r111424 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r111423‎ \| r111424 \| r111425 >
Date:	21:36, 13 February 2012
Author:	wikinaut
Status:	deferred (Comments)
Tags:
Comment:	follow-up r111412 . Added the possibility of defining a whitelist of allowed Etherpad Lite servers; using wfMsgForContent
Modified paths:	/trunk/extensions/EtherpadLite/EtherpadLite.i18n.php (modified) (history) /trunk/extensions/EtherpadLite/EtherpadLite.php (modified) (history)

Diff [purge]

Index: trunk/extensions/EtherpadLite/EtherpadLite.php
—	—	@@ -64,7 +64,7 @@
65	65	'path' => __FILE__,
66	66	'name' => 'EtherpadLite',
67	67	'author' => array( 'Thomas Gries' ),
68		~~- 'version' => '1.05 20120213',~~
	68	+ 'version' => '1.06 20120213',
69	69	'url' => 'https://www.mediawiki.org/wiki/Extension:EtherpadLite',
70	70	'descriptionmsg' => 'etherpadlite-desc',
71	71	);
—	—	@@ -74,12 +74,6 @@
75	75	$wgExtensionMessagesFiles['EtherpadLite'] = $dir . 'EtherpadLite.i18n.php';
76	76	$wgHooks['ParserFirstCallInit'][] = 'wfEtherpadLiteParserInit';
77	77
78		~~-# https://www.mediawiki.org/wiki/Manual:Tag_extensions~~
79		~~-function wfEtherpadLiteParserInit( $parser ) {~~
80		~~- $parser->setHook('eplite', 'wfEtherpadLiteRender');~~
81		~~- return true;~~
82		-}
83		-
84	78	# Define a default Etherpad Lite server Url and base path
85	79	# this server is used unless a distinct server is defined by id="..."
86	80	$wgEtherpadLiteDefaultPadUrl = "http://beta.etherpad.org/p/";
—	—	@@ -91,12 +85,27 @@
92	86	$wgEtherpadLiteShowChat = true;
93	87	$wgEtherpadLiteShowAuthorColors = true;
94	88
	89	+# Whitelist of allowed Etherpad Lite server Urls
	90	+#
	91	+# If there are items in the array, and the user supplied URL is not in the array,
	92	+# the url will not be allowed (proposed in bug 27768 for Extension:RSS)
	93	+# Attention:
	94	+# Urls are case-sensitively tested against values in the array.
	95	+# They must exactly match including any trailing "/" character.
	96	+$wgEtherpadLiteUrlWhitelist = array();
	97	+
	98	+# https://www.mediawiki.org/wiki/Manual:Tag_extensions
	99	+function wfEtherpadLiteParserInit( $parser ) {
	100	+ $parser->setHook('eplite', 'wfEtherpadLiteRender');
	101	+ return true;
	102	+}
	103	+
95	104	function wfEtherpadLiteRender( $input, $args, $parser, $frame ) {
96	105
97	106	global $wgUser;
98	107	global $wgEtherpadLiteDefaultPadUrl, $wgEtherpadLiteDefaultWidth, $wgEtherpadLiteDefaultHeight,
99	108	$wgEtherpadLiteMonospacedFont, $wgEtherpadLiteShowControls, $wgEtherpadLiteShowLineNumbers,
100		~~- $wgEtherpadLiteShowChat, $wgEtherpadLiteShowAuthorColors;~~
	109	+ $wgEtherpadLiteShowChat, $wgEtherpadLiteShowAuthorColors, $wgEtherpadLiteUrlWhitelist;
101	110
102	111	# check the user input
103	112
—	—	@@ -132,8 +141,14 @@
133	142
134	143	$src = ( isset( $args['src'] ) ) ? $args['src'] : $wgEtherpadLiteDefaultPadUrl;
135	144
	145	+ # Anything from a parser tag should use Content lang for message,
	146	+ # since the cache doesn't vary by user language: do not use wfMsgForContent but wfMsgForContent
	147	+ if ( count( $wgEtherpadLiteUrlWhitelist ) && !in_array( $src, $wgEtherpadLiteUrlWhitelist ) ) {
	148	+ return wfMsgForContent( 'etherpadlite-url-is-not-whitelisted', htmlspecialchars( $src ) );
	149	+ }
	150	+
136	151	if ( !Http::isValidURI( $src ) ) {
137		~~- return wfMsg( 'etherpadlite-invalid-pad-url', htmlspecialchars( $src ) );~~
	152	+ return wfMsgForContent( 'etherpadlite-invalid-pad-url', htmlspecialchars( $src ) );
138	153	} else {
139	154	$args['src'] = Sanitizer::cleanUrl ( $src );
140	155	}
—	—	@@ -147,7 +162,7 @@
148	163	# just check again with the pad id appended
149	164
150	165	if ( !Http::isValidURI( $url ) ) {
151		~~- return wfMsg( 'etherpadlite-invalid-pad-url', htmlspecialchars( $url ) );~~
	166	+ return wfMsgForContent( 'etherpadlite-invalid-pad-url', htmlspecialchars( $url ) );
152	167	}
153	168
154	169	# preset the pad username from MediaWiki username or IP
Index: trunk/extensions/EtherpadLite/EtherpadLite.i18n.php
—	—	@@ -14,4 +14,5 @@
15	15	$messages['en'] = array(
16	16	'etherpadlite-desc' => 'Adds <eplite> parser tag to embed one or many Etherpad Lite pads (which are hosted on local or external Etherpad Lite server/s) on pages',
17	17	'etherpadlite-invalid-pad-url' => '"$1" is not a valid Etherpad Lite URL or pad name.',
	18	+ 'etherpadlite-url-is-not-whitelisted' => '"$1" is not in the whitelist of allowed Etherpad Lite servers.',
18	19	);

