mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/Cite
synced 2024-11-11 16:49:26 +00:00
Use HTML5 id attributes; remove use of deprecated Sanitizer::escapeId()
When using HTML5 ids, we need to take greater care to properly escape the id (or derived strings) before passing them back through Parser::recursiveTagParse(). Bug: T176170 Change-Id: I89a4f8ba24b867f2d5ccdc2bf9a4312ab9b385a9
This commit is contained in:
C. Scott Ananian
parent
a024a7d2c6
commit
14459c226b
|
|
@ -14,6 +14,9 @@
|
|||
"descriptionmsg": "cite-desc",
|
||||
"license-name": "GPL-2.0+",
|
||||
"type": "parserhook",
|
||||
"requires": {
|
||||
"MediaWiki": ">= 1.30.0"
|
||||
},
|
||||
"MessagesDirs": {
|
||||
"cite": "i18n",
|
||||
"ve-cite": "modules/ve-cite/i18n"
|
||||
|
|
|
|||
|
|
@ -269,12 +269,18 @@ class Cite {
|
|||
if ( $group != $this->mReferencesGroup ) {
|
||||
# <ref> and <references> have conflicting group attributes.
|
||||
$this->mReferencesErrors[] =
|
||||
$this->error( 'cite_error_references_group_mismatch', htmlspecialchars( $group ) );
|
||||
$this->error(
|
||||
'cite_error_references_group_mismatch',
|
||||
Sanitizer::safeEncodeAttribute( $group )
|
||||
);
|
||||
} elseif ( $str !== '' ) {
|
||||
if ( !$isSectionPreview && !isset( $this->mRefs[$group] ) ) {
|
||||
# Called with group attribute not defined in text.
|
||||
$this->mReferencesErrors[] =
|
||||
$this->error( 'cite_error_references_missing_group', htmlspecialchars( $group ) );
|
||||
$this->error(
|
||||
'cite_error_references_missing_group',
|
||||
Sanitizer::safeEncodeAttribute( $group )
|
||||
);
|
||||
} elseif ( $key === null || $key === '' ) {
|
||||
# <ref> calls inside <references> must be named
|
||||
$this->mReferencesErrors[] =
|
||||
|
|
@ -282,7 +288,7 @@ class Cite {
|
|||
} elseif ( !$isSectionPreview && !isset( $this->mRefs[$group][$key] ) ) {
|
||||
# Called with name attribute not defined in text.
|
||||
$this->mReferencesErrors[] =
|
||||
$this->error( 'cite_error_references_missing_key', $key );
|
||||
$this->error( 'cite_error_references_missing_key', Sanitizer::safeEncodeAttribute( $key ) );
|
||||
} else {
|
||||
if (
|
||||
isset( $this->mRefs[$group][$key]['text'] ) &&
|
||||
|
|
@ -301,7 +307,7 @@ class Cite {
|
|||
} else {
|
||||
# <ref> called in <references> has no content.
|
||||
$this->mReferencesErrors[] =
|
||||
$this->error( 'cite_error_empty_references_define', $key );
|
||||
$this->error( 'cite_error_empty_references_define', Sanitizer::safeEncodeAttribute( $key ) );
|
||||
}
|
||||
return '';
|
||||
}
|
||||
|
|
@ -403,13 +409,13 @@ class Cite {
|
|||
}
|
||||
if ( isset( $argv['name'] ) ) {
|
||||
// Key given.
|
||||
$key = Sanitizer::escapeId( $argv['name'], 'noninitial' );
|
||||
$key = Sanitizer::escapeIdForAttribute( $argv['name'] );
|
||||
unset( $argv['name'] );
|
||||
--$cnt;
|
||||
}
|
||||
if ( isset( $argv['follow'] ) ) {
|
||||
// Follow given.
