862d510d188b927f4a7b38be0e4a4
MediaWiki sets a large 'Cache-Control: s-maxage=' directive on page
views only if the request URL matches one of the normal CDN URL forms.
When MediaWiki is behind a CDN that re-orders query parameters on
request URLs, we want the CDN URL matching logic to be insensitive to
the order of query parameters. This change introduces a
'CdnMatchParameterOrder' configuration option that can be used to
control this behavior. It defaults to 'true', which preserves the
existing behavior (order-dependent matching).
Bug: T138093
Change-Id: I3c52ca47e095ba32511892853dac6c87a1cc2321
Remove Flash cross-domain policy mangling. Users who are somehow still
using Flash as a browser extension will be exposed to CSRF
vulnerabilities.
Deprecate the config since deprecation has some advantages in the new
config system over simple removal.
Bug: T279496
Change-Id: I2c0e85a430d7e6aaf8d5decd00cf1dade04cebe1
Validating against the live schema on the WMF cluster exposed several
issues with the config schema. Mostly settings declared to be lists
which are actually associative arrays.
This also removes deprecation markers for some settings that are still
in active use, just discouraged or unstable.
Change-Id: I63e816edd1a561bda6063f8558ccce88c113df3f
This adds functionality to SettingsBuilder for collecting warnings to be
logged later, when the logging mechanism has been set up.
This also adds a validation step to update.php that aborts the update
if any warnings have been registered in SettingsBuilder, or the settings
fail to validate against the settings schema.
Change-Id: I387905289fb93591f79b96bf4c6cb5ec692b2aff
A library for storage of counter value time series statistics, based
around the observation that memcached getMulti() is apparently fast
enough to do this in a simple manner, with incremented values stored
in time window buckets.
Bug: T310662
Change-Id: I26b1cdba0a06ad16ad8bb71b455e1b6180924d17
This introduces the ParsoidOutputStash config setting, which defines the
storage backend and cache duration. The storage backend name refers to
an entry in the ObjectCache setting, and defaults to the main stash.
Bug: T267990
Bug: T309016
Change-Id: Ic67dc43ed9843810e4b180127f9a3bb7608f7608
When JSON support was introduced into ParserCache in 1.36, it was
controlled by a feature flag, $wgParserCacheUseJson. The feature flag
was "born deprecated" in 1.36. It can now be removed.
This means that ParserCache will always store entries as JSON.
Support for reading old non-JSON entries remains intact.
This is needed when updating wikis from a version older than 1.36
to the current version.
Change-Id: Id04e42bfb458d98414bac50e0d6c505e8878e5c0
This would be useful in cases that lots of edits happen at the same time
and this would reduce the time waiting to get the row lock.
Bug: T306589
Change-Id: I3b869e3b85dfd66575390ef4247f2f81f19c878e
Move ResourceLoader classes to their own namespace. Strip the
"ResourceLoader" prefix from all except ResourceLoader itself.
Move the tests by analogy.
I used a namespace alias "RL" in some callers since RL\Module is less
ambiguous at the call site than just "Module".
I did not address DependencyStore which continues to have a non-standard
location and namespace.
Revert of a241d83e0a.
Bug: T308718
Change-Id: Id08a220e1d6085e2b33f3f6c9d0e3935a4204659
Both this feature and the web standard are experimental.
The standard was only exposed as a Google Chrome Origin Trial
and the standard has evolved in a non-compatible way.
Bug: T308707
Change-Id: I987c0fb9e3fbb1a9f727b3f171c747246d8adb77
This reverts commit e08ea8ccb9.
Reason for revert: Breaks Phan in extensions, and as far as I’m aware,
this change isn’t urgently needed for anything, so the simplest fix is
to revert it again for now. After PHP 7.4 it should be safer to try this
again (we hopefully won’t need the two “hack” classes by then).
Bug: T308443
Change-Id: Iff3318cbf97a67f821f78e60da62a583f63e389e
Move ResourceLoader classes to their own namespace. Strip the
"ResourceLoader" prefix from all except ResourceLoader and
ResourceLoaderContext.
Move the tests by analogy.
I used a namespace alias "RL" in some callers since RL\Module is less
ambiguous at the call site than just "Module".
I did not address DependencyStore which continues to have a non-standard
location and namespace.
Change-Id: I92998ae6a82e0b935c13e02a183e7c324fa410a3
$wgSquidPurgeUseHostHeader is @since 1.21 and @deprecated since 1.33.
Follow-Up: I9776d11d4e2d184af35b1117cd7950354c0e343e
Change-Id: Ibaa261fcce3498eba56ab37c8ed95f52e59cfef4
While detecting the site name based on the request domain is common,
the exact mappings used in practice differ a lot. If we implemented one,
we could never change it. It seems beter to require the requested site
to be identified explicitly.
Bug: T221535
Change-Id: I31c20e87bb7d5fc4565714e86f547b42bacea82f
Remove the special case GIFAR vulnerability check from UploadBase. I
put it there because the GIFAR vulnerability was so severe that we
needed to check for it even if $wgVerifyMimeType was false. Now that
support for Java applets has been dropped from browsers, the
vulnerability is not so severe and we can wind back the paranoia.
Add a ZipDirectoryReader invocation to MimeAnalyzer, to replace some
terrible regex hacks. This allows MimeAnalyzer to detect docx files
saved by LibreOffice (T291750).
This is also the new place for the GIFAR check. Add application/java
to $wgMimeTypeExclusions so that JAR uploads are rejected.
Since ZipDirectoryReader cannot look inside the contents of files in the
package, it can't detect the subtype of Open Document files. Use the
file extension instead, like what we do for Microsoft OPC files.
Remove public method detectZipType -- no callers in code search.
Bug: T291750
Change-Id: Iff1611c7adda9c0f0ed31593bad6dfffc9c9a086
Declare deprecations as part of the schema, not just in the doc string.
This allows deprecations to carry over to MainConfigNames and
DefaultSettings.php.
Change-Id: I9776d11d4e2d184af35b1117cd7950354c0e343e
Add services and utilities for automatic creation of temporary user
accounts on page save, in order to avoid exposing the user's IP
address.
* Add $wgAutoCreateTempUser, for configuring the system
* Add TempUserConfig service, which interprets the config.
* Add TempUserCreator service, which creates users during page save as
requested by EditPage. With proxy methods to TempUserConfig for
convenience.
* Add table user_autocreate_serial. Table creation is necessary before
the feature is enabled but is not necessary before deployment of this
commit.
Bug: T300263
Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
Added support for an easy to configure multi-tenant ("wiki farm") mode:
Settings for each site can be placed in a directory specified by
$wgWikiFarmSettingsDirectory. Site detection is controlled by
$wgWikiFarmSiteDetector and defaults to the requested host name.
Instructions for manual testing: https://etherpad.wikimedia.org/p/T221535
Bug: T221535
Change-Id: I7581921b7d99ba1fe7e25523fde691d76b67a99c
