Commit graph

2592 commits

Author SHA1 Message Date
Fomafix 480ff35722 Add output encoding to $category in not found message
This change outputs the not found category as plain text and prevents
parser processing of the category name like '''bold''' or ''italic''.

This affects the root category of the category tree in the sidebar
like on
$wgCategoryTreeSidebarRoot = "Lista d''e Paise d''o munno"
for a situation without parser and
{{#categorytree:Lista d''e Paise d''o munno}}
or
<categorytree>Lista d''e Paise d''o munno</categorytree>
in the content for situations with parser.

A separation for with and without parser is not needed anymore.
Problem described in T18744 which was the reason for change r49471
(9700e2d5) is not reproducible.

This change also prevents that the value in the parameter `target` on
Special:CategoryTree gets interpreted as wikitext and outputs the value
with an output encoding.

  Special:CategoryTree?target=B%27%27%27o%27%27%27ld%20un%3Cu%20onclick%3d%22alert(%27XSS%27)%22%3Eder%3C/u%3Eline

was rendered as

  B<b>o</b>ld un<u>der</u>line

and is now rendered as

  B'''o'''ld un&lt;u onclick="alert('XSS')"&gt;der&lt;/u&gt;line

The parser prevented already JavaScript injection, so there was no
security issue.

Change-Id: I592b23ba965c15b81a2f97686161a4d590331c87
2021-09-11 20:54:11 +00:00
Translation updater bot 0667bd8087 Localisation updates from https://translatewiki.net.
Change-Id: If79b087842c3cbf7772111834430bae795b7b143
2021-09-10 08:15:16 +02:00
Fomafix 5e61b40ee0 Restore support for modes for subcategories in Special:CategoryTree
This feature was lost in c839756b.

Before c839756b on Special:CategoryTree the mode was transfered via the
individual global JavaScript variable wgCategoryTreePageCategoryOptions.
c839756b removed the possibility to set the global JavaScript variable
to a page individual value.

Now Special:CategoryTree uses the HTML attribute to transfer the
individual options to JavaScript like at a <categorytree> tag.

Bug: T289997
Change-Id: I706c0ca89d84e3583eeee27a411f734c6969a8b7
2021-09-09 17:20:02 +00:00
jenkins-bot 76f386c901 Merge "Step 2 of move bullets from HTML to CSS" 2021-09-09 16:04:46 +00:00
Translation updater bot 15f840c3ae Localisation updates from https://translatewiki.net.
Change-Id: I57de6ccc200e33dd7b1a87561697de4629d65d3c
2021-09-09 08:17:13 +02:00
Fomafix f37cd36f13 Step 2 of move bullets from HTML to CSS
This change is a follow-up to Ibfb0cb28f0086fb1b7d0997be2246bc120eea85e.

Do not deploy this change before the HTML caches have expired or purged.

Bug: T288910
Change-Id: Ia9b7b1a6d46029acfeb407a0933ffeec203d12b2
2021-09-08 18:49:23 +00:00
libraryupgrader 0c23e8e620
build: Updating composer dependencies
* mediawiki/mediawiki-phan-config: 0.10.6 → 0.11.0
* php-parallel-lint/php-parallel-lint: 1.3.0 → 1.3.1

Change-Id: I9d26e128cc02d1057b639547e396235e4c3a5a3a
2021-09-08 21:18:55 +03:00
Translation updater bot a1e1c983e5 Localisation updates from https://translatewiki.net.
Change-Id: I049f8e2c3cfbbb9882dc703efc5a23d344130ab6
2021-09-08 08:10:05 +02:00
libraryupgrader e29dc146a8 build: Updating stylelint-config-wikimedia to 0.11.1
Change-Id: I289a6b699e00ab26f74b8cb12d6bd51bb1ef5645
2021-09-04 18:31:57 +00:00
Fomafix 379e090bbc Fix comparison operator in CategoryTreePage#execute
This change is a follow up to a892ae21f7.

Change-Id: Ic71c6f0e57fb2680f5653aac1744132c1f8e64fa
2021-09-03 10:45:31 +00:00
Umherirrender a892ae21f7 Improve string handling around trim()
trim() would always return a string, even with null as input
Keep the strval to make visible that this gets unsafe input

Change-Id: I6ff0ce307f6a8ac21669d6db693e5ff27767a55d
2021-09-02 21:29:25 +02:00
Translation updater bot dfee99db2e Localisation updates from https://translatewiki.net.
Change-Id: I3fbe72fc68463bd3cf7a4a41bfb1d49d0cfeca00
2021-09-02 08:25:58 +02:00
jenkins-bot ca4e7bd6fb Merge "Remove configuation variable "CategoryTreeForceHeaders"" 2021-08-31 22:26:14 +00:00
Translation updater bot 3972c1a9aa Localisation updates from https://translatewiki.net.
Change-Id: I8c7c0581ec427fcb8ef63cb7c56d8675ae1f98bb
2021-08-31 08:15:27 +02:00
Fomafix 57e7cd356b Remove configuation variable "CategoryTreeForceHeaders"
The configuration variable "CategoryTreeForceHeaders" allowed to force
the loading of the modules on every page by the hooks
"BeforePageDisplay" and "BeforePageDisplayMobile".

