r74961 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r74960‎ \| r74961 \| r74962 >
Date:	19:52, 18 October 2010
Author:	dale
Status:	deferred
Tags:
Comment:	* re factored withJS helper to global config for 'Mw.AppendWithJS ' * added regEx support to apiProxy domain list ** added all wikimedia projects domains to approved hosts ( so from any project users can edit or requests transcripts for subtitles on commons ) * some fixes to setConfig to better support arrays
Modified paths:	/branches/MwEmbedStandAlone/loader.js (modified) (history) /branches/MwEmbedStandAlone/modules/ApiProxy/ApiProxyPage.js (modified) (history) /branches/MwEmbedStandAlone/modules/ApiProxy/loader.js (modified) (history) /branches/MwEmbedStandAlone/modules/ApiProxy/mw.ApiProxy.js (modified) (history) /branches/MwEmbedStandAlone/modules/MiroSubs/loader.js (modified) (history) /branches/MwEmbedStandAlone/modules/Sequencer/mw.Sequencer.js (modified) (history) /branches/MwEmbedStandAlone/modules/Sequencer/mw.SequencerConfig.js (modified) (history) /branches/MwEmbedStandAlone/modules/Sequencer/remotes/mw.MediaWikiRemoteSequencer.js (modified) (history) /branches/MwEmbedStandAlone/mwEmbed.js (modified) (history) /branches/MwEmbedStandAlone/remotes/mediaWiki.js (modified) (history)

Diff [purge]

Index: branches/MwEmbedStandAlone/loader.js
—	—	@@ -97,7 +97,10 @@
98	98	'commons_apiurl' : 'http://commons.wikimedia.org/w/api.php',
99	99
100	100	// Set the default loader group strategy
101		~~- 'loader.groupStrategy' : 'module'~~
	101	+ 'loader.groupStrategy' : 'module',
	102	+
	103	+ // Default appendJS string ( not used outside of wikimedia gadget system )
	104	+ 'Mw.AppendWithJS' : false
102	105
103	106	} );
104	107
Index: branches/MwEmbedStandAlone/mwEmbed.js
—	—	@@ -83,8 +83,13 @@
84	84	}
85	85	// Check if we should "merge" the config
86	86	if( typeof value == 'object' && typeof mwConfig[ name ] == 'object' ) {
87		~~- for( var i in value ){~~
88		~~- mwConfig[ name ][ i ] = value[ i ];~~
	87	+ if ( value.constructor.toString().indexOf("Array") == -1 ){
	88	+ for( var i in value ){
	89	+ mwConfig[ name ][ i ] = value[ i ];
	90	+ }
	91	+ } else {
	92	+ // merge in the array
	93	+ mwConfig[ name ] = mwConfig[ name ].concat( value );
89	94	}
90	95	} else {
91	96	mwConfig[ name ] = value;
—	—	@@ -115,11 +120,16 @@
116	121	}
117	122	// Check if we should "merge" the config
118	123	if( typeof value == 'object' && typeof mwConfig[ name ] == 'object' ) {
119		~~- for( var i in value ){~~
120		~~- if( typeof mwConfig[ name ][ i ] == 'undefined' ){~~
121		~~- mwConfig[ name ][ i ] = value[ i ];~~
	124	+ if ( value.constructor.toString().indexOf("Array") == -1 ){
	125	+ for( var i in value ){
	126	+ if( typeof mwConfig[ name ][ i ] == 'undefined' ){
	127	+ mwConfig[ name ][ i ] = value[ i ];
	128	+ }
122	129	}
123		~~- }~~
	130	+ } else {
	131	+ // merge in the array
	132	+ mwConfig[ name ] = mwConfig[ name ].concat( value);
	133	+ }
124	134	}
125	135	};
126	136
—	—	@@ -1281,8 +1291,8 @@
