r72179 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r72178‎ \| r72179 \| r72180 >
Date:	23:47, 1 September 2010
Author:	dale
Status:	deferred
Tags:
Comment:	* added domain restriction support for assets * restrict wikimedia usage to upload.wikimedia.org
Modified paths:	/branches/MwEmbedStandAlone/modules/Sequencer/Sequencer.i18n.php (modified) (history) /branches/MwEmbedStandAlone/modules/Sequencer/mw.SequencerConfig.js (modified) (history) /branches/MwEmbedStandAlone/modules/Sequencer/remotes/mw.MediaWikiRemoteSequencer.js (modified) (history) /branches/MwEmbedStandAlone/modules/SmilPlayer/loader.js (modified) (history) /branches/MwEmbedStandAlone/modules/SmilPlayer/mw.Smil.js (modified) (history) /branches/MwEmbedStandAlone/remotes/mediaWiki.js (modified) (history)

Diff [purge]

Index: branches/MwEmbedStandAlone/modules/SmilPlayer/loader.js
—	—	@@ -6,7 +6,14 @@
7	7
8	8	mw.setDefaultConfig( {
9	9	// The framerate for the smil player
10		~~- 'SmilPlayer.framerate': 30~~
	10	+ 'SmilPlayer.framerate': 30,
	11	+
	12	+ // Array of Asset approved domains or keyword '*' for no restriction
	13	+ // Before any asset is displayed its domain is checked against this array of wildcard domains
	14	+ // Additionally best effort is made to check any text/html asset references
	15	+ // for example [ '*.wikimedia.org', 'en.wikipeida.org']
	16	+ 'SmilPlayer.AssetDomainWhiteList' : '*'
	17	+
11	18	} );
12	19
13	20	mw.addResourcePaths( {
Index: branches/MwEmbedStandAlone/modules/SmilPlayer/mw.Smil.js
—	—	@@ -367,7 +367,23 @@
368	368	getAssetUrl : function( assetPath ) {
369	369	// Context url is the smil document url:
370	370	var contextUrl = mw.absoluteUrl(this.smilContextUrl);
371		~~- return mw.absoluteUrl(assetPath, contextUrl);~~
	371	+ var absoluteUrl = mw.absoluteUrl(assetPath, contextUrl);
	372	+ // Restrict any display url
	373	+ if( mw.getConfig( 'SmilPlayer.AssetDomainWhiteList' ) != '*' ){
	374	+ var approvedDomainList = mw.getConfig( 'SmilPlayer.AssetDomainWhiteList' );
	375	+ var approved = false;
	376	+ for( var i =0; i < approvedDomainList.length; i++){
	377	+ if( mw.parseUri( absoluteUrl ).host == approvedDomainList[i] ){
	378	+ approved = true;
	379	+ }
	380	+ }
	381	+ if( ! approved ){
	382	+ mw.log("Error: getAssetUrl: Asset url " + absoluteUrl + ' is not smil player asset domains:' + approvedDomainList);
	383	+ return mw.getConfig('imagesPath') + 'vid_default_thumb.jpg';
	384	+ }
	385	+ }
	386	+
	387	+ return absoluteUrl;
372	388	},
373	389
374	390	/**
Index: branches/MwEmbedStandAlone/modules/Sequencer/Sequencer.i18n.php
—	—	@@ -15,7 +15,7 @@
16	16
17	17	'mwe-sequencer-visual-editor'=> "Visual sequence editor",
18	18	'mwe-sequencer-text-editor-warn'=> 'Text XML editor ( not recommended ) ',
19		~~- 'mwe-sequencer-restore-text-edit' => '[$1 Restore text editor] ( note this <i>highly</i> recommended that you use the visual editor )',~~
	19	+ 'mwe-sequencer-restore-text-edit' => '[$1 Restore text editor] ( It\'s <i>highly</i> recommended that you use the visual editor',
20	20
21	21	'mwe-sequencer-loading-timeline' => 'Loading timeline ...',
22	22	'mwe-sequencer-loading-player' => 'Loading player ...',
Index: branches/MwEmbedStandAlone/modules/Sequencer/mw.SequencerConfig.js
—	—	@@ -38,12 +38,6 @@
39	39	"Sequencer.TimelineTrackHeight" : 100,
40	40
41	41	// Default timeline audio or collapsed timeline height
42		~~- "Sequencer.TimelineColapsedTrackSize" : 35,~~
43		-
44		~~- // Asset domain restriction array of domains or keyword 'none'~~
45		~~- // Before any asset is displayed its domain is checked against this array of wildcard domains~~
46		~~- // Additionally best effort is made to check any text/html asset references~~
47		~~- // for example [ '*.wikimedia.org', 'en.wikipeida.org']~~
48		~~- "Sequencer.DomainRestriction" : 'none'~~
	42	+ "Sequencer.TimelineColapsedTrackSize" : 35
49	43	})
50	44
\ No newline at end of file
Index: branches/MwEmbedStandAlone/modules/Sequencer/remotes/mw.MediaWikiRemoteSequencer.js
—	—	@@ -89,11 +89,11 @@
90	90	// pause event should fire
91	91	mw.remoteSequencerAddEditOverlay( embedPlayerId );
92	92
93		~~- // show the credits screen after 3 seconds~~
	93	+ // show the credits screen after 3 seconds 1/2 second to fade in
94	94	setTimeout(function(){
95	95	$j( embedPlayer ).siblings( '.kalturaEditOverlay' ).fadeOut( 'fast' );
96	96	embedPlayer.$interface.find('.k-menu').fadeIn('fast');
97		~~- }, 3000)~~
	97	+ }, 3500)
98	98
99	99	// On end runs before interface bindings (give the dom 10ms to build out the menu )
100	100	setTimeout(function(){
—	—	@@ -519,7 +519,7 @@
520	520	'titleKey' : wgPageName,
521	521	'pagePathUrl' : wgServer + wgArticlePath,
522	522	'userName' : wgUserName
523		~~- },~~
	523	+ },
524	524	// Set the add media wizard to only include commons:
525	525	addMedia : {
526	526	'enabled_providers':[ 'wiki_commons' ],
Index: branches/MwEmbedStandAlone/remotes/mediaWiki.js
—	—	@@ -67,6 +67,24 @@
68	68	}
69	69	}
70	70
	71	+
	72	+
	73	+
	74	+
	75	+/*******************************
	76	+* Wikimedia specific config
	77	+********************************/
	78	+mw.setConfig( 'Sequencer.KalturaPlayerEditOverlay', true );
	79	+mw.setConfig( 'SwarmTransport.Enable', true );
	80	+mw.setConfig( 'SmilPlayer.AssetDomainWhiteList', ['upload.wikimedia.org'] );
	81	+
	82	+
	83	+
	84	+
	85	+
	86	+
	87	+
	88	+
71	89	// Use wikibits onLoad hook: ( since we don't have js2 / mw object loaded )
72	90	addOnloadHook( function() {
73	91	doPageSpecificRewrite();

Status & tagging log

13:59, 3 September 2010 😂 (talk | contribs) changed the status of r72179 [removed: new added: deferred]