Commit graph

19 commits

Author SHA1 Message Date
Moritz Schubotz ff83048597 fix: texvccheck is not idempotent
The output of texvccheck is not only "checked" but also
rewritten to another form.
(For example $\R$ is transformed to $\mathbb{R}$.)
But the output might not be a valid input for the thexvccheck
part of texvc, like it happened in for the example given in the bug
description.
See also I599c4390da9b8f36d800f379a33ad5ce90f5096c
Bug: 61012
Change-Id: Iae5e350cb78c0e637e574390c586fbdb8dc38496
2014-02-07 10:27:21 +00:00
physikerwelt 6a0af8f3b4 Validate TeX input for all renderers, not just texvc
The user input specified in the math tag a. la
<math>E=m <script>alert('attacked')</script>^2 </math>
is verified in PNG rendering mode, but not in plaintext, MathJax
or LaTeXML rendering mode. This is a potential security issue.

Furthermore, the texvc specific commands such as $\reals$
that is expanded to $\mathbb{R}$ might be rendered differently
depended on the rendering mode.

Therefore, the security checking and rewriting portion of texvc
have been extracted from the texvc source
(see I1650e6ec2ccefff6335fbc36bbe8ca8f59db0faa) and are
now available as a separate executable (texvccheck).

This commit will now enable this enhancement in security and
provide even more compatibility among the different rendering
modes.

Bug: 49169
Change-Id: Ida24b6bf339508753bed40d2e218c4a5b7fe7d0c
2014-01-22 10:07:27 +00:00
Brad Jorsch 2b8534793f MathJax must not process every <strong class="error">
Many things in MediaWiki (and various on-wiki templates, at least on
enwiki) output error messages wrapped in <strong class="error">. MathJax
parsing all of these (added in I1199cb34) is completely broken.

What appears to have been intended is that MathJax would parse the
errors output by MathRenderer.php. So let's add a "texerror" class to
those and have MathJax look for that class instead.

Bug: 55675
Change-Id: Iaa6c3a892af463f38e6706f9407c6dcb948fe670
2014-01-15 12:05:55 -05:00
Max Semenik 4d68c31de1 Add profiling
Change-Id: I9066f6b2606044412a9b91ca395e841550d7e787
2013-11-18 14:46:00 +04:00
physikerwelt (Moritz Schubotz) 1a4f371cf6 Merge advanced database write method
Merge advanced database write capabilities
from the development branch.

Bug 53400

Change-Id: I99973bcf7b3a663eeecda136e32b70c26055dbb8
2013-09-18 17:37:35 -07:00
Frédéric Wang bfc9ce8e7b Improvements to prepare a MathJax+PNG option
- Remove MathMathJax.php, which uses exactly the same output as MathSource.php.
- Make wiki2jax able to handle texvc output as a preview before MathJax rendering.

Change-Id: I1199cb34d555d2a1e57da98857f41a22cfe81df4
2013-09-10 18:38:10 +02:00
physikerwelt 48461d0fca Check if media wiki core is capable of xml type checking
* new test for XML type checking function
* check if StrigUtils::isUtf8 exists in core (Thanks to Deyan Ginev for the hint.)

Bug: 50884
Change-Id: I86af95cbecc4b5c9c33fcd3a66a7fb2ccdde0194
2013-07-18 20:49:09 +00:00
physikerwelt 927340d345 New rendering option LaTeXML
Introduces a new rending option to render TeX to MathML
via LaTeXML.

Bug: 43222
Change-Id: I5d29e219c0d3b907e22ea0bb3b30f000d8a7a9f8
2013-05-26 12:12:51 +00:00
Matthew Flaschen 32e2f4d4f5 Use i18n params for errors than appending raw string, with test
* Remove parameters/append that are never outputted by texvc.ml
* Add missing math_output_error to i18n file
* Improve a few qqq descriptions

Change-Id: Iea5139682fbe8389e578549f5f62e5505f4c0b48
2013-05-18 01:48:16 -04:00
physikerwelt 5245d0f555 Introduce getter and setter for the MathRenderer
Adds a new method isChanged() for determining if a value was changed.
This is done in preparation for a more elaborated caching method that is
handled inside the abstract base class.