1282	1292	*/
1283	1293	mw.log = function( string ) {
1284	1294	// Add any prepend debug strings if necessary
1285		~~- if ( mw.getConfig( 'pre-append-log' ) ){~~
1286		~~- string = mw.getConfig( 'pre-append-log' ) + string;~~
	1295	+ if ( mw.getConfig( 'Mw.LogPrepend' ) ){
	1296	+ string = mw.getConfig( 'Mw.LogPrepend' ) + string;
1287	1297	}
1288	1298
1289	1299	if ( window.console ) {
Index: branches/MwEmbedStandAlone/modules/MiroSubs/loader.js
—	—	@@ -41,8 +41,7 @@
42	42	$j( langMenu ).append(
43	43	$j.getLineItem( gM( 'mwe-mirosubs-add-universal-subtitles'), 'mirosubs', function() {
44	44	// Show loader
45		~~- mw.addLoaderDialog( gM('mwe-mirosubs-loading-universal-subtitles') );~~
46		-
	45	+ mw.addLoaderDialog( gM('mwe-mirosubs-loading-universal-subtitles') );
47	46	// Load miro subs:
48	47	mw.load( 'MiroSubs', function(){
49	48	// Open the mirosubs dialog:
Index: branches/MwEmbedStandAlone/modules/Sequencer/mw.Sequencer.js
—	—	@@ -363,7 +363,7 @@
364	364	.text( gM('mwe-sequencer-loading-player') ),
365	365	$j('<div />')
366	366	.addClass( "ui-layout-south mwseq-timeline" )
367		~~- .text( gM('mwe-sequencer-loading-timeline') )~~
	367	+ .text( gM('mwe-sequencer-loading-timeline') )
368	368	)
369	369	)
370	370	.children();
Index: branches/MwEmbedStandAlone/modules/Sequencer/mw.SequencerConfig.js
—	—	@@ -18,9 +18,6 @@
19	19	// If a the sequencer should open new windows
20	20	"Sequencer.SpawnNewWindows" : true,
21	21
22		~~- // If a the sequencer should include withJS=MediaWiki:mwEmbed in created urls~~
23		~~- "Sequencer.WithJsMwEmbedUrlHelper" : true,~~
24		-
25	22	// The size of the undo stack
26	23	"Sequencer.NumberOfUndos" : 100,
27	24
Index: branches/MwEmbedStandAlone/modules/Sequencer/remotes/mw.MediaWikiRemoteSequencer.js
—	—	@@ -37,13 +37,13 @@
38	38	* @param {String} url The url to be wrapped
39	39	*/
40	40	mw.getRemoteSequencerLink = function( url ){
41		~~- if( mw.getConfig( 'Sequencer.WithJsMwEmbedUrlHelper' ) ){~~
	41	+ if( mw.getConfig( 'Mw.AppendWithJS' ) ){
42	42	if( url.indexOf('?') == -1){
43	43	url+='?';
44	44	} else {
45	45	url+='&';
46	46	}
47		~~- url+='withJS=MediaWiki:MwEmbed.js';~~
	47	+ url+= mw.getConfig( 'Mw.AppendWithJS' );
48	48	}
49	49	return url;
50	50	};
—	—	@@ -310,7 +310,7 @@
311	311	displayPlayerEmbed: function(){
312	312	var _this = this;
313	313	// load the embedPlayer module:
314		~~- mw.load( 'EmbedPlayer', function(){~~
	314	+ mw.load('EmbedPlayer', function(){
315	315	// Check if the sequence has been flattened and is up to date:
316	316	var request = {
317	317	'action': 'query',
Index: branches/MwEmbedStandAlone/modules/ApiProxy/loader.js
—	—	@@ -2,6 +2,19 @@
3	3
4	4	// Wrap in mw to not pollute global namespace
5	5	( function( mw ) {
	6	+
	7	+ // Set the default allowable domains for api proxy
	8	+ mw.setDefaultConfig({
	9	+ // Black list domains
	10	+ 'ApiProxy.DomainBlackList' : [],
	11	+
	12	+ // White list domains
	13	+ 'ApiProxy.DomainWhiteList' : [
	14	+ 'localhost',
	15	+ '127.1.1.100'
	16	+ ]
	17	+ });
