/**
* @suppress SecurityCheck-XSS Non html mime type
+ * @return string|null
*/
function onView() {
$this->getOutput()->disable();
$config = $this->context->getConfig();
if ( !$request->checkUrlExtension() ) {
- return;
+ return null;
}
if ( $this->getOutput()->checkLastModified( $this->page->getTouched() ) ) {
- return; // Client cache fresh and headers sent, nothing more to do.
+ return null; // Client cache fresh and headers sent, nothing more to do.
}
$contentType = $this->getContentType();
// Set standard Vary headers so cache varies on cookies and such (T125283)
$response->header( $this->getOutput()->getVaryHeader() );
- if ( $config->get( 'UseKeyHeader' ) ) {
- $response->header( $this->getOutput()->getKeyHeader() );
- }
// Output may contain user-specific data;
// vary generated content for open sessions on private wikis
$rootPage = strtok( $title->getText(), '/' );
$userFromTitle = User::newFromName( $rootPage, 'usable' );
if ( !$userFromTitle || $userFromTitle->getId() === 0 ) {
- $elevated = $this->getUser()->isAllowed( 'editinterface' );
+ $elevated = MediaWikiServices::getInstance()->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'editinterface' );
$elevatedText = $elevated ? 'by elevated ' : '';
$log = LoggerFactory::getInstance( "security" );
$log->warning(
}
echo $text;
+
+ return null;
}
/**
* @return string
*/
public function getContentType() {
- // Use getRawVal instead of getVal because we only
- // need to match against known strings, there is no
- // storing of localised content or other user input.
+ // Optimisation: Avoid slow getVal(), this isn't user-generated content.
$ctype = $this->getRequest()->getRawVal( 'ctype' );
if ( $ctype == '' ) {