59 $response = $request->response();
60 $config = $this->context->getConfig();
62 if ( $this->
getOutput()->checkLastModified(
70 $maxage = $request->getInt(
'maxage', $config->get(
'CdnMaxAge' ) );
71 $smaxage = $request->getIntOrNull(
'smaxage' );
72 if ( $smaxage ===
null ) {
74 $contentType ==
'text/css' ||
75 $contentType ==
'application/json' ||
76 $contentType ==
'text/javascript'
81 $smaxage = intval( $config->get(
'ForcedRawSMaxage' ) );
89 $response->header( $this->
getOutput()->getVaryHeader() );
91 $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
94 $privateCache = !$permissionManager->isEveryoneAllowed(
'read' ) &&
95 ( $smaxage == 0 || MediaWiki\Session\SessionManager::getGlobalSession()->isPersistent() );
97 $privateCache = $privateCache || $this->
getUser()->isLoggedIn();
98 $mode = $privateCache ?
'private' :
'public';
100 'Cache-Control: ' . $mode .
', s-maxage=' . $smaxage .
', max-age=' . $maxage
108 if (
$title->isUserConfigPage() && $contentType !==
'text/x-wiki' ) {
111 $rootPage = strtok(
$title->getText(),
'/' );
112 $userFromTitle = User::newFromName( $rootPage,
'usable' );
113 if ( !$userFromTitle || $userFromTitle->getId() === 0 ) {
114 $elevated = $permissionManager->userHasRight( $this->
getUser(),
'editinterface' );
115 $elevatedText = $elevated ?
'by elevated ' :
'';
116 $log = LoggerFactory::getInstance(
"security" );
118 "Unsafe JS/CSS/Json {$elevatedText}load - {user} loaded {title} with {ctype}",
121 'title' =>
$title->getPrefixedDBkey(),
122 'ctype' => $contentType,
123 'elevated' => $elevated
126 $msg =
wfMessage(
'unregistered-user-config' );
138 $contentType ===
'text/javascript' &&
139 !
$title->isUserJsConfigPage() &&
141 !in_array(
'sysop',
$title->getRestrictions(
'edit' ) ) &&
142 !in_array(
'editprotected',
$title->getRestrictions(
'edit' ) )
145 $log = LoggerFactory::getInstance(
"security" );
146 $log->info(
"Blocked loading unprotected JS {title} for {user}",
149 'title' =>
$title->getPrefixedDBkey(),
155 $response->header(
'Content-type: ' . $contentType .
'; charset=UTF-8' );
163 if ( $text ===
false && $contentType ==
'text/x-wiki' ) {
164 $response->statusHeader( 404 );
167 if ( !$this->
getHookRunner()->onRawPageViewBeforeOutput( $this, $text ) ) {
168 wfDebug( __METHOD__ .
": RawPageViewBeforeOutput hook broke raw page output." );
188 $rev = MediaWikiServices::getInstance()
189 ->getRevisionLookup()
192 $lastmod =
wfTimestamp( TS_RFC2822, $rev->getTimestamp() );
193 $request->response()->header(
"Last-modified: $lastmod" );
196 $content = $rev->getContent( SlotRecord::MAIN );
203 wfHttpError( 415,
"Unsupported Media Type",
"The requested page uses the content model `"
204 .
$content->getModel() .
"` which is not supported via this interface." );
208 $section = $request->getIntOrNull(
'section' );
209 if ( $section !==
null ) {
222 if ( $text !==
false && $text !==
'' && $request->getRawVal(
'templates' ) ===
'expand' ) {
223 $text = MediaWikiServices::getInstance()->getParser()->preprocess(
226 ParserOptions::newFromContext( $this->
getContext() )
239 $oldid = $this->
getRequest()->getInt(
'oldid' );
240 $rl = MediaWikiServices::getInstance()->getRevisionLookup();
241 switch ( $this->
getRequest()->getText(
'direction' ) ) {
243 # output next revision, or nothing if there isn't one
246 $oldRev = $rl->getRevisionById( $oldid );
248 $nextRev = $rl->getNextRevision( $oldRev );
251 $oldid = $nextRev ? $nextRev->getId() : -1;
254 # output previous revision, or nothing if there isn't one
257 # get the current revision so we can get the penultimate one
260 $oldRev = $rl->getRevisionById( $oldid );
262 $prevRev = $rl->getPreviousRevision( $oldRev );
264 $oldid = $prevRev ? $prevRev->getId() : -1;
281 $ctype = $this->
getRequest()->getRawVal(
'ctype' );
283 if ( $ctype ==
'' ) {
285 $gen = $this->
getRequest()->getRawVal(
'gen' );
286 if ( $gen ==
'js' ) {
287 $ctype =
'text/javascript';
288 } elseif ( $gen ==
'css' ) {
298 'application/x-zope-edit',
301 if ( $ctype ==
'' || !in_array( $ctype, $allowedCTypes ) ) {
302 $ctype =
'text/x-wiki';
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
wfHttpError( $code, $label, $desc)
Provide a simple HTTP error.
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
getWikiPage()
Get a WikiPage object.
getOutput()
Get the OutputPage being used for this instance.
getRequest()
Get the WebRequest being used for this instance.
Show an error that looks like an HTTP server error.
A simple method to retrieve the plain source of an article, using "action=raw" in the GET request str...
getContentType()
Get the content type to use for the response.
getRawText()
Get the text that should be returned, or false if the page or revision was not found.
getName()
Return the name of the action this object responds to.
requiresWrite()
Whether this action requires the wiki not to be locked.
onView()
SecurityCheck-XSS Non html mime type.
requiresUnblock()
Whether this action can still be executed by a blocked user.
getOldId()
Get the ID of the revision that should used to get the text.
Content object implementation for representing flat text.