diff options
Diffstat (limited to 'includes/actions/RawAction.php')
-rw-r--r-- | includes/actions/RawAction.php | 60 |
1 files changed, 43 insertions, 17 deletions
diff --git a/includes/actions/RawAction.php b/includes/actions/RawAction.php index 174ca3f8..1a2b3cb1 100644 --- a/includes/actions/RawAction.php +++ b/includes/actions/RawAction.php @@ -29,6 +29,8 @@ /** * A simple method to retrieve the plain source of an article, * using "action=raw" in the GET request string. + * + * @ingroup Actions */ class RawAction extends FormlessAction { private $mGen; @@ -46,7 +48,7 @@ class RawAction extends FormlessAction { } function onView() { - global $wgGroupPermissions, $wgSquidMaxage, $wgForcedRawSMaxage, $wgJsMimeType; + global $wgSquidMaxage, $wgForcedRawSMaxage; $this->getOutput()->disable(); $request = $this->getRequest(); @@ -77,7 +79,7 @@ class RawAction extends FormlessAction { # Force caching for CSS and JS raw content, default: 5 minutes if ( $smaxage === null ) { - if ( $contentType == 'text/css' || $contentType == $wgJsMimeType ) { + if ( $contentType == 'text/css' || $contentType == 'text/javascript' ) { $smaxage = intval( $wgForcedRawSMaxage ); } else { $smaxage = 0; @@ -91,7 +93,10 @@ class RawAction extends FormlessAction { $response->header( 'Content-type: ' . $contentType . '; charset=UTF-8' ); # Output may contain user-specific data; # vary generated content for open sessions on private wikis - $privateCache = !$wgGroupPermissions['*']['read'] && ( $smaxage == 0 || session_id() != '' ); + $privateCache = !User::isEveryoneAllowed( 'read' ) && ( $smaxage == 0 || session_id() != '' ); + // Bug 53032 - make this private if user is logged in, + // so we don't accidentally cache cookies + $privateCache = $privateCache ?: $this->getUser()->isLoggedIn(); # allow the client to cache this for 24 hours $mode = $privateCache ? 'private' : 'public'; $response->header( 'Cache-Control: ' . $mode . ', s-maxage=' . $smaxage . ', max-age=' . $maxage ); @@ -123,7 +128,7 @@ class RawAction extends FormlessAction { global $wgParser; # No longer used - if( $this->mGen ) { + if ( $this->mGen ) { return ''; } @@ -148,10 +153,29 @@ class RawAction extends FormlessAction { $request->response()->header( "Last-modified: $lastmod" ); // Public-only due to cache headers - $text = $rev->getText(); - $section = $request->getIntOrNull( 'section' ); - if ( $section !== null ) { - $text = $wgParser->getSection( $text, $section ); + $content = $rev->getContent(); + + if ( $content === null ) { + // revision not found (or suppressed) + $text = false; + } elseif ( !$content instanceof TextContent ) { + // non-text content + wfHttpError( 415, "Unsupported Media Type", "The requested page uses the content model `" + . $content->getModel() . "` which is not supported via this interface." ); + die(); + } else { + // want a section? + $section = $request->getIntOrNull( 'section' ); + if ( $section !== null ) { + $content = $content->getSection( $section ); + } + + if ( $content === null || $content === false ) { + // section not found (or section not supported, e.g. for JS and CSS) + $text = false; + } else { + $text = $content->getNativeData(); + } } } } @@ -173,19 +197,19 @@ class RawAction extends FormlessAction { switch ( $this->getRequest()->getText( 'direction' ) ) { case 'next': # output next revision, or nothing if there isn't one - if( $oldid ) { - $oldid = $this->getTitle()->getNextRevisionId( $oldid ); + if ( $oldid ) { + $oldid = $this->getTitle()->getNextRevisionID( $oldid ); } $oldid = $oldid ? $oldid : -1; break; case 'prev': # output previous revision, or nothing if there isn't one - if( !$oldid ) { + if ( !$oldid ) { # get the current revision so we can get the penultimate one $oldid = $this->page->getLatest(); } - $prev = $this->getTitle()->getPreviousRevisionId( $oldid ); - $oldid = $prev ? $prev : -1 ; + $prev = $this->getTitle()->getPreviousRevisionID( $oldid ); + $oldid = $prev ? $prev : -1; break; case 'cur': $oldid = 0; @@ -200,20 +224,18 @@ class RawAction extends FormlessAction { * @return String */ public function getContentType() { - global $wgJsMimeType; - $ctype = $this->getRequest()->getVal( 'ctype' ); if ( $ctype == '' ) { $gen = $this->getRequest()->getVal( 'gen' ); if ( $gen == 'js' ) { - $ctype = $wgJsMimeType; + $ctype = 'text/javascript'; } elseif ( $gen == 'css' ) { $ctype = 'text/css'; } } - $allowedCTypes = array( 'text/x-wiki', $wgJsMimeType, 'text/css', 'application/x-zope-edit' ); + $allowedCTypes = array( 'text/x-wiki', 'text/javascript', 'text/css', 'application/x-zope-edit' ); if ( $ctype == '' || !in_array( $ctype, $allowedCTypes ) ) { $ctype = 'text/x-wiki'; } @@ -230,6 +252,10 @@ class RawAction extends FormlessAction { class RawPage extends RawAction { public $mOldId; + /** + * @param Page $page + * @param WebRequest|bool $request The WebRequest (default: false). + */ function __construct( Page $page, $request = false ) { wfDeprecated( __CLASS__, '1.19' ); parent::__construct( $page ); |