|
||||
$follow = Sanitizer::escapeId( $argv['follow'], 'noninitial' );
|
||||
$follow = Sanitizer::escapeIdForAttribute( $argv['follow'] );
|
||||
unset( $argv['follow'] );
|
||||
--$cnt;
|
||||
}
|
||||
|
|
@ -806,8 +812,12 @@ class Cite {
|
|||
if ( !is_array( $val ) ) {
|
||||
return wfMessage(
|
||||
'cite_references_link_one',
|
||||
self::getReferencesKey( $key ),
|
||||
$this->refKey( $key ),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
self::getReferencesKey( $key )
|
||||
),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
$this->refKey( $key )
|
||||
),
|
||||
$this->referenceText( $key, $val )
|
||||
)->inContentLanguage()->plain();
|
||||
}
|
||||
|
|
@ -815,14 +825,18 @@ class Cite {
|
|||
if ( isset( $val['follow'] ) ) {
|
||||
return wfMessage(
|
||||
'cite_references_no_link',
|
||||
self::getReferencesKey( $val['follow'] ),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
self::getReferencesKey( $val['follow'] )
|
||||
),
|
||||
$text
|
||||
)->inContentLanguage()->plain();
|
||||
}
|
||||
if ( !isset( $val['count'] ) ) {
|
||||
// this handles the case of section preview for list-defined references
|
||||
return wfMessage( 'cite_references_link_many',
|
||||
self::getReferencesKey( $key . "-" . ( isset( $val['key'] ) ? $val['key'] : '' ) ),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
self::getReferencesKey( $key . "-" . ( isset( $val['key'] ) ? $val['key'] : '' ) )
|
||||
),
|
||||
'',
|
||||
$text
|
||||
)->inContentLanguage()->plain();
|
||||
|
|
@ -830,9 +844,13 @@ class Cite {
|
|||
if ( $val['count'] < 0 ) {
|
||||
return wfMessage(
|
||||
'cite_references_link_one',
|
||||
self::getReferencesKey( $val['key'] ),
|
||||
# $this->refKey( $val['key'], $val['count'] ),
|
||||
$this->refKey( $val['key'] ),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
self::getReferencesKey( $val['key'] )
|
||||
),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
# $this->refKey( $val['key'], $val['count'] )
|
||||
$this->refKey( $val['key'] )
|
||||
),
|
||||
$text
|
||||
)->inContentLanguage()->plain();
|
||||
// Standalone named reference, I want to format this like an
|
||||
|
|
@ -843,9 +861,13 @@ class Cite {
|
|||
if ( $val['count'] === 0 ) {
|
||||
return wfMessage(
|
||||
'cite_references_link_one',
|
||||
self::getReferencesKey( $key . "-" . $val['key'] ),
|
||||
# $this->refKey( $key, $val['count'] ),
|
||||
$this->refKey( $key, $val['key'] . "-" . $val['count'] ),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
self::getReferencesKey( $key . "-" . $val['key'] )
|
||||
),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
# $this->refKey( $key, $val['count'] ),
|
||||
$this->refKey( $key, $val['key'] . "-" . $val['count'] )
|
||||
),
|
||||
$text
|
||||
)->inContentLanguage()->plain();
|
||||
// Named references with >1 occurrences
|
||||
|
|
@ -855,7 +877,9 @@ class Cite {
|
|||
for ( $i = 0; $i <= $val['count']; ++$i ) {
|
||||
$links[] = wfMessage(
|
||||
'cite_references_link_many_format',
|
||||
$this->refKey( $key, $val['key'] . "-$i" ),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
$this->refKey( $key, $val['key'] . "-$i" )
|
||||
),
|
||||
$this->referencesFormatEntryNumericBacklinkLabel( $val['number'], $i, $val['count'] ),
|
||||
$this->referencesFormatEntryAlternateBacklinkLabel( $i )
|
||||
)->inContentLanguage()->plain();
|
||||
|
|
@ -864,7 +888,9 @@ class Cite {
|
|||
$list = $this->listToText( $links );
|
||||
|
||||
return wfMessage( 'cite_references_link_many',
|
||||
self::getReferencesKey( $key . "-" . $val['key'] ),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
self::getReferencesKey( $key . "-" . $val['key'] )
|
||||
),
|
||||
$list,
|
||||
$text
|
||||
)->inContentLanguage()->plain();
|
||||
|
|
@ -1021,10 +1047,16 @@ class Cite {
|
|||
$this->mParser->recursiveTagParse(
|
||||
wfMessage(
|
||||
'cite_reference_link',
|
||||
$this->refKey( $key, $count ),
|
||||
self::getReferencesKey( $key . $subkey ),
|
||||
$this->getLinkLabel( $label, $group,
|
||||
( ( $group === self::DEFAULT_GROUP ) ? '' : "$group " ) . $wgContLang->formatNum( $label ) )
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
$this->refKey( $key, $count )
|
||||
),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
self::getReferencesKey( $key . $subkey )
|
||||
),
|
||||
Sanitizer::safeEncodeAttribute(
|
||||
$this->getLinkLabel( $label, $group,
|
||||
( ( $group === self::DEFAULT_GROUP ) ? '' : "$group " ) . $wgContLang->formatNum( $label ) )
|
||||
)
|
||||
)->inContentLanguage()->plain()
|
||||
);
|
||||
}
|
||||
|
|
@ -1185,7 +1217,10 @@ class Cite {
|
|||
$s .= $this->referencesFormat( $group, $wgCiteResponsiveReferences );
|
||||
} else {
|
||||
$s .= "\n<br />" .
