MediaWiki  master
ApiFormatJson.php
Go to the documentation of this file.
1 <?php
27 class ApiFormatJson extends ApiFormatBase {
28 
29  private $isRaw;
30 
31  public function __construct( ApiMain $main, $format ) {
32  parent::__construct( $main, $format );
33  $this->isRaw = ( $format === 'rawfm' );
34 
35  if ( $this->getMain()->getCheck( 'callback' ) ) {
36  # T94015: jQuery appends a useless '_' parameter in jsonp mode.
37  # Mark the parameter as used in that case to avoid a warning that's
38  # outside the control of the end user.
39  # (and do it here because ApiMain::reportUnusedParams() gets called
40  # before our ::execute())
41  $this->getMain()->markParamsUsed( '_' );
42  }
43  }
44 
45  public function getMimeType() {
46  $params = $this->extractRequestParams();
47  // callback:
48  if ( isset( $params['callback'] ) ) {
49  return 'text/javascript';
50  }
51 
52  return 'application/json';
53  }
54 
55  public function execute() {
56  $params = $this->extractRequestParams();
57 
58  $opt = 0;
59  if ( $this->isRaw ) {
60  $opt |= FormatJson::ALL_OK;
61  $transform = [];
62  } else {
63  switch ( $params['formatversion'] ) {
64  case 1:
65  $opt |= $params['utf8'] ? FormatJson::ALL_OK : FormatJson::XMLMETA_OK;
66  $transform = [
67  'BC' => [],
68  'Types' => [ 'AssocAsObject' => true ],
69  'Strip' => 'all',
70  ];
71  break;
72 
73  case 2:
74  case 'latest':
75  $opt |= $params['ascii'] ? FormatJson::XMLMETA_OK : FormatJson::ALL_OK;
76  $transform = [
77  'Types' => [ 'AssocAsObject' => true ],
78  'Strip' => 'all',
79  ];
80  break;
81 
82  default:
83  // Should have been caught during parameter validation
84  // @codeCoverageIgnoreStart
85  $this->dieDebug( __METHOD__, 'Unknown value for \'formatversion\'' );
86  // @codeCoverageIgnoreEnd
87  }
88  }
89  $data = $this->getResult()->getResultData( null, $transform );
90  $json = FormatJson::encode( $data, $this->getIsHtml(), $opt );
91  if ( $json === false ) {
92  // This should never happen, but it's a bug which could crop up
93  // if you use ApiResult::NO_VALIDATE for instance.
94  // @codeCoverageIgnoreStart
95  $this->dieDebug( __METHOD__, 'Unable to encode API result as JSON' );
96  // @codeCoverageIgnoreEnd
97  }
98 
99  // T68776: OutputHandler::mangleFlashPolicy() avoids a nasty bug in
100  // Flash, but what it does isn't friendly for the API, so we need to
101  // work around it.
102  if ( preg_match( '/<\s*cross-domain-policy(?=\s|>)/i', $json ) ) {
103  $json = preg_replace(
104  '/<(\s*cross-domain-policy(?=\s|>))/i', '\\u003C$1', $json
105  );
106  }
107 
108  if ( isset( $params['callback'] ) ) {
109  $callback = preg_replace( "/[^][.\\'\\\"_A-Za-z0-9]/", '', $params['callback'] );
110  # Prepend a comment to try to avoid attacks against content
111  # sniffers, such as T70187.
112  $this->printText( "/**/$callback($json)" );
113  } else {
114  $this->printText( $json );
115  }
116  }
117 
118  public function getAllowedParams() {
119  if ( $this->isRaw ) {
120  return parent::getAllowedParams();
121  }
122 
123  $ret = parent::getAllowedParams() + [
124  'callback' => [
125  ApiBase::PARAM_HELP_MSG => 'apihelp-json-param-callback',
126  ],
127  'utf8' => [
128  ApiBase::PARAM_DFLT => false,
129  ApiBase::PARAM_HELP_MSG => 'apihelp-json-param-utf8',
130  ],
131  'ascii' => [
132  ApiBase::PARAM_DFLT => false,
133  ApiBase::PARAM_HELP_MSG => 'apihelp-json-param-ascii',
134  ],
135  'formatversion' => [
136  ApiBase::PARAM_TYPE => [ '1', '2', 'latest' ],
137  ApiBase::PARAM_DFLT => '1',
138  ApiBase::PARAM_HELP_MSG => 'apihelp-json-param-formatversion',
139  ],
140  ];
141  return $ret;
142  }
143 }
ApiBase\PARAM_TYPE
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below...
Definition: ApiBase.php:94
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:640
$ret
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition: hooks.txt:1971
ApiBase\PARAM_DFLT
const PARAM_DFLT
(null|boolean|integer|string) Default value of the parameter.
Definition: ApiBase.php:55
ApiBase\getMain
getMain()
Get the main module.
Definition: ApiBase.php:536
FormatJson\ALL_OK
const ALL_OK
Skip escaping as many characters as reasonably possible.
Definition: FormatJson.php:55
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user...
Definition: ApiBase.php:761
ApiFormatBase\printText
printText( $text)
Append text to the output buffer.
Definition: ApiFormatBase.php:348
FormatJson\encode
static encode( $value, $pretty=false, $escaping=0)
Returns the JSON representation of a value.
Definition: FormatJson.php:115
ApiFormatBase
This is the abstract base class for API formatters.
Definition: ApiFormatBase.php:30
true
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition: hooks.txt:1971
ApiFormatBase\getIsHtml
getIsHtml()
Returns true when the HTML pretty-printer should be used.
Definition: ApiFormatBase.php:99
$params
$params
Definition: styleTest.css.php:41
ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:41
null
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not null
Definition: hooks.txt:767
ApiBase\PARAM_HELP_MSG
const PARAM_HELP_MSG
(string|array|Message) Specify an alternative i18n documentation message for this parameter...
Definition: ApiBase.php:131
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
ApiBase\dieDebug
static dieDebug( $method, $message)
Internal code errors should be reported with this method.
Definition: ApiBase.php:2212
ApiFormatJson
API JSON output formatter.
Definition: ApiFormatJson.php:27
ApiFormatJson\__construct
__construct(ApiMain $main, $format)
Definition: ApiFormatJson.php:31
FormatJson\XMLMETA_OK
const XMLMETA_OK
Skip escaping the characters &#39;<&#39;, &#39;>&#39;, and &#39;&&#39;, which have special meanings in HTML and XML...
Definition: FormatJson.php:46