blob: 8fd3cafa1267a2900c26d26ee2d99d33b41623ed (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
<?php
/**
* CSS extension - A parser-function for adding CSS to articles via file,
* article or inline rules.
*
* See https://www.mediawiki.org/wiki/Extension:CSS for installation and usage
* details.
*
* @file
* @ingroup Extensions
* @author Aran Dunkley [http://www.organicdesign.co.nz/nad User:Nad]
* @author Rusty Burchfield
* @copyright © 2007-2010 Aran Dunkley
* @copyright © 2011 Rusty Burchfield
* @license GPL-2.0-or-later
*/
class CSS {
/**
* @param Parser $parser
* @param string $css
* @return string
*/
public static function CSSRender( &$parser, $css ) {
global $wgCSSPath, $wgStylePath, $wgCSSIdentifier;
$css = trim( $css );
$title = Title::newFromText( $css );
$rawProtection = "$wgCSSIdentifier=1";
$headItem = '<!-- Begin Extension:CSS -->';
if ( is_object( $title ) && $title->exists() ) {
# Article actually in the db
$params = "action=raw&ctype=text/css&$rawProtection";
$url = $title->getLocalURL( $params );
$headItem .= Html::linkedStyle( $url );
} elseif ( $css[0] == '/' ) {
# Regular file
$base = $wgCSSPath === false ? $wgStylePath : $wgCSSPath;
$url = wfAppendQuery( $base . $css, $rawProtection );
# Verify the expanded URL is still using the base URL
if ( strpos( wfExpandUrl( $url ), wfExpandUrl( $base ) ) === 0 ) {
$headItem .= Html::linkedStyle( $url );
} else {
$headItem .= '<!-- Invalid/malicious path -->';
}
} else {
# sanitized user CSS
$css = Sanitizer::checkCss( $css );
# Encode data URI and append link tag
$dataPrefix = 'data:text/css;charset=UTF-8;base64,';
$url = $dataPrefix . base64_encode( $css );
$headItem .= Html::linkedStyle( $url );
}
$headItem .= '<!-- End Extension:CSS -->';
$parser->getOutput()->addHeadItem( $headItem );
return '';
}
/**
* @param Parser $parser
* @return bool true
*/
public static function onParserFirstCallInit( $parser ) {
$parser->setFunctionHook( 'css', 'CSS::CSSRender' );
return true;
}
/**
* @param RawPage $rawPage
* @param string $text
* @return bool true
*/
public static function onRawPageViewBeforeOutput( &$rawPage, &$text ) {
global $wgCSSIdentifier;
if ( $rawPage->getRequest()->getBool( $wgCSSIdentifier ) ) {
$text = Sanitizer::checkCss( $text );
}
return true;
}
}
|