Change-Id: Ica15f77d96453d30edd3a117c7185c694ad3691e
2013-05-03 21:12:36 +00:00
physikerwelt 5616ea01a3 Remove even more unused variables
* $inputhash is also never used.
* Additional comments.
* allow creation of math renderer without $tex code

Change-Id: I64c181408e8acd16aee7a53a81a176b62a6726b5
2013-04-27 14:34:57 +00:00
physikerwelt b6faed7363 remove unused code
This code is never used and will not be used in the future.
Adressing the equation for search will be handled by the
MathSearch extension. There will be a hook function to label
the equations.

Change-Id: Ia2149460134b361fb44f8ad85660793b1951d988
2013-04-26 14:17:37 +00:00
Antoine Musso 84d531cca0 debug log was attempting to show a Blob object
A wfDebugLog() was attempting to concatenate a string with a Blob object
which does not support conversion to a string.  Since that was used to
show some hash, display the current string hash instead.
Furthermore the input-hash, which can be calculated from the TeX input
string was displayed, which is not very helpful. The variable hash is 
calculated by texvc and can be used to search for the rendered image in
the filesystem.

Change-Id: I9943fd51d3021bf2d62a29f33de0858803763f86
2013-04-26 12:40:03 +00:00
physikerwelt 08b93eebd6 renaming of read and write methods for database access
readFromBB->readFromDatabase
writeDBEntry->writeToDatabase

Change-Id: I426be5dc479ad789d0e85b149a989a581945c9be
2013-04-24 06:03:37 +00:00
physikerwelt c22f628a68 additional phpUnitTests
adds two new phpUnitTests for the abstract MathRender class
and another one that test the basic database access.
Therefore the read and write methods have been made changed
from protected to public.

Change-Id: I77a8b0a4dfe7529b5521ead097ac7b518688ef70
2013-04-07 20:21:35 +02:00
Liangent 20192a1ab8 Do proper pre-pack processing for $this->hash.
Output hash calcuation sometimes fails because of Texvc failure for
example, and $this->hash remains ''. At this time inserting null as
outputhash into database is improper, because that column is NOT NULL.

With this patch an empty string '' is inserted instead, and the if-check
is modified to avoid cases where ->hash exists but evaluates as null
(for example when it's '0000000000...' though it's extremely rare).

Change-Id: I852859f4b151b777c11b743faaed61dfc2c029a7
2013-03-13 21:56:53 +08:00
Daniel Friesen 48b029fbe9 Fix MathRenderer::renderMath.
The call to getRenderer is supposed to be a static method in the same class,
not a global function.

Change-Id: I5d101574b1d67238c6357e154209f2595cb36859
2013-02-17 10:32:09 +01:00
Physikerwelt 926db7c3bd Restructuring Math classes
The Math.body file which contains the MathRender class was split in the following way:
- Math.base contains the base class with the database related stuff and provides an abstract interface
- Math.source and Math.MathJax handle the plain tex string output. There are two classes since they
  will differntiate in the future I think.
- Math.texvc contains the "old" implementation of png generation with all the file handling related stuff
- Other implementation of math renderer can be added in the same style.
- Cleanup to better follow coding conventions.
- Changed LockManager to 'fsLockManager'

The first attempt restructure the class layout and introduce LaTeXML at the same
time was dropped. Instead this was split up into two phases.
This commit only deals about the restructuring of the math module design.

Change-Id: I9b1d68c4faa8d177d8d0088fa1a5879caed4f1fe
2013-02-07 20:35:45 -08:00
physikerwelt 7ff47f898f Rename Math.body to MathRenderer to be consistent with the class name.
Reson: Further classes will be added in the next step.

Change-Id: I9dba8c1fca11cbc51fa11edebabde4687d17e312
2013-01-01 17:16:35 +01:00
Renamed from Math.body.php (Browse further)