- Generated on Fri Jun 13 2025 00:28:53 for MediaWiki by
1.10.0
|
MediaWiki master
|
Base class for REST route handlers. More...
Inherited by MediaWiki\Rest\Handler\ActionModuleBasedHandler, MediaWiki\Rest\Handler\CompareHandler, MediaWiki\Rest\Handler\DiscoveryHandler, MediaWiki\Rest\Handler\OpenSearchDescriptionHandler, MediaWiki\Rest\Handler\ParsoidHandler, MediaWiki\Rest\Handler\RedirectHandler, MediaWiki\Rest\Handler\SearchHandler, and MediaWiki\Rest\SimpleHandler.
Public Member Functions | |
| applyCacheControl (ResponseInterface $response) | |
| Apply cache control to enforce privacy. | |
| applyConditionalResponseHeaders (ResponseInterface $response) | |
| Apply verifier headers to the response, per RFC 7231 §7.2. | |
| checkPreconditions () | |
| Check the conditional request headers and generate a response if appropriate. | |
| checkSession () | |
| Check the session (and session provider) | |
| execute () | |
| Execute the handler. | |
| getAuthority () | |
| Get the current acting authority. | |
| getBodyParamSettings () | |
| Fetch ParamValidator settings for body fields. | |
| getBodyValidator ( $contentType) | |
| Fetch the BodyValidator. | |
| getConfig () | |
| Get the configuration array for the current route. | |
| getOpenApiSpec (string $method) | |
| Returns an OpenAPI Operation Object specification structure as an associative array. | |
| getParamSettings () | |
| Fetch ParamValidator settings for parameters. | |
| getPath () | |
| Returns the path this handler is bound to relative to the module prefix. | |
| getRequest () | |
| Get the current request. | |
| getResponseFactory () | |
| Get the ResponseFactory which can be used to generate Response objects. | |
| getSession () | |
| Get the Session. | |
| getSupportedPathParams () | |
| Get a list of parameter placeholders present in the route's path as returned by getPath(). | |
| getSupportedRequestTypes () | |
| Returns the content types that should be accepted by parseBodyData(). | |
| getValidatedBody () | |
| Fetch the validated body. | |
| getValidatedParams () | |
| Fetch the validated parameters. | |
| initContext (Module $module, string $path, array $routeConfig, array $openApiSpec=[]) | |
| Injects information about the handler's context in the Module. | |
| initForExecute (RequestInterface $request) | |
| Initialise for execution based on the given request. | |
| initServices (Authority $authority, ResponseFactory $responseFactory, HookContainer $hookContainer) | |
| Inject service objects. | |
| initSession (Session $session) | |
| Inject session information. | |
| needsReadAccess () | |
| Indicates whether this route requires read rights. | |
| needsWriteAccess () | |
| Indicates whether this route requires write access to the wiki. | |
| parseBodyData (RequestInterface $request) | |
| Returns the parsed body of the request. | |
| requireSafeAgainstCsrf () | |
| Indicates whether this route can be accessed only by session providers safe vs csrf. | |
| validate (Validator $restValidator) | |
| Validate the request parameters/attributes and body. | |
Public Attributes | |
| const | KNOWN_PARAM_SOURCES = Validator::KNOWN_PARAM_SOURCES |
| const | OPENAPI_DESCRIPTION_KEY = 'description' |
| const | PARAM_DESCRIPTION = Validator::PARAM_DESCRIPTION |
| const | PARAM_SOURCE = Validator::PARAM_SOURCE |
Protected Member Functions | |
| detectExtraneousBodyFields (Validator $restValidator) | |
| Subclasses may override this to disable or modify checks for extraneous body fields. | |
| generateResponseSpec (string $method) | |
| Returns an OpenAPI Responses Object specification structure as an associative array. | |
| getConditionalHeaderUtil () | |
| Get a ConditionalHeaderUtil object. | |
| getETag () | |
| The subclass should override this to provide an ETag for the current state of the requested resource. | |
| getHookContainer () | |