	18	+
6	19	mw.addResourcePaths( {
7	20	"mw.ApiProxy" : "mw.ApiProxy.js"
8	21	} );
Index: branches/MwEmbedStandAlone/modules/ApiProxy/ApiProxyPage.js
—	—	@@ -8,37 +8,14 @@
9	9	* Since this is proxy server set a pre-append debug flag to know which debug msgs are coming from where
10	10	*/
11	11
12		~~-mw.setConfig( 'pre-append-log', 'Proxy:');~~
13		-
14		~~-if ( !mwApiProxyConfig ){~~
15		~~- var mwApiProxyConfig = { };~~
16		-}
	12	+mw.setConfig( 'Mw.LogPrepend', 'Proxy:');
17	13
18		~~-// The default mwApiProxyConfig config~~
19		~~-// xxx todo whitelist all inter-wiki actions~~
20		~~-var mwApiProxyDefaultConfig = {~~
21		~~- 'master_whitelist' : [~~
22		~~- 'en.wikipedia.org',~~
23		~~- 'commons.wikimedia.org',~~
24		~~- 'usability.wikimedia.org',~~
25		~~- 'prototype.wikimedia.org',~~
26		~~- 'localhost',~~
27		~~- '127.1.1.100'~~
28		~~- ],~~
29		~~- 'master_blacklist' : []~~
30		~~-};~~
31		-
32		~~-// User white_list should also be checked and configured at runtime.~~
33		~~-mw.ready( function() {~~
34		~~- // Build our configuration from the default and mwApiProxyConfig vars~~
35		~~- mwApiProxyConfig = $j.extend( true, mwApiProxyDefaultConfig, mwApiProxyConfig );~~
36		~~- mw.setConfig( 'apiProxyConfig', mwApiProxyConfig);~~
37		-
38		~~- // Do a setTimeout to 0 to call after other zero delay async events~~
39		~~- // ( once everyone is doing buildout within mwsetup prior to .ready this won't be needed. )~~
	14	+// The default allowable domain list is stored in the loader.js configuration.
	15	+
	16	+mw.ready( function() {
40	17	mw.log( 'load ApiProxy' );
41	18	mw.load( 'ApiProxy', function() {
42		~~- //Clear out the page content ( not needed for iframe proxy )~~
	19	+ // Clear out the page content ( not needed for iframe proxy )
43	20	$j( 'body' ).html( '' );
44	21	mw.ApiProxy.server();
45	22	} );
Index: branches/MwEmbedStandAlone/modules/ApiProxy/mw.ApiProxy.js
—	—	@@ -219,7 +219,7 @@
220	220
221	221	// Return the name of the browseFile frame
222	222	return iFrameName;
223		~~- }~~
	223	+ };
224	224
225	225	/**
226	226	* Output a server msg to a server iFrame
—	—	@@ -259,7 +259,7 @@
260	260	}, function( ) {
261	261	mw.log( "sendServerMsg iframe done loading" );
262	262	} );
263		~~- }~~
	263	+ };
264	264
265	265	/**
266	266	* The nested iframe action that passes its result back up to the top frame instance
—	—	@@ -304,7 +304,7 @@
305	305	if( context.callback ){
306	306	context.callback( resultObject );
307	307	}
308		~~- }~~
	308	+ };
309	309
310	310
311	311	/**
—	—	@@ -326,7 +326,7 @@
327	327	serverSendUploadHandlerAction( frameMsg.uiAction );
328	328	break;
329	329	}
330		~~- }~~
	330	+ };
331	331
332	332	/**
333	333	* Api server proxy entry point:
—	—	@@ -368,7 +368,7 @@
369	369
370	370	// Return the proxy context
371	371	return proxyContext [ contextKey ];
372		~~- }~~
	372	+ };
373	373
374	374	/**
375	375	* Get a context from a contextKey
—	—	@@ -382,7 +382,7 @@
383	383	return false;
384	384	}
385	385	return proxyContext [ contextKey ];;