Follow-up revisions

Revision	Commit summary	Author	Date
r111437	follow-up r111424 - Simplify some of the security checks that were doing the ...	bawolff	00:53, 14 February 2012

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r111412	follow-up 111327 . here we got: using wfBoolToStr(), wfAppendUrl, Http::isVal...	wikinaut	20:22, 13 February 2012

Comments

#Comment by Bawolff (talk | contribs) 21:43, 13 February 2012

Other possibilities include making $wgEtherpadLiteUrlWhitelist an associative array, so then you can specify easy to remember aliases (such as the site name), user just has to specify, say "wikimedia", and then the extension could look up in $wgEtherpadLiteUrlWhitelist to find what server corresponds to "wikimedia", which might be easier for users than whole url. Just a thought.

#Comment by Wikinaut (talk | contribs) 21:51, 13 February 2012

I just "copied" from Extension:RSS.

An improvement would be the use of regular expressions to avoid potential problems of unmatched "/" or protocols ( "http://www.example.com" not matching "http://www.example.com/" and so on). Still room for improvement. For later.

#Comment by Bawolff (talk | contribs) 21:52, 13 February 2012

you can use wfParseUrl to get just the host part of url

#Comment by Wikinaut (talk | contribs) 22:24, 13 February 2012

for the time being, let's keep it as it is. Is it mature enough for an "ok" now ?

#Comment by Bawolff (talk | contribs) 23:51, 13 February 2012

To be nitpicky (as if i wasn't being nitpicky already ;) in code comment do not use wfMsgForContent but wfMsgForContent should be do not use wfMsg but wfMsgForContent. And I'm not sure about using Http::isValidURI (not this revision though) - that method is more to verify that the url is something that can be handled by the Http class (aka Http::get and friends) rather then to validate if its a valid uri. I personally think that preg_match( '/^(?:' . wfUrlProtocols() . ')/', $url ) would be a better test to check if its a url (bearing in mind that is also the test that Sanitizer::validateAttributes does).

Generally its preferred to instead of doing:

return wfMsgForContent( 'etherpadlite-invalid-pad-url', htmlspecialchars( $src ) );

return htmlspecialchars( wfMsgForContent( 'etherpadlite-invalid-pad-url', $src ) );

(Messages that can potentially output html are discouraged in new code.)

Otherwise it looks ok to me.

#Comment by Wikinaut (talk | contribs) 23:54, 13 February 2012

Hi Bawolf, can I (exceptionally) ask you to make the final shaping ? please

#Comment by 😂 (talk | contribs) 15:29, 14 February 2012

Exceptionally?

Status & tagging log

10:57, 15 February 2012 Hashar (talk | contribs) changed the status of r111424 [removed: new added: deferred]