| Get a HookContainer, for running extension hooks or for hook metadata. | |
| getHookRunner () | |
| Get a HookRunner for running core hooks. | |
| getJsonLocalizer () | |
| Get a JsonLocalizer object. | |
| getLastModified () | |
| The subclass should override this to provide the maximum last modified timestamp of the requested resource. | |
| getModule () | |
| Get the Module this handler belongs to. | |
| getRequestBodySchema (string $mediaType) | |
| Returns a content schema per the OpenAPI spec. | |
| getRequestSpec (string $method) | |
| Returns an OpenAPI Request Body Object specification structure as an associative array. | |
| getResponseBodySchema (string $method) | |
| Returns an OpenAPI Schema Object specification structure as an associative array. | |
| getResponseBodySchemaFileName (string $method) | |
| Returns the path and name of a JSON file containing an OpenAPI Schema Object specification structure. | |
| getRouter () | |
| getRouteUrl ( $pathParams=[], $queryParams=[]) | |
| Get the URL of this handler's endpoint. | |
| hasRepresentation () | |
| The subclass should override this to indicate whether the resource exists. | |
| postInitSetup () | |
| The handler can override this to do any necessary setup after the init functions are called to inject dependencies. | |
| postValidationSetup () | |
| The handler can override this to do any necessary setup after validate() has been called. | |
| urlEncodeTitle ( $title) | |
| URL-encode titles in a "pretty" way. | |
Base class for REST route handlers.
Definition at line 25 of file Handler.php.
| MediaWiki\Rest\Handler::applyCacheControl | ( | ResponseInterface | $response | ) |
Apply cache control to enforce privacy.
Definition at line 559 of file Handler.php.
References MediaWiki\Rest\ResponseInterface\getHeaderLine(), and MediaWiki\Rest\ResponseInterface\setHeader().
| MediaWiki\Rest\Handler::applyConditionalResponseHeaders | ( | ResponseInterface | $response | ) |
Apply verifier headers to the response, per RFC 7231 §7.2.
This is called after execute() returns.
For GET and HEAD requests, the default behavior is to set the ETag and Last-Modified headers based on the values returned by getETag() and getLastModified() when they were called before execute() was run.
Other request methods are assumed to be state-changing, so no headers will be set by default.
This may be overridden to modify the verifier headers sent in the response. However, handlers that modify the resource's state would typically just set the ETag and Last-Modified headers in the execute() method.
| ResponseInterface | $response |
Definition at line 549 of file Handler.php.
| MediaWiki\Rest\Handler::checkPreconditions | ( | ) |
Check the conditional request headers and generate a response if appropriate.
This is called by the Router before execute() and may be overridden.
Reimplemented in MediaWiki\Rest\Handler\TransformHandler.
Definition at line 518 of file Handler.php.
| MediaWiki\Rest\Handler::checkSession | ( | ) |
Check the session (and session provider)
| HttpException | on failed check |
Definition at line 448 of file Handler.php.
|
protected |
Subclasses may override this to disable or modify checks for extraneous body fields.
| Validator | $restValidator |
| HttpException | On validation failure. |
Definition at line 429 of file Handler.php.
References MediaWiki\Rest\Validator\Validator\detectExtraneousBodyFields().
|
abstract |
Execute the handler.
This is called after parameter validation. The return value can either be a Response or any type accepted by ResponseFactory::createFromReturnValue().
To automatically construct an error response, execute() should throw a \MediaWiki\Rest\HttpException. Such exceptions will not be logged like a normal exception.
If execute() throws any other kind of exception, the exception will be logged and a generic 500 error page will be shown.