386		~~- }~~
	386	+ };
387	387
388	388	/**
389	389	* Get the client frame path
—	—	@@ -400,7 +400,7 @@
401	401	// Update the context to include the nestedCallbackFlag flag in the request
402	402	return nestedServerFrame;
403	403	}
404		~~- }~~
	404	+ };
405	405
406	406	/**
407	407	* Get the server Frame path per requested Api url
—	—	@@ -417,7 +417,7 @@
418	418	* @param {URL} apiUrl The url of the api server
419	419	*/
420	420	// Include gadget js ( in case the user has not enabled the gadget on that domain )
421		~~- var gadgetWithJS = '?withJS=MediaWiki:MwEmbed.js';~~
	421	+
422	422	//var gadgetWithJS = '';
423	423
424	424	function getServerFrame( context ) {
—	—	@@ -427,10 +427,15 @@
428	428	}
429	429	var parsedUrl = mw.parseUri( context.apiUrl );
430	430
431		~~- var pageName = ( context.pageName ) ? context.pageName : 'ApiProxy'~~
	431	+ var pageName = ( context.pageName ) ? context.pageName : 'ApiProxy';
432	432
433		~~- return parsedUrl.protocol + '://' + parsedUrl.authority~~
434		~~- + '/w/index.php/MediaWiki:' + pageName + gadgetWithJS;~~
	433	+ var pageUrl = parsedUrl.protocol + '://' + parsedUrl.authority
	434	+ + '/w/index.php/MediaWiki:' + pageName;
	435	+
	436	+ if( mw.getConfig( 'Mw.AppendWithJS' ) ){
	437	+ pageUrl+= '?' + mw.getConfig( 'Mw.AppendWithJS' );
	438	+ }
	439	+ return pageUrl;
435	440	}
436	441
437	442	/**
—	—	@@ -483,9 +488,9 @@
484	489	mw.log('Client frame: ' + clientRequest.clientFrame );
485	490
486	491	/**
487		~~- * HERE WE CHECK IF THE DOMAIN IS ALLOWED per the proxyConfig~~
488		~~- */~~
489		~~- return isAllowedClientFrame( clientRequest.clientFrame );~~
	492	+ * CHECK IF THE DOMAIN IS ALLOWED per the ApiProxy config:
	493	+ */
	494	+ return isAllowedClientFrame( clientRequest.clientFrame );;
490	495	}
491	496
492	497	/**
—	—	@@ -495,29 +500,54 @@
496	501	function isAllowedClientFrame( clientFrame ) {
497	502	var clientDomain = mw.parseUri( clientFrame ).host ;
498	503	// Get the proxy config
499		~~- var proxyConfig = mw.getConfig( 'apiProxyConfig' );~~
500	504
501	505	// Check master blacklist
502		~~- for ( var i in proxyConfig.master_blacklist ) {~~
503		~~- if ( clientDomain == proxyConfig.master_blacklist ) {~~
504		~~- mw.log( 'domain: ' + clientDomain + ' is blacklisted ( no request )' );~~
505		~~- return false;~~
506		~~- }~~
507		~~- }~~
	506	+ if( mw.getConfig('ApiProxy.DomainBlackList') && mw.getConfig('ApiProxy.DomainBlackList').length ){
	507	+ var domainBlackList = mw.getConfig('ApiProxy.DomainBlackList');
	508	+ for ( var i =0; i < domainBlackList.length; i++ ) {
	509	+ var blackDomain = domainBlackList[i];
	510	+ // Check if domain check is a RegEx:
	511	+ if( typeof blackDomain == 'object' ){
	512	+ if( clientDomain.match( blackDomain ) ){
	513	+ return false;
	514	+ }
	515	+ } else {
	516	+ // just do a direct domain check:
	517	+ if( clientDomain == blackDomain ){
	518	+ return false;
	519	+ }
	520	+ }
	521	+ }
	522	+ }
	523	+
508	524	// Check the master whitelist:
509		~~- for ( var i in proxyConfig.master_whitelist ) {~~
