mediawiki-skins-Citizen/includes/SkinCitizen.php

321 lines
8.6 KiB
PHP
Raw Normal View History

<?php
/**
* Citizen - A responsive skin developed for the Star Citizen Wiki
*
* This file is part of Citizen.
*
* Citizen is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Citizen is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Citizen. If not, see <https://www.gnu.org/licenses/>.
*
* @file
* @ingroup Skins
*/
use Wikimedia\WrappedString;
/**
* SkinTemplate class for the Citizen skin
* @ingroup Skins
*/
class SkinCitizen extends SkinTemplate {
public $skinname = 'citizen';
public $stylename = 'Citizen';
public $template = 'CitizenTemplate';
/**
* @inheritDoc
* @return array
*/
public function getDefaultModules() {
$modules = parent::getDefaultModules();
$out = $this->getOutput();
$modules['styles'] = [
'mediawiki.skinning.content.externallinks',
'skins.citizen.styles',
'skins.citizen.styles.fonts',
'skins.citizen.styles.toc',
'skins.citizen.icons',
'skins.citizen.icons.ca',
'skins.citizen.icons.es',
'skins.citizen.icons.n',
'skins.citizen.icons.t',
'skins.citizen.icons.pt',
'skins.citizen.icons.footer',
'skins.citizen.icons.badges',
];
$modules['citizen'][] = 'skins.citizen.scripts';
// Add lazyload-related modules
if ( $this->getConfigValue( 'CitizenEnableLazyload' ) === true ) {
$modules['styles'] = array_merge(
$modules['styles'],
[ 'skins.citizen.styles.lazyload' ]
);
$modules['citizen'] = array_merge(
$modules['citizen'],
[ 'skins.citizen.scripts.lazyload' ]
);
}
// Replace the search module
if ( $this->getConfigValue( 'CitizenEnableSearch' ) === true ) {
$modules['search'] = [
'skins.citizen.scripts.search',
'skins.citizen.styles.search',
'skins.citizen.icons.search',
];
}
if ( $out->isTOCEnabled() ) {
// Disable style condition loading due to pop in
// $modules['content'][] = 'skins.citizen.styles.toc';
$modules['content'][] = 'skins.citizen.scripts.toc';
}
return $modules;
}
/**
* @internal only for use inside CitizenTemplate
* @return array of data for a Mustache template
*/
public function getTemplateData() {
$out = $this->getOutput();
$title = $out->getTitle();
$indicators = [];
foreach ( $out->getIndicators() as $id => $content ) {
$indicators[] = [
'id' => Sanitizer::escapeIdForAttribute( "mw-indicator-$id" ),
'class' => 'mw-indicator',
'html' => $content,
];
}
$printFooter = Html::rawElement(
'div',
[ 'class' => 'printfooter' ],
$this->printSource()
);
return [
// Data objects:
'array-indicators' => $indicators,
// HTML strings:
'html-printtail' => WrappedString::join( "\n", [
MWDebug::getHTMLDebugLog(),
MWDebug::getDebugHTML( $this->getContext() ),
$this->bottomScripts(),
wfReportTime( $out->getCSP()->getNonce() )
] ) . '</body></html>',
'html-site-notice' => $this->getSiteNotice(),
'html-user-language-attributes' => $this->prepareUserLanguageAttributes(),
'html-subtitle' => $this->prepareSubtitle(),
// Always returns string, cast to null if empty.
'html-undelete-link' => $this->prepareUndeleteLink() ?: null,
// Result of OutputPage::addHTML calls
'html-body-content' => $this->wrapHTML( $title, $out->mBodytext )
. $printFooter,
'html-after-content' => $this->afterContentHook(),
];
}
/**
* ResourceLoader
*
* @param OutputPage $out
*/
public function initPage( OutputPage $out ) {
$this->out = $out;
// Responsive layout
$out->addMeta( 'viewport', 'width=device-width, initial-scale=1.0' );
// Theme color
$out->addMeta( 'theme-color', $this->getConfigValue( 'CitizenThemeColor' ) ?? '' );
// Preconnect origin
$this->addPreConnect();
// Generate manifest
$this->addManifest();
// HTTP headers
// CSP
$this->addCSP();
// HSTS
$this->addHSTS();
// Deny X-Frame-Options
$this->addXFrameOptions();
// X-XSS-Protection
$this->addXXSSProtection();
// Referrer policy
$this->addStrictReferrerPolicy();
// Feature policy
$this->addFeaturePolicy();
}
/**
* getConfig() wrapper to catch exceptions.