Reimplemented in MediaWiki\Rest\Handler\ActionModuleBasedHandler, MediaWiki\Rest\Handler\CompareHandler, MediaWiki\Rest\Handler\DiscoveryHandler, MediaWiki\Rest\Handler\OpenSearchDescriptionHandler, MediaWiki\Rest\Handler\ParsoidHandler, MediaWiki\Rest\Handler\RedirectHandler, MediaWiki\Rest\Handler\SearchHandler, MediaWiki\Rest\Handler\TransformHandler, and MediaWiki\Rest\SimpleHandler.
|
protected |
Returns an OpenAPI Responses Object specification structure as an associative array.
By default, this will contain basic information response for status 200, 400, and 500. The getResponseBodySchema() method is used to determine the structure of the response for status 200.
Subclasses may override this to provide additional information about the structure of responses.
| string | $method | The HTTP method to produce a spec for ("get", "post", etc). |
Reimplemented in MediaWiki\Rest\Handler\EditHandler, MediaWiki\Rest\Handler\OpenSearchDescriptionHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\TransformHandler.
Definition at line 839 of file Handler.php.
| MediaWiki\Rest\Handler::getAuthority | ( | ) |
Get the current acting authority.
The return type declaration causes it to raise a fatal error if initServices() has not yet been called.
Definition at line 347 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\CompareHandler\execute(), MediaWiki\Rest\Handler\PageHTMLHandler\postValidationSetup(), MediaWiki\Rest\Handler\PageSourceHandler\postValidationSetup(), MediaWiki\Rest\Handler\RevisionHTMLHandler\postValidationSetup(), MediaWiki\Rest\Handler\RevisionSourceHandler\postValidationSetup(), and MediaWiki\Rest\Handler\MediaLinksHandler\run().
| MediaWiki\Rest\Handler::getBodyParamSettings | ( | ) |
Fetch ParamValidator settings for body fields.
Parameters defined by this method are used to validate the request body. The parameter values will become available through getValidatedBody().
Subclasses may override this method to specify what fields they support in the request body. All parameter settings returned by this method must have self::PARAM_SOURCE set to 'body'.
Reimplemented in MediaWiki\Rest\Handler\CreationHandler, and MediaWiki\Rest\Handler\UpdateHandler.
Definition at line 618 of file Handler.php.
| MediaWiki\Rest\Handler::getBodyValidator | ( | $contentType | ) |
Fetch the BodyValidator.
| string | $contentType | Content type of the request. |
| HttpException | It's possible to fail early here when e.g. $contentType is unsupported, or later when { |
Definition at line 869 of file Handler.php.
Referenced by MediaWiki\Rest\Validator\Validator\validateBody().
|
protected |
Get a ConditionalHeaderUtil object.
On the first call to this method, the object will be initialized with validator values by calling getETag(), getLastModified() and hasRepresentation().
Definition at line 491 of file Handler.php.
References MediaWiki\Rest\ConditionalHeaderUtil\setValidators().
| MediaWiki\Rest\Handler::getConfig | ( | ) |
Get the configuration array for the current route.
The return type declaration causes it to raise a fatal error if initContext() has not been called.
Definition at line 356 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\RedirectHandler\execute(), and MediaWiki\Rest\Handler\SearchHandler\postInitSetup().
|
protected |
The subclass should override this to provide an ETag for the current state of the requested resource.
This is called before execute() in order to decide whether to send a 304. If the request is going to change the state of the resource, the ETag returned must represent the state before the change. In other words, it must identify the entity that the change is going to be applied to.
For GET and HEAD requests, this ETag will also be included in the response.
Handlers that modify the resource and want to return an ETag header representing the new state in the response should set the header in the execute() method. However, note that responses to PUT requests must not return an ETag unless the new content of the resource is exactly the data that was sent by the client in the request body.
This must be a complete ETag, including double quotes. See RFC 7231 §7.2 and RFC 7232 §2.3 for semantics.
This method should return null if the resource doesn't exist. It may also return null if ETag semantics is not supported by the Handler.
Reimplemented in MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\RevisionSourceHandler.
Definition at line 1116 of file Handler.php.
|
protected |
Get a HookContainer, for running extension hooks or for hook metadata.
