}
/**
- * Returns JS code which runs given JS code if the client-side framework is
- * present.
+ * Wraps JavaScript code to run after startup and base modules.
*
- * @deprecated since 1.25; use makeInlineScript instead
* @param string $script JavaScript code
* @return string JavaScript code
*/
}
/**
- * Construct an inline script tag with given JS code.
+ * Returns an HTML script tag that runs given JS code after startup and base modules.
*
- * The code will be wrapped in a closure, and it will be executed by ResourceLoader
- * only if the client has adequate support for MediaWiki JavaScript code.
+ * The code will be wrapped in a closure, and it will be executed by ResourceLoader's
+ * startup module if the client has adequate support for MediaWiki JavaScript code.
*
* @param string $script JavaScript code
+ * @param string $nonce Content-security-policy nonce, from OutputPage::getCSPNonce()
* @return WrappedString HTML
*/
- public static function makeInlineScript( $script ) {
+ public static function makeInlineScript( $script, $nonce = null ) {
$js = self::makeLoaderConditionalScript( $script );
+ $escNonce = '';
+ if ( $nonce === null ) {
+ wfWarn( __METHOD__ . " did not get nonce. Will break CSP" );
+ } elseif ( $nonce !== false ) {
+ // If it was false, CSP is disabled, so no nonce attribute.
+ // Nonce should be only base64 characters, so should be safe,
+ // but better to be safely escaped than sorry.
+ $escNonce = ' nonce="' . htmlspecialchars( $nonce ) . '"';
+ }
+
return new WrappedString(
- Html::inlineScript( $js ),
- '<script>(window.RLQ=window.RLQ||[]).push(function(){',
+ Html::inlineScript( $js, $nonce ),
+ "<script$escNonce>(window.RLQ=window.RLQ||[]).push(function(){",
'});</script>'
);
}
/**
* Convert an array of module names to a packed query string.
*
- * For example, [ 'foo.bar', 'foo.baz', 'bar.baz', 'bar.quux' ]
- * becomes 'foo.bar,baz|bar.baz,quux'
+ * For example, `[ 'foo.bar', 'foo.baz', 'bar.baz', 'bar.quux' ]`
+ * becomes `'foo.bar,baz|bar.baz,quux'`.
+ *
+ * This process is reversed by ResourceLoaderContext::expandModuleNames().
+ * See also mw.loader#buildModulesString() which is a port of this, used
+ * on the client-side.
+ *
* @param array $modules List of module names (strings)
* @return string Packed query string
*/
public static function makePackedModulesString( $modules ) {
- $groups = []; // [ prefix => [ suffixes ] ]
+ $moduleMap = []; // [ prefix => [ suffixes ] ]
foreach ( $modules as $module ) {
$pos = strrpos( $module, '.' );
$prefix = $pos === false ? '' : substr( $module, 0, $pos );
$suffix = $pos === false ? $module : substr( $module, $pos + 1 );
- $groups[$prefix][] = $suffix;
+ $moduleMap[$prefix][] = $suffix;
}
$arr = [];
- foreach ( $groups as $prefix => $suffixes ) {
+ foreach ( $moduleMap as $prefix => $suffixes ) {
$p = $prefix === '' ? '' : $prefix . '.';
$arr[] = $p . implode( ',', $suffixes );
}
- $str = implode( '|', $arr );
- return $str;
+ return implode( '|', $arr );
}
/**
* @return array Map of variable names to string CSS values.
*/
public function getLessVars() {
- if ( !$this->lessVars ) {
- $lessVars = $this->config->get( 'ResourceLoaderLESSVars' );
- Hooks::run( 'ResourceLoaderGetLessVars', [ &$lessVars ] );
- $this->lessVars = $lessVars;
+ if ( $this->lessVars === null ) {
+ $this->lessVars = $this->config->get( 'ResourceLoaderLESSVars' );
}
return $this->lessVars;
}
dépôts / lhc / web / wiklou.git / blobdiff