59 $config = $this->context->getConfig();
61 if ( !$request->checkUrlExtension() ) {
65 if ( $this->
getOutput()->checkLastModified( $this->page->getTouched() ) ) {
71 $maxage = $request->getInt(
'maxage', $config->get(
'CdnMaxAge' ) );
72 $smaxage = $request->getIntOrNull(
'smaxage' );
73 if ( $smaxage ===
null ) {
75 $contentType ==
'text/css' ||
76 $contentType ==
'application/json' ||
77 $contentType ==
'text/javascript'
82 $smaxage = intval( $config->get(
'ForcedRawSMaxage' ) );
94 $privateCache = !User::isEveryoneAllowed(
'read' ) &&
95 ( $smaxage == 0 || MediaWiki\Session\SessionManager::getGlobalSession()->isPersistent() );
97 $privateCache = $privateCache || $this->
getUser()->isLoggedIn();
98 $mode = $privateCache ?
'private' :
'public';
100 'Cache-Control: ' . $mode .
', s-maxage=' . $smaxage .
', max-age=' . $maxage
108 if (
$title->isUserConfigPage() && $contentType !==
'text/x-wiki' ) {
111 $rootPage = strtok(
$title->getText(),
'/' );
112 $userFromTitle = User::newFromName( $rootPage,
'usable' );
113 if ( !$userFromTitle || $userFromTitle->getId() === 0 ) {
114 $elevated = MediaWikiServices::getInstance()->getPermissionManager()
115 ->userHasRight( $this->
getUser(),
'editinterface' );
116 $elevatedText = $elevated ?
'by elevated ' :
'';
117 $log = LoggerFactory::getInstance(
"security" );
119 "Unsafe JS/CSS/Json {$elevatedText}load - {user} loaded {title} with {ctype}",
122 'title' =>
$title->getPrefixedDBkey(),
123 'ctype' => $contentType,
124 'elevated' => $elevated
127 $msg =
wfMessage(
'unregistered-user-config' );
139 $contentType ===
'text/javascript' &&
140 !
$title->isUserJsConfigPage() &&
142 !in_array(
'sysop',
$title->getRestrictions(
'edit' ) ) &&
143 !in_array(
'editprotected',
$title->getRestrictions(
'edit' ) )
146 $log = LoggerFactory::getInstance(
"security" );
147 $log->info(
"Blocked loading unprotected JS {title} for {user}",
150 'title' =>
$title->getPrefixedDBkey(),
156 $response->header(
'Content-type: ' . $contentType .
'; charset=UTF-8' );
164 if ( $text ===
false && $contentType ==
'text/x-wiki' ) {
170 if ( !Hooks::run(
'RawPageViewBeforeOutput', [ &$rawAction, &$text ] ) ) {
171 wfDebug( __METHOD__ .
": RawPageViewBeforeOutput hook broke raw page output.\n" );
193 $lastmod =
wfTimestamp( TS_RFC2822, $rev->getTimestamp() );
194 $request->response()->header(
"Last-modified: $lastmod" );
204 wfHttpError( 415,
"Unsupported Media Type",
"The requested page uses the content model `"
205 .
$content->getModel() .
"` which is not supported via this interface." );
209 $section = $request->getIntOrNull(
'section' );
210 if ( $section !==
null ) {
223 if ( $text !==
false && $text !==
'' && $request->getRawVal(
'templates' ) ===
'expand' ) {
224 $text = MediaWikiServices::getInstance()->getParser()->preprocess(
227 ParserOptions::newFromContext( $this->
getContext() )
240 $oldid = $this->
getRequest()->getInt(
'oldid' );
241 $rl = MediaWikiServices::getInstance()->getRevisionLookup();
242 switch ( $this->
getRequest()->getText(
'direction' ) ) {
244 # output next revision, or nothing if there isn't one
247 $oldRev = $rl->getRevisionById( $oldid );
249 $nextRev = $rl->getNextRevision( $oldRev );
252 $oldid = $nextRev ? $nextRev->getId() : -1;
255 # output previous revision, or nothing if there isn't one
258 # get the current revision so we can get the penultimate one
259 $oldid = $this->page->getLatest();
261 $oldRev = $rl->getRevisionById( $oldid );
263 $prevRev = $rl->getPreviousRevision( $oldRev );
265 $oldid = $prevRev ? $prevRev->getId() : -1;
282 $ctype = $this->
getRequest()->getRawVal(
'ctype' );
284 if ( $ctype ==
'' ) {
286 $gen = $this->
getRequest()->getRawVal(
'gen' );
287 if ( $gen ==
'js' ) {
288 $ctype =
'text/javascript';
289 } elseif ( $gen ==
'css' ) {
299 'application/x-zope-edit',
302 if ( $ctype ==
'' || !in_array( $ctype, $allowedCTypes ) ) {
303 $ctype =
'text/x-wiki';
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
wfHttpError( $code, $label, $desc)
Provide a simple HTTP error.
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
getTitle()
Shortcut to get the Title object from the page.
getContext()
Get the IContextSource in use here.
getOutput()
Get the OutputPage being used for this instance.
getUser()
Shortcut to get the User being used for this instance.
getRequest()
Get the WebRequest being used for this instance.
Show an error that looks like an HTTP server error.
A simple method to retrieve the plain source of an article, using "action=raw" in the GET request str...
getContentType()
Get the content type to use for the response.
getRawText()
Get the text that should be returned, or false if the page or revision was not found.
getName()
Return the name of the action this object responds to.
requiresWrite()
Whether this action requires the wiki not to be locked.
onView()
SecurityCheck-XSS Non html mime type.
requiresUnblock()
Whether this action can still be executed by a blocked user.
getOldId()
Get the ID of the revision that should used to get the text.
Content object implementation for representing flat text.