Definition at line 1047 of file Handler.php.
|
protected |
Get a HookRunner for running core hooks.
Definition at line 1059 of file Handler.php.
|
protected |
|
protected |
The subclass should override this to provide the maximum last modified timestamp of the requested resource.
This is called before execute() in order to decide whether to send a 304. If the request is going to change the state of the resource, the time returned must represent the last modification date before the change. In other words, it must provide the timestamp of the entity that the change is going to be applied to.
For GET and HEAD requests, this value will automatically be included in the response in the Last-Modified header.
Handlers that modify the resource and want to return a Last-Modified header representing the new state in the response should set the header in the execute() method.
See RFC 7231 §7.2 and RFC 7232 §2.3 for semantics.
Reimplemented in MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryCountHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\RevisionSourceHandler.
Definition at line 1085 of file Handler.php.
|
protected |
Get the Module this handler belongs to.
Will fail hard if called before initContext().
Definition at line 287 of file Handler.php.
| MediaWiki\Rest\Handler::getOpenApiSpec | ( | string | $method | ) |
Returns an OpenAPI Operation Object specification structure as an associative array.
By default, this will contain information about the supported parameters, as well as the response for status 200.
Subclasses may override this to provide additional information.
| string | $method | The HTTP method to produce a spec for ("get", "post", etc). Useful for handlers that behave differently depending on the request method. |
Definition at line 641 of file Handler.php.
| MediaWiki\Rest\Handler::getParamSettings | ( | ) |
Fetch ParamValidator settings for parameters.
Every setting must include self::PARAM_SOURCE to specify which part of the request is to contain the parameter.
Can be used for the request body as well, by setting self::PARAM_SOURCE to "post". Note that the values of "post" parameters will be accessible through getValidatedParams(). "post" parameters are used with form data (application/x-www-form-urlencoded or multipart/form-data).
For "query" parameters, a PARAM_REQUIRED setting of "false" means the caller does not have to supply the parameter. For "path" parameters, the path matcher will always require the caller to supply all path parameters for a route, regardless of the PARAM_REQUIRED setting. However, "path" parameters may be specified in getParamSettings() as non-required to indicate that the handler services multiple routes, some of which may not supply the parameter.
Reimplemented in MediaWiki\Rest\Handler\CompareHandler, MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\ModuleSpecHandler, MediaWiki\Rest\Handler\OpenSearchDescriptionHandler, MediaWiki\Rest\Handler\PageHistoryCountHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, MediaWiki\Rest\Handler\RevisionSourceHandler, MediaWiki\Rest\Handler\SearchHandler, MediaWiki\Rest\Handler\TransformHandler, and MediaWiki\Rest\Handler\UpdateHandler.
Definition at line 603 of file Handler.php.
Referenced by MediaWiki\Rest\SimpleHandler\execute().
| MediaWiki\Rest\Handler::getPath | ( | ) |
Returns the path this handler is bound to relative to the module prefix.
Includes path variables.
Definition at line 258 of file Handler.php.
| MediaWiki\Rest\Handler::getRequest | ( | ) |
Get the current request.
The return type declaration causes it to raise a fatal error if initForExecute() has not yet been called.
Definition at line 336 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\RedirectHandler\execute(), MediaWiki\Rest\SimpleHandler\execute(), MediaWiki\Rest\Handler\TransformHandler\getRequestAttributes(), MediaWiki\Rest\Handler\PageHTMLHandler\postValidationSetup(), and MediaWiki\Rest\Handler\RevisionHTMLHandler\postValidationSetup().
|
protected |
Returns a content schema per the OpenAPI spec.
Per default, this provides schemas for JSON requests and form data, based on the parameter declarations returned by getParamSettings().
Subclasses may override this to provide additional information about the structure of responses, or to add support for additional mediaTypes.
Definition at line 739 of file Handler.php.
|
protected |
Returns an OpenAPI Request Body Object specification structure as an associative array.
This is based on the getBodyParamSettings() and getSupportedRequestTypes().
