wikimedia/css-sanitizer provides a real CSS parser, which should be
safer than poking at things with regular expressions.
Instead of the strange hybrid model that tried to both process inline
CSS and save CSS when the template is saved, it now looks for
<templatestyles src="Title" /> during the parse to do all the
transclusion of styles.
The output method is "<style> tags in the body", pending someone
implementing T160563.
It now also registers a "sanitized-css" content model, which should pick
up the CSS syntax highlighting and will validate the submitted CSS on
submit and prevent a save if it's not valid.
This patch also takes advantage of LGPL-2.x § 3 to relicense the
extension as GPL-2.0+, although at this point none of the LGPL code
remains anyway.
Bug: T133408
Bug: T136054
Bug: T135788
Bug: T135789
Change-Id: I993e6f18d32a43aac8398743133d227b05133bbd
Depends-On: If4eb5bf71f94fa366ec4eddb6964e8f4df6b824a
* Add phpdoc comments
* Rename some variables to be a bit more clear for new readers
* Break up render() to make things more readable and reduce cyclomatic
complexity
Change-Id: Iceeb1f6eb09b61efe6b81f359d28741f54fe88ad
Properties listed in $wgTemplateStylesPropertyBlacklist, or
those that contain function-like values not listed in
$wgTemplateStylesFunctionWhitelist cause the containing
declaration to be omitted from rendering entirely.
Additionally, rule selectors are unconditionally prepended
with '#mw-content-text' so that they cannot be applied to
UI elements outside the actual page content.
Change-Id: Id3d7dff465363d0163e4a5a1f31e770b4b0a67e2