This is not needed anymore because the modules are now already loaded
if the category tree is used some on the other hooks.

Change-Id: I9fde894977463ecd1c4b07da449d98c39b3665ea
2021-08-30 07:05:05 +00:00
Translation updater bot defad5d779 Localisation updates from https://translatewiki.net.
Change-Id: Idcaeb7038cf428c3ca7e63c2de2f98159e9f4801
2021-08-30 08:19:50 +02:00
jenkins-bot 0c5aca0b3c Merge "Remove check for shouldForceHeaders()" 2021-08-30 02:00:23 +00:00
Fomafix 4bc230093f Remove check for shouldForceHeaders()
The CategoryTree::setHeaders() method adds modules to OutputPage.
It does not matter if setHeaders() gets called several times.

The previous code tried to avoid to call setHeaders() several times.
If wgCategoryTreeForceHeaders is set then the modules get loaded by the
hooks "BeforePageDisplay" or "BeforePageDisplayMobile" on every page.
In this case duplicate calls of setHeaders() are (partly) avoided by
not calling setHeaders() on other hooks.

This change removes this micro optimization and loads the modules
unconditionally if a category tree is added on a hook.
shouldForceHeaders() is now inlined.

Change-Id: Ic9219575a714886b4edd446efde2a330dff4dee6
2021-08-29 11:14:21 +00:00
jenkins-bot 0d28bbe1b0 Merge "Remove @noflip workaround for T288943" 2021-08-28 19:14:05 +00:00
Fomafix d1af686a0d Remove eslint exception rule 'no-shadow' and rename variable
Also fix JSDoc warnings.

Change-Id: Idb2f15bd9ce134b17381bde1303a2e427c3056fb
2021-08-28 19:05:52 +00:00
jenkins-bot 23d6c8f5bd Merge "Use CSS instead of Unicode to create triangles" 2021-08-26 22:04:45 +00:00
Translation updater bot 3b7101ef0a Localisation updates from https://translatewiki.net.
Change-Id: I672bb8fcf07f9f579734fb783f45edb2f1affd2b
2021-08-26 08:35:35 +02:00
jenkins-bot 6cba244a94 Merge "Simplify CategoryTree::capDepth" 2021-08-24 09:30:11 +00:00
Translation updater bot 20f433c17c Localisation updates from https://translatewiki.net.
Change-Id: I833ca46be4aa2e47eacaedf3f604746b08aca4f7
2021-08-24 10:20:02 +02:00
jenkins-bot 38235338ef Merge "Move bullets from HTML to CSS" 2021-08-23 23:05:58 +00:00
jenkins-bot ce882a0714 Merge "Use text direction based on the context" 2021-08-23 23:00:59 +00:00
Translation updater bot 7d2434a16a Localisation updates from https://translatewiki.net.
Change-Id: I96db5e80d989aeb44e1b5f8a137ba4d426284d1d
2021-08-23 09:03:37 +02:00
jenkins-bot 95ac0ba043 Merge "Remove LEFT-TO-RIGHT MARK (U+200E) from source code" 2021-08-22 01:26:15 +00:00
Fomafix 107d03af53 Remove @noflip workaround for T288943
This change requires CSSJanus version 2.0.0 included in core by
I0528443e4eae0338f5a37491352db03944c6bd4c since MediaWiki 1.37.

Bug: T288943
Depends-On: I0528443e4eae0338f5a37491352db03944c6bd4c
Change-Id: I38c08b2073e10e7d56b286b1ae75b400578ce2dd
2021-08-21 14:53:53 +00:00
Fomafix 629e0509b8 Use CSS instead of Unicode to create triangles
The Unicode characters have a different shape based on the font.

Bug: T184792
Change-Id: Ia5e506f25067558cb9f879c7d1dca707ea795603
2021-08-21 14:53:12 +00:00
Fomafix 0bfff67aac Move bullets from HTML to CSS
This allows better to style the buttons.

The complicated CSS selector for the direction supports a categorytree
in the user interface language like in the sidebar or on
Special:CategoryTree and in the content language like on category pages
and with <categorytree> in the content.

The CSS selector :dir( rtl ) would be a short version for this but it is
currently only supported by Firefox:
https://developer.mozilla.org/en-US/docs/Web/CSS/:dir

Bug: T288910
Change-Id: Ibfb0cb28f0086fb1b7d0997be2246bc120eea85e
2021-08-21 14:50:15 +00:00
Fomafix 00dd5b2bce Use text direction based on the context
A categorytree can be part of the user interface (in the sidebar) or
part of the content. The user interface and the content can have a
different text direction.