Subclasses may override this to provide additional information about the structure of responses, or to add support for additional mediaTypes.
| string | $method |
Definition at line 703 of file Handler.php.
|
protected |
Returns an OpenAPI Schema Object specification structure as an associative array.
Returns null by default. Subclasses that return a JSON response should implement this method to return a schema of the response body.
| string | $method | The HTTP method to produce a spec for ("get", "post", etc). |
Definition at line 801 of file Handler.php.
|
protected |
Returns the path and name of a JSON file containing an OpenAPI Schema Object specification structure.
Returns null by default. Subclasses with a suitable JSON file should implement this method.
| string | $method | The HTTP method to produce a spec for ("get", "post", etc). |
Reimplemented in MediaWiki\Rest\Handler\CompareHandler, MediaWiki\Rest\Handler\CreationHandler, MediaWiki\Rest\Handler\DiscoveryHandler, MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\ModuleSpecHandler, MediaWiki\Rest\Handler\PageHistoryCountHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, MediaWiki\Rest\Handler\RevisionSourceHandler, MediaWiki\Rest\Handler\SearchHandler, and MediaWiki\Rest\Handler\UpdateHandler.
Definition at line 820 of file Handler.php.
| MediaWiki\Rest\Handler::getResponseFactory | ( | ) |
Get the ResponseFactory which can be used to generate Response objects.
This will raise a fatal error if initServices() has not been called.
Definition at line 365 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\ActionModuleBasedHandler\execute(), MediaWiki\Rest\Handler\CompareHandler\execute(), MediaWiki\Rest\Handler\RedirectHandler\execute(), MediaWiki\Rest\Handler\MediaLinksHandler\run(), and MediaWiki\Rest\Handler\RevisionSourceHandler\run().
|
protected |
Definition at line 279 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\RedirectHandler\execute(), and MediaWiki\Rest\Handler\CreationHandler\mapActionModuleResponse().
|
protected |
Get the URL of this handler's endpoint.
Supports the substitution of path parameters, and additions of query parameters.
| string[] | $pathParams | Path parameters to be injected into the path |
| string[] | $queryParams | Query parameters to be attached to the URL |
Definition at line 302 of file Handler.php.
| MediaWiki\Rest\Handler::getSession | ( | ) |
Get the Session.
This will raise a fatal error if initSession() has not been called.
Definition at line 374 of file Handler.php.
| MediaWiki\Rest\Handler::getSupportedPathParams | ( | ) |
Get a list of parameter placeholders present in the route's path as returned by getPath().
Note that this is independent of the parameters defined by getParamSettings(): required path parameters defined in getParamSettings() should be present in the path, but there is no mechanism to ensure that they are.
Definition at line 271 of file Handler.php.
| MediaWiki\Rest\Handler::getSupportedRequestTypes | ( | ) |
Returns the content types that should be accepted by parseBodyData().
Subclasses that support request types other than application/json should override this method.
If "application/x-www-form-urlencoded" or "multipart/form-data" are returned, parseBodyData() will use $request->getPostParams() to determine the body data.
Reimplemented in MediaWiki\Rest\Handler\ParsoidHandler.
Definition at line 1024 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\ParsoidHandler\getSupportedRequestTypes().
| MediaWiki\Rest\Handler::getValidatedBody | ( | ) |
Fetch the validated body.
Definition at line 894 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\CreationHandler\getActionModuleParameters(), MediaWiki\Rest\Handler\UpdateHandler\getActionModuleParameters(), and MediaWiki\Rest\Handler\CreationHandler\getTitleParameter().
| MediaWiki\Rest\Handler::getValidatedParams | ( | ) |
Fetch the validated parameters.
This must be called after validate() is called. During execute() is fine.
\RuntimeException If validate() has not been called
Definition at line 882 of file Handler.php.
