mediawiki-extensions-RSS/includes/Hooks.php

105 lines
2.9 KiB
PHP
Raw Normal View History

<?php
namespace MediaWiki\Extension\RSS;
use MediaWiki\Hook\ParserFirstCallInitHook;
use MWHttpRequest;
use Parser;
use PPFrame;
use Status;
class Hooks implements ParserFirstCallInitHook {
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
/**
* Tell the parser how to handle <rss> elements
* @param Parser $parser Parser Object
*/
public function onParserFirstCallInit( $parser ) {
// Install parser hook for <rss> tags
$parser->setHook( 'rss', [ __CLASS__, 'renderRss' ] );
}
/**
* Static function wrapping RSSParser to handle rendering of RSS elements
* @param string $input text inside the tags.
* @param array $args value associative list of the element attributes and
* their values.
* @param Parser $parser
* @param PPFrame $frame parser context
* @return string
*/
public static function renderRss( $input, array $args, Parser $parser, PPFrame $frame ) {
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
global $wgRSSCacheAge, $wgRSSCacheCompare, $wgRSSNamespaces,
$wgRSSUrlWhitelist,$wgRSSAllowedFeeds;
if ( is_array( $wgRSSNamespaces ) && count( $wgRSSNamespaces ) ) {
$nsUsed = $parser->getTitle()->getNamespace();
$authorizedNamespace = array_flip( $wgRSSNamespaces );
if ( !isset( $authorizedNamespace[$nsUsed] ) ) {
return Utils::getErrorHtml( 'rss-ns-permission' );
}
}
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
if ( isset( $wgRSSAllowedFeeds ) ) {
return Utils::getErrorHtml( 'rss-deprecated-wgrssallowedfeeds-found' );
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
}
# disallow because there is no whitelist at all or an empty whitelist
if ( !isset( $wgRSSUrlWhitelist )
|| !is_array( $wgRSSUrlWhitelist )
|| ( count( $wgRSSUrlWhitelist ) === 0 )
) {
return Utils::getErrorHtml( 'rss-empty-allow-list',
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
$input
);
}
# disallow the feed url because the url is not allowed; or
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
# disallow because the wildcard joker is not present to allow any feed url
# which can be dangerous
if ( !( in_array( $input, $wgRSSUrlWhitelist ) )
&& !( in_array( "*", $wgRSSUrlWhitelist ) ) ) {
$listOfAllowed = $parser->getTargetLanguage()->listToText( $wgRSSUrlWhitelist );
$numberAllowed = $parser->getTargetLanguage()->formatNum( count( $wgRSSUrlWhitelist ) );
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
return Utils::getErrorHtml( 'rss-url-is-not-allowed',
[ $input, $listOfAllowed, $numberAllowed ]
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
);
}
if ( !MWHttpRequest::isValidURI( $input ) ) {
return Utils::getErrorHtml( 'rss-invalid-url', htmlspecialchars( $input ) );
}
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
if ( $wgRSSCacheCompare ) {
$timeout = $wgRSSCacheCompare;
} else {
$timeout = $wgRSSCacheAge;
}
$parser->getOutput()->updateCacheExpiry( $timeout );
$rss = new RSSParser( $input, $args );
$status = $rss->fetch();
# Check for errors.
if ( !$status->isGood() ) {
return wfMessage(
'rss-error', htmlspecialchars( $input ), Status::wrap( $status )->getWikitext()
)->escaped();
}
if ( !is_object( $rss->rss ) || !is_array( $rss->rss->items ) ) {
return Utils::getErrorHtml( 'rss-empty', htmlspecialchars( $input ) );
}
return $rss->renderFeed( $parser, $frame );
}
version 2.18 + squashed commit RSS changes fromSVN bump version number from 2.17 to 2.18 for the releas version removed 4 white spaces tabs. followed the advices of the code reviewer. removed an unwanted switch(true) structure removed switch case by an assoc array, removed unneeded http factory comments Wikinaut 2013-01-04 removed unneeded INSTALL text file new version 2.17 incl. code cosmetics. rebased on master bea4447d24ad33c115e64385ef8fc5a308b58188 2012-12-22 bear with me ! It's my first real-life commit to gerrit. Wikinaut, 2012-12-30 Catrope squashed these together per Wikinaut's request. List of commit summaries: adding the long-wanted date format attribute. implemented a date format equalising function, so that dates of RSS feeds are rendered in a common format. follow-up r111347 : adding escapeTemplateParameter around the user supplied optional date attribute fix for bug30377 : add a new parameter to limit the number of characters when rendering the channel item <description> follow-up r111350 . check if optional parameter isset and is_numeric, otherwise limit to the built-in default (30000) removed a wrong comment regarding PHP 5.3 function date_create_from_format, which is not suited to auto-detect a time string in any formats - only strtotime() can do it. follow-up r111350 r111351 . switch replaced by if elseif construct. name and behaviour change of wgRSSAllowedFeeds towgRSSUrlWhitelist. The wgRSSUrlWhitelist is _now_ empty by default which was not the case until this version. Admins who want to allow their users to insert arbitrary feed urls must now denote this expressly with an asterisk in quotes as whitelist array element. This is harmonised to the same method as recently introduced in E:EtherpadLite. The RELEASE NOTES file has been updated, updates to the MediaWiki manual page will follow soon. increased wgRSSFetchTimeout default from 5 to 15 seconds - many sites are too slow. v2.00 can parse ATOM feeds, at least some. This is a major improvement over pre-2.00 versions which only could read and parse RSS feeds but no ATOM feeds. Version 2.00 begins to keep care of namespaces in the XML. The parser still leaves room for further improvements. At least, E:RSS can now read E:WikiArticleFeeds generated RSS _and_ ATOM feeds. v2.01 fixed ATOM summary element was forgotten to be parsed. Added handling of basic HTML layout tags (p br b u i s) in feed descriptions, they are preserved in the wiki output after sanitizing. improved code legibility function namespacePrefixedQuery fix for ultra bug 30028 . The RSS extension can parse RSS and ATOM feeds of different flavours. The php xml dom xpath query uses now a namespace-safe method to find all elements like item (RSS, RDF) or entry (ATOM). Further fixed a hidden problem when the feed url was redirecting, this threw the Cannot parse RSS for XML error, which is now history. Introduced a new parameter wgRSSUrlNumberOfAllowedRedirects which defaults to zero, i.e. no redirects are allowed by default. See Manual page removed superfluous code for setting userAgent since r112466 function name typo correction. Version number update fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. add tracking category feature (enabled by default). Each page using this extensions gets automatically the tracking category with MediaWiki:Rss-tracking-category name (= RSS). Tracking-Cat-Feature can be disabled, or a different MediaWiki message text can be assigned. Documentation of the switch is inline and follows on MediaWiki. follow up r113508 : escaped html tag brackets to make translaters happy beautifying the tracking category name adding casts. better ? removed the redundant code for handling tracking categories. By using '-' for the message text rss-tracking-category , this can be disabled easily. + Patchset 11 rebased on master + Patchset 12 wrapped commit message text lines version number bumped to 2.18 + Patchset 13 improved and updated README added history of the present version 2.18 + Patchset 14 white space fixes version number fixes Change-Id: I2d9724314f94c216650370071b31390c5c2c97fc
2012-02-13 01:39:24 +00:00
}