This change use the usual way to of bidi flipping based on the user
interface language direction and on the content direction like the class
mw-editsection in core.

The direction of the bullets in mixed directions will be fixed in
Ibfb0cb28f0086fb1b7d0997be2246bc120eea85e.

Bug: T288910
Change-Id: Ia420ef120cf4aa66a1e63c9cf3aa2438cc68da52
2021-08-21 13:06:27 +00:00
Translation updater bot adbc46dd3f Localisation updates from https://translatewiki.net.
Change-Id: Ic4675421ff46289f7ea5c4f6ed39c7d0cfd33890
2021-08-19 08:13:08 +02:00
Translation updater bot 5340565529 Localisation updates from https://translatewiki.net.
Change-Id: I71925c3c65017a9c136ff401bd8534acfc0967e1
2021-08-16 08:15:56 +02:00
libraryupgrader d334b65eed build: Updating path-parse to 1.0.7
* https://npmjs.com/advisories/1773 (CVE-2021-23343)

Change-Id: I5e5aa36c2c534aaee713618e344a5fbc90949cc6
2021-08-11 15:01:18 +00:00
Translation updater bot c8d85702c7 Localisation updates from https://translatewiki.net.
Change-Id: I6bb6e0f6a89e7a5d886cf1d6b2f44b27609601b5
2021-08-09 08:23:31 +02:00
Translation updater bot f4effa1999 Localisation updates from https://translatewiki.net.
Change-Id: I8d84b44bbf341897d7a66834aab1b8ee9d125ed3
2021-08-05 08:21:51 +02:00
Translation updater bot 8418f10e33 Localisation updates from https://translatewiki.net.
Change-Id: I7c5db737453080a444b36644c12f11ddfa139c38
2021-07-29 08:44:41 +02:00
Translation updater bot b19cd7d8db Localisation updates from https://translatewiki.net.
Change-Id: Ia04f20d981b4d40279669415702776bd11d4879c
2021-07-28 08:20:47 +02:00
libraryupgrader 97d57800a8 build: Updating dependencies
composer:
* mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0

npm:
* postcss: 7.0.35 → 7.0.36
  * https://npmjs.com/advisories/1693 (CVE-2021-23368)
* glob-parent: 5.1.0 → 5.1.2
  * https://npmjs.com/advisories/1751 (CVE-2020-28469)
* trim-newlines: 3.0.0 → 3.0.1
  * https://npmjs.com/advisories/1753 (CVE-2021-33623)

Change-Id: I3661ee3bfb047c9f43ef02bb4052196913c5b38d
2021-07-22 11:41:27 +00:00
Translation updater bot 72a62cb10e Localisation updates from https://translatewiki.net.
Change-Id: I51145874f756bc56fed727e91b488c5a43bbd884
2021-07-19 08:15:26 +02:00
Translation updater bot 5301219aa0 Localisation updates from https://translatewiki.net.
Change-Id: Id4c5357147ff71b6ccde8f7c064f3c72606f5798
2021-07-14 08:02:41 +02:00
Translation updater bot 3a4461485b Localisation updates from https://translatewiki.net.
Change-Id: I566adf53c8001324c72bbfcd69262d171179633c
2021-07-13 08:11:30 +02:00
Translation updater bot 0cfdcc6d14 Localisation updates from https://translatewiki.net.
Change-Id: I0df8e4a667571c22c35c2a6cbc34edf4365b5293
2021-07-12 08:06:10 +02:00
Matěj Suchánek c7b79338d5 Simplify CategoryTree::capDepth
Current master of CategoryTree requires MW 1.35, which requires PHP 7.3.

Change-Id: Ibec271bf45465cd61ac383595041e0475304f31c
2021-07-07 12:42:08 +00:00
Fomafix 6e77d4defc Remove LEFT-TO-RIGHT MARK (U+200E) from source code
Change-Id: Ifc545b536bdd951c2829c248d82f81c2e3d3da35
2021-07-01 17:55:53 +00:00
Translation updater bot c504ecdec1 Localisation updates from https://translatewiki.net.
Change-Id: I97cb52f65342755a93ed202dcf36a7d500a18140
2021-06-29 08:13:30 +02:00
daniel 734e2af35c Put onMediaWikiServices into a separate handler class.
The MediaWikiServices hook runs before the service container is fully initialized, so it cannot have services injected. For this reason, it needs to be separate from the handlers for other hooks.

Change-Id: I1519aea8bca2f3977fcf15ee8776a1b3319687b5
2021-06-24 15:17:34 +00:00
Translation updater bot 06dde64f45 Localisation updates from https://translatewiki.net.
Change-Id: Ide7376da37a1ae38af158c3e3967e5f859a4bb2e
2021-06-23 08:11:35 +02:00
jenkins-bot ffe5ad53de Merge "Restore category link to sidebar" 2021-06-23 01:50:29 +00:00