Referenced by MediaWiki\Rest\SimpleHandler\execute(), MediaWiki\Rest\Handler\UpdateHandler\getTitleParameter(), MediaWiki\Rest\Handler\UpdateHandler\mapActionModuleResult(), MediaWiki\Rest\Handler\PageHTMLHandler\postValidationSetup(), MediaWiki\Rest\Handler\PageSourceHandler\postValidationSetup(), MediaWiki\Rest\Handler\RevisionHTMLHandler\postValidationSetup(), and MediaWiki\Rest\Handler\RevisionSourceHandler\postValidationSetup().
|
protected |
The subclass should override this to indicate whether the resource exists.
This is used for wildcard validators, for example "If-Match: *" fails if the resource does not exist.
If this method returns null, the value returned by getETag() will be used to determine whether the resource exists.
In a state-changing request, the return value of this method should reflect the state before the requested change is applied.
Reimplemented in MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\RevisionSourceHandler.
Definition at line 1135 of file Handler.php.
|
final |
Injects information about the handler's context in the Module.
The framework should call this right after the object was constructed.
First function of the initialization function, must be called before initServices().
| Module | $module | |
| string | $path | |
| array | $routeConfig | information about the route declaration. |
| array | $openApiSpec | OpenAPI meta-data, such as the description. |
Definition at line 100 of file Handler.php.
References $path.
|
final |
Initialise for execution based on the given request.
Last function of the initialization function, must be called after initSession() and before validate() and checkPreconditions().
This function will call postInitSetup() to allow subclasses to perform their own initialization.
The request object is updated with parsed body data if needed.
| RequestInterface | $request |
| HttpException | if the handler does not accept the request for some reason. |
Definition at line 196 of file Handler.php.
References MediaWiki\Rest\RequestInterface\getParsedBody(), and MediaWiki\Rest\Handler\postInitSetup().
|
final |
Inject service objects.
Second function of the initialization function, must be called after initContext() and before initSession().
| Authority | $authority | |
| ResponseFactory | $responseFactory | |
| HookContainer | $hookContainer |
Definition at line 129 of file Handler.php.
Referenced by MediaWiki\Rest\Router\prepareHandler().
|
final |
Inject session information.
Third function of the initialization function, must be called after initServices() and before initForExecute().
| Session | $session |
Definition at line 165 of file Handler.php.
Referenced by MediaWiki\Rest\Router\prepareHandler().
| MediaWiki\Rest\Handler::needsReadAccess | ( | ) |
Indicates whether this route requires read rights.
The handler should override this if it does not need to read from the wiki. This is uncommon, but may be useful for login and other account management APIs.
Definition at line 1150 of file Handler.php.
| MediaWiki\Rest\Handler::needsWriteAccess | ( | ) |
Indicates whether this route requires write access to the wiki.
Handlers may override this method to return false if and only if the operation they implement is "safe" per RFC 7231 section 4.2.1. A handler's operation is "safe" if it is essentially read-only, i.e. the client does not request nor expect any state change that would be observable in the responses to future requests.
Implementations of this method must always return the same value, regardless of the parameters passed to the constructor or system state.
Handlers for GET, HEAD, OPTIONS, and TRACE requests should each implement a "safe" operation. Handlers of PUT and DELETE requests should each implement a non-"safe" operation. Note that handlers of POST requests can implement a "safe" operation, particularly in the case where large input parameters are required.
The information provided by this method is used to perform basic authorization checks and to determine whether cross-origin requests are safe.
Reimplemented in MediaWiki\Rest\Handler\CompareHandler, MediaWiki\Rest\Handler\EditHandler, MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryCountHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, MediaWiki\Rest\Handler\RevisionSourceHandler, MediaWiki\Rest\Handler\SearchHandler, and MediaWiki\Rest\Handler\TransformHandler.
Definition at line 1177 of file Handler.php.
Referenced by MediaWiki\Rest\CorsUtils\authorize().
| MediaWiki\Rest\Handler::parseBodyData | ( | RequestInterface | $request | ) |
Returns the parsed body of the request.