|
||||
$this->error( 'cite_error_group_refs_without_references', htmlspecialchars( $group ) );
|
||||
$this->error(
|
||||
'cite_error_group_refs_without_references',
|
||||
Sanitizer::safeEncodeAttribute( $group )
|
||||
);
|
||||
}
|
||||
}
|
||||
if ( $isSectionPreview && $s !== '' ) {
|
||||
|
|
|
|||
|
|
@ -425,7 +425,7 @@ Wikipedia rocks!<ref group="klingon">Proceeds of Rockology, vol. XXI</ref>
|
|||
|
||||
<references group="klingon"/>
|
||||
!! html
|
||||
<p>Wikipedia rocks!<sup id="cite_ref-1" class="reference"><a href="#cite_note-1">[wa']</a></sup>
|
||||
<p>Wikipedia rocks!<sup id="cite_ref-1" class="reference"><a href="#cite_note-1">[wa']</a></sup>
|
||||
</p>
|
||||
<div class="mw-references-wrap"><ol class="references">
|
||||
<li id="cite_note-1"><span class="mw-cite-backlink"><a href="#cite_ref-1">↑</a></span> <span class="reference-text">Proceeds of Rockology, vol. XXI</span>
|
||||
|
|
@ -905,10 +905,20 @@ Ref: 17. Generate valid HTML5 id/about attributes
|
|||
|
||||
!! test
|
||||
Ref: 18. T58916: Extension attributes should be parsed as plain text
|
||||
!! config
|
||||
wgFragmentMode=[ 'html5', 'legacy' ]
|
||||
!! wikitext
|
||||
<ref name="{{echo|a}}">foo</ref>
|
||||
|
||||
<references />
|
||||
!! html/php
|
||||
<p><sup id="cite_ref-{{echo|a}}_1-0" class="reference"><a href="#cite_note-{{echo|a}}-1">[1]</a></sup>
|
||||
</p>
|
||||
<div class="mw-references-wrap"><ol class="references">
|
||||
<li id="cite_note-{{echo|a}}-1"><span class="mw-cite-backlink"><a href="#cite_ref-{{echo|a}}_1-0">↑</a></span> <span class="reference-text">foo</span>
|
||||
</li>
|
||||
</ol></div>
|
||||
|
||||
!! html/parsoid
|
||||
<p><span class="mw-ref" id="cite_ref-.7B.7Becho.7Ca.7D.7D_1-0" rel="dc:references" typeof="mw:Extension/ref" data-mw='{"name":"ref","body":{"id":"mw-reference-text-cite_note-.7B.7Becho.7Ca.7D.7D-1"},"attrs":{"name":"{{echo|a}}"}}'><a href="./Main_Page#cite_note-.7B.7Becho.7Ca.7D.7D-1"><span class="mw-reflink-text">[1]</span></a></span>
|
||||
</p>
|
||||
|
|
|
|||
Loading…
Reference in a new issue