MediaWiki  1.28.0
ApiFormatJson.php
Go to the documentation of this file.
1 <?php
32 
33  private $isRaw;
34 
35  public function __construct( ApiMain $main, $format ) {
36  parent::__construct( $main, $format );
37  $this->isRaw = ( $format === 'rawfm' );
38 
39  if ( $this->getMain()->getCheck( 'callback' ) ) {
40  # T94015: jQuery appends a useless '_' parameter in jsonp mode.
41  # Mark the parameter as used in that case to avoid a warning that's
42  # outside the control of the end user.
43  # (and do it here because ApiMain::reportUnusedParams() gets called
44  # before our ::execute())
45  $this->getMain()->markParamsUsed( '_' );
46  }
47  }
48 
49  public function getMimeType() {
50  $params = $this->extractRequestParams();
51  // callback:
52  if ( isset( $params['callback'] ) ) {
53  return 'text/javascript';
54  }
55 
56  return 'application/json';
57  }
58 
59  public function execute() {
60  $params = $this->extractRequestParams();
61 
62  $opt = 0;
63  if ( $this->isRaw ) {
64  $opt |= FormatJson::ALL_OK;
65  $transform = [];
66  } else {
67  switch ( $params['formatversion'] ) {
68  case 1:
70  $transform = [
71  'BC' => [],
72  'Types' => [ 'AssocAsObject' => true ],
73  'Strip' => 'all',
74  ];
75  break;
76 
77  case 2:
78  case 'latest':
80  $transform = [
81  'Types' => [ 'AssocAsObject' => true ],
82  'Strip' => 'all',
83  ];
84  break;
85 
86  default:
87  $this->dieUsage( __METHOD__ .
88  ': Unknown value for \'formatversion\'', 'unknownformatversion' );
89  }
90  }
91  $data = $this->getResult()->getResultData( null, $transform );
92  $json = FormatJson::encode( $data, $this->getIsHtml(), $opt );
93 
94  // Bug 66776: wfMangleFlashPolicy() is needed to avoid a nasty bug in
95  // Flash, but what it does isn't friendly for the API, so we need to
96  // work around it.
97  if ( preg_match( '/<\s*cross-domain-policy(?=\s|>)/i', $json ) ) {
98  $json = preg_replace(
99  '/<(\s*cross-domain-policy(?=\s|>))/i', '\\u003C$1', $json
100  );
101  }
102 
103  if ( isset( $params['callback'] ) ) {
104  $callback = preg_replace( "/[^][.\\'\\\"_A-Za-z0-9]/", '', $params['callback'] );
105  # Prepend a comment to try to avoid attacks against content
106  # sniffers, such as bug 68187.
107  $this->printText( "/**/$callback($json)" );
108  } else {
109  $this->printText( $json );
110  }
111  }
112 
113  public function getAllowedParams() {
114  if ( $this->isRaw ) {
115  return parent::getAllowedParams();
116  }
117 
118  $ret = parent::getAllowedParams() + [
119  'callback' => [
120  ApiBase::PARAM_HELP_MSG => 'apihelp-json-param-callback',
121  ],
122  'utf8' => [
123  ApiBase::PARAM_DFLT => false,
124  ApiBase::PARAM_HELP_MSG => 'apihelp-json-param-utf8',
125  ],
126  'ascii' => [
127  ApiBase::PARAM_DFLT => false,
128  ApiBase::PARAM_HELP_MSG => 'apihelp-json-param-ascii',
129  ],
130  'formatversion' => [
131  ApiBase::PARAM_TYPE => [ 1, 2, 'latest' ],
132  ApiBase::PARAM_DFLT => 1,
133  ApiBase::PARAM_HELP_MSG => 'apihelp-json-param-formatversion',
134  ],
135  ];
136  return $ret;
137  }
138 }
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below...
Definition: ApiBase.php:88
getResult()
Get the result object.
Definition: ApiBase.php:577
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition: hooks.txt:1936
const PARAM_DFLT
(null|boolean|integer|string) Default value of the parameter.
Definition: ApiBase.php:50
getMain()
Get the main module.
Definition: ApiBase.php:473
const ALL_OK
Skip escaping as many characters as reasonably possible.
Definition: FormatJson.php:55
extractRequestParams($parseLimit=true)
Using getAllowedParams(), this function makes an array of the values provided by the user...
Definition: ApiBase.php:678
This is the abstract base class for API formatters.
printText($text)
Append text to the output buffer.
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition: hooks.txt:1936
getIsHtml()
Returns true when the HTML pretty-printer should be used.
static encode($value, $pretty=false, $escaping=0)
Returns the JSON representation of a value.
Definition: FormatJson.php:127
$params
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:43
const PARAM_HELP_MSG
(string|array|Message) Specify an alternative i18n documentation message for this parameter...
Definition: ApiBase.php:125
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
dieUsage($description, $errorCode, $httpRespCode=0, $extradata=null)
Throw a UsageException, which will (if uncaught) call the main module's error handler and die with an...
Definition: ApiBase.php:1574
API JSON output formatter.
__construct(ApiMain $main, $format)
const XMLMETA_OK
Skip escaping the characters '<', '>', and '&', which have special meanings in HTML and XML...
Definition: FormatJson.php:46