Should only be called if $request->hasBody() returns true.
The default implementation handles application/x-www-form-urlencoded and multipart/form-data by calling $request->getPostParams(), if the list returned by getSupportedRequestTypes() includes these types.
The default implementation handles application/json by parsing the body content as JSON. Only object structures (maps) are supported, other types will trigger an HttpException with status 400.
Other content types will trigger a HttpException with status 415 per default.
Subclasses may override this method to support parsing additional content types or to disallow content types by throwing an HttpException with status 415. Subclasses may also return null to indicate that they support reading the content, but intend to handle it as an unparsed stream in their implementation of the execute() method.
Subclasses that override this method to support additional request types should also override getSupportedRequestTypes() to allow that support to be documented in the OpenAPI spec.
| HttpException | If the content type is not supported or the content is malformed. |
Definition at line 931 of file Handler.php.
|
protected |
The handler can override this to do any necessary setup after the init functions are called to inject dependencies.
| HttpException | if the handler does not accept the request for some reason. |
Reimplemented in MediaWiki\Rest\Handler\SearchHandler.
Definition at line 1207 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\initForExecute().
|
protected |
The handler can override this to do any necessary setup after validate() has been called.
This gives the handler an opportunity to do initialization based on parameters before pre-execution calls like getLastModified() or getETag().
Reimplemented in MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\RevisionSourceHandler.
Definition at line 1218 of file Handler.php.
| MediaWiki\Rest\Handler::requireSafeAgainstCsrf | ( | ) |
Indicates whether this route can be accessed only by session providers safe vs csrf.
The handler should override this if the route must only be accessed by session providers that are safe against csrf.
A return value of false does not necessarily mean the route is vulnerable to csrf attacks. It means the route can be accessed by session providers that are not automatically safe against csrf attacks, so the possibility of csrf attacks must be considered.
Definition at line 1195 of file Handler.php.
|
protected |
URL-encode titles in a "pretty" way.
Keeps intact ;$!*(),~: (urlencode does not, but wfUrlencode does). Encodes spaces as underscores (wfUrlencode does not). Encodes slashes (wfUrlencode does not, but keeping them messes with REST paths). Encodes pluses (this is not necessary, and may change).
| string | $title |
Definition at line 321 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\CreationHandler\mapActionModuleResponse().
| MediaWiki\Rest\Handler::validate | ( | Validator | $restValidator | ) |
Validate the request parameters/attributes and body.
If there is a validation failure, a response with an error message should be returned or an HttpException should be thrown.
| Validator | $restValidator |
| HttpException | On validation failure. |
Reimplemented in MediaWiki\Rest\Handler\EditHandler.
Definition at line 387 of file Handler.php.
References MediaWiki\Rest\Validator\Validator\validateBody(), MediaWiki\Rest\Validator\Validator\validateBodyParams(), and MediaWiki\Rest\Validator\Validator\validateParams().
| const MediaWiki\Rest\Handler::KNOWN_PARAM_SOURCES = Validator::KNOWN_PARAM_SOURCES |
Definition at line 30 of file Handler.php.
| const MediaWiki\Rest\Handler::OPENAPI_DESCRIPTION_KEY = 'description' |
Definition at line 42 of file Handler.php.
| const MediaWiki\Rest\Handler::PARAM_DESCRIPTION = Validator::PARAM_DESCRIPTION |
Definition at line 40 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\MediaLinksHandler\getParamSettings(), and MediaWiki\Rest\Handler\TransformHandler\getParamSettings().
| const MediaWiki\Rest\Handler::PARAM_SOURCE = Validator::PARAM_SOURCE |
Definition at line 35 of file Handler.php.
Referenced by MediaWiki\Rest\Validator\Validator\detectExtraneousBodyFields(), MediaWiki\Rest\SimpleHandler\execute(), MediaWiki\Rest\Validator\Validator\validateBodyParams(), and MediaWiki\Rest\Validator\Validator\validateParams().
1.10.0