* Use ' instead of ".
* Use === instead of ==.
* Use !== instead of !=.
* Use explicit type cast.
* Combine array assignment.
* Use null coalescing operator.
Change-Id: Ic2fe4f62556df77262915b5bcbe1b11a1d907e6d
This change outputs the not found category as plain text and prevents
parser processing of the category name like '''bold''' or ''italic''.
This affects the root category of the category tree in the sidebar
like on
$wgCategoryTreeSidebarRoot = "Lista d''e Paise d''o munno"
for a situation without parser and
{{#categorytree:Lista d''e Paise d''o munno}}
or
<categorytree>Lista d''e Paise d''o munno</categorytree>
in the content for situations with parser.
A separation for with and without parser is not needed anymore.
Problem described in T18744 which was the reason for change r49471
(9700e2d5) is not reproducible.
This change also prevents that the value in the parameter `target` on
Special:CategoryTree gets interpreted as wikitext and outputs the value
with an output encoding.
Special:CategoryTree?target=B%27%27%27o%27%27%27ld%20un%3Cu%20onclick%3d%22alert(%27XSS%27)%22%3Eder%3C/u%3Eline
was rendered as
B<b>o</b>ld un<u>der</u>line
and is now rendered as
B'''o'''ld un<u onclick="alert('XSS')">der</u>line
The parser prevented already JavaScript injection, so there was no
security issue.
Change-Id: I592b23ba965c15b81a2f97686161a4d590331c87
This feature was lost in c839756b.
Before c839756b on Special:CategoryTree the mode was transfered via the
individual global JavaScript variable wgCategoryTreePageCategoryOptions.
c839756b removed the possibility to set the global JavaScript variable
to a page individual value.
Now Special:CategoryTree uses the HTML attribute to transfer the
individual options to JavaScript like at a <categorytree> tag.
Bug: T289997
Change-Id: I706c0ca89d84e3583eeee27a411f734c6969a8b7
This change is a follow-up to Ibfb0cb28f0086fb1b7d0997be2246bc120eea85e.
Do not deploy this change before the HTML caches have expired or purged.
Bug: T288910
Change-Id: Ia9b7b1a6d46029acfeb407a0933ffeec203d12b2
trim() would always return a string, even with null as input
Keep the strval to make visible that this gets unsafe input
Change-Id: I6ff0ce307f6a8ac21669d6db693e5ff27767a55d
The configuration variable "CategoryTreeForceHeaders" allowed to force
the loading of the modules on every page by the hooks
"BeforePageDisplay" and "BeforePageDisplayMobile".
This is not needed anymore because the modules are now already loaded
if the category tree is used some on the other hooks.
Change-Id: I9fde894977463ecd1c4b07da449d98c39b3665ea
The CategoryTree::setHeaders() method adds modules to OutputPage.
It does not matter if setHeaders() gets called several times.
The previous code tried to avoid to call setHeaders() several times.
If wgCategoryTreeForceHeaders is set then the modules get loaded by the
hooks "BeforePageDisplay" or "BeforePageDisplayMobile" on every page.
In this case duplicate calls of setHeaders() are (partly) avoided by
not calling setHeaders() on other hooks.
This change removes this micro optimization and loads the modules
unconditionally if a category tree is added on a hook.
shouldForceHeaders() is now inlined.
Change-Id: Ic9219575a714886b4edd446efde2a330dff4dee6
This change requires CSSJanus version 2.0.0 included in core by
I0528443e4eae0338f5a37491352db03944c6bd4c since MediaWiki 1.37.
Bug: T288943
Depends-On: I0528443e4eae0338f5a37491352db03944c6bd4c
Change-Id: I38c08b2073e10e7d56b286b1ae75b400578ce2dd
This allows better to style the buttons.
The complicated CSS selector for the direction supports a categorytree
in the user interface language like in the sidebar or on
Special:CategoryTree and in the content language like on category pages
and with <categorytree> in the content.
The CSS selector :dir( rtl ) would be a short version for this but it is
currently only supported by Firefox:
https://developer.mozilla.org/en-US/docs/Web/CSS/:dir
Bug: T288910
Change-Id: Ibfb0cb28f0086fb1b7d0997be2246bc120eea85e