* Returns null on exception
*
* @param string $key
* @return mixed|null
* @see SkinTemplate::getConfig()
*/
private function getConfigValue( $key ) {
try {
$value = $this->getConfig()->get( $key );
} catch ( ConfigException $e ) {
$value = null;
}
return $value;
}
/**
* Adds a preconnect header if enabled in 'CitizenEnablePreconnect'
*/
private function addPreConnect() {
if ( $this->getConfigValue( 'CitizenEnablePreconnect' ) === true ) {
$this->out->addLink( [
'rel' => 'preconnect',
'href' => $this->getConfigValue( 'CitizenPreconnectURL' ),
] );
}
}
/**
* Adds the manifest if enabled in 'CitizenEnableManifest'.
* Manifest link will be empty if wfExpandUrl throws an exception.
*/
private function addManifest() {
if ( $this->getConfigValue( 'CitizenEnableManifest' ) === true ) {
try {
$href =
wfExpandUrl( wfAppendQuery( wfScript( 'api' ),
[ 'action' => 'webapp-manifest' ] ), PROTO_RELATIVE );
} catch ( Exception $e ) {
$href = '';
}
$this->out->addLink( [
'rel' => 'manifest',
'href' => $href,
] );
}
}
/**
* Adds the csp directive if enabled in 'CitizenEnableCSP'.
* Directive holds the content of 'CitizenCSPDirective'.
*/
private function addCSP() {
if ( $this->getConfigValue( 'CitizenEnableCSP' ) === true ) {
$cspDirective = $this->getConfigValue( 'CitizenCSPDirective' ) ?? '';
$cspMode = 'Content-Security-Policy';
// Check if report mode is enabled
if ( $this->getConfigValue( 'CitizenEnableCSPReportMode' ) === true ) {
$cspMode = 'Content-Security-Policy-Report-Only';
}
$this->out->getRequest()->response()->header( sprintf( '%s: %s', $cspMode,
$cspDirective ) );
}
}
/**
* Adds the HSTS Header. If no max age or an invalid max age is set a default of 300 will be
* applied.
* Preload and Include Subdomains can be enabled by setting 'CitizenHSTSIncludeSubdomains'
* and/or 'CitizenHSTSPreload' to true.
*/
private function addHSTS() {
if ( $this->getConfigValue( 'CitizenEnableHSTS' ) === true ) {
$maxAge = $this->getConfigValue( 'CitizenHSTSMaxAge' );
$includeSubdomains = $this->getConfigValue( 'CitizenHSTSIncludeSubdomains' ) ?? false;
$preload = $this->getConfigValue( 'CitizenHSTSPreload' ) ?? false;
// HSTS max age
if ( is_int( $maxAge ) ) {
$maxAge = max( $maxAge, 0 );
} else {
// Default to 5 mins if input is invalid
$maxAge = 300;
}
$hstsHeader = 'Strict-Transport-Security: max-age=' . $maxAge;
if ( $includeSubdomains ) {
$hstsHeader .= '; includeSubDomains';
}
if ( $preload ) {
$hstsHeader .= '; preload';
}
$this->out->getRequest()->response()->header( $hstsHeader );
}
}
/**
* Adds the X-Frame-Options header if set in 'CitizenEnableDenyXFrameOptions'
*/
private function addXFrameOptions() {
if ( $this->getConfigValue( 'CitizenEnableDenyXFrameOptions' ) === true ) {
$this->out->getRequest()->response()->header( 'X-Frame-Options: deny' );
}
}
/**
* Adds the X-XSS-Protection header if set in 'CitizenEnableXXSSProtection'
*/
private function addXXSSProtection() {
if ( $this->getConfigValue( 'CitizenEnableXXSSProtection' ) === true ) {
$this->out->getRequest()->response()->header( 'X-XSS-Protection: 1; mode=block' );
}
}
/**
* Adds the referrer header if enabled in 'CitizenEnableStrictReferrerPolicy'
*/
private function addStrictReferrerPolicy() {
if ( $this->getConfigValue( 'CitizenEnableStrictReferrerPolicy' ) === true ) {
// iOS Safari, IE, Edge compatiblity
$this->out->getRequest()->response()->header( 'Referrer-Policy: strict-origin' );
$this->out->getRequest()->response()->header( 'Referrer-Policy: strict-origin-when-cross-origin' );
}
}
/**
* Adds the Feature policy header to the response if enabled in 'CitizenFeaturePolicyDirective'
*/
private function addFeaturePolicy() {
if ( $this->getConfigValue( 'CitizenEnableFeaturePolicy' ) === true ) {
$featurePolicy = $this->getConfigValue( 'CitizenFeaturePolicyDirective' ) ?? '';
$this->out->getRequest()->response()->header( sprintf( 'Feature-Policy: %s',
$featurePolicy ) );
}
}
}