510		~~- if ( clientDomain == proxyConfig.master_whitelist[ i ] ) {~~
511		~~- return true;~~
	525	+ if( mw.getConfig('ApiProxy.DomainWhiteList') && mw.getConfig('ApiProxy.DomainWhiteList').length ){
	526	+ var domainWhiteList = mw.getConfig('ApiProxy.DomainWhiteList');
	527	+ for ( var i =0; i < domainWhiteList.length; i++ ) {
	528	+ whiteDomain = domainWhiteList[i];
	529	+ // Check if domain check is a RegEx:
	530	+ if( typeof whiteDomain == 'object' ){
	531	+ if( clientDomain.match( whiteDomain ) ) {
	532	+ return true;
	533	+ }
	534	+ } else {
	535	+ if( clientDomain == whiteDomain ){
	536	+ return true;
	537	+ }
	538	+ }
512	539	}
513	540	}
	541	+
514	542	// FIXME Add in user based approval ::
515	543
516	544	// FIXME offer the user the ability to "approve" requested domain save to
517	545	// their user preference setup )
518	546
519	547	// FIXME grab and check domain against the users whitelist and permissions
	548	+
	549	+ // for now just return false if the domain is not in the approved list
520	550	return false;
521		~~- }~~
	551	+ };
522	552
523	553	/**
524	554	* Get the client request from the document hash
—	—	@@ -532,7 +562,7 @@
533	563	mw.log( "ProxyServer:: could not parse anchor" );
534	564	return false;
535	565	}
536		~~- }~~
	566	+ };
537	567
538	568	/**
539	569	* Dialog to send the user if a proxy to the remote server could not be created
—	—	@@ -587,7 +617,7 @@
588	618	'content' : $dialogMsg,
589	619	'buttons' : buttons
590	620	})
591		~~- }~~
	621	+ };
592	622
593	623	/**
594	624	* API iFrame Server::
—	—	@@ -619,7 +649,7 @@
620	650	}
621	651	mw.log( "Error could not handle client request" );
622	652	return false;
623		~~- }~~
	653	+ };
624	654
625	655	/**
626	656	* Api iFrame request:
Index: branches/MwEmbedStandAlone/remotes/mediaWiki.js
—	—	@@ -4,7 +4,7 @@
5	5	*/
6	6	var urlparts = getRemoteEmbedPath();
7	7	var mwEmbedHostPath = urlparts[0];
8		~~-var mwRemoteVersion = 'r165';~~
	8	+var mwRemoteVersion = 'r167';
9	9	var mwUseScriptLoader = true;
10	10
11	11	// Log the mwRemote version makes it easy to debug cache issues
—	—	@@ -72,17 +72,31 @@
73	73	/*******************************
74	74	* Wikimedia specific config
75	75	********************************/
	76	+// The player should attribute kaltura
	77	+mw.setConfig( 'EmbedPlayer.KalturaAttribution', true );
	78	+
	79	+//The sequencer clips should include attribution 'edit sequence' link on pause
76	80	mw.setConfig( 'Sequencer.KalturaPlayerEditOverlay', true );
77		~~-mw.setConfig( 'Sequencer.WithJsMwEmbedUrlHelper', true );~~
78		~~-mw.setConfig( 'EmbedPlayer.KalturaAttribution', true );~~
	81	+
	82	+// If the swarm p2p transport stream should be used for clients that have it installed
79	83	mw.setConfig( 'SwarmTransport.Enable', true );
	84	+
	85	+// Sequencer should only load asset from upload.wikimedia.org:
80	86	mw.setConfig( 'SmilPlayer.AssetDomainWhiteList', ['upload.wikimedia.org'] );
81	87
	88	+// Gadgets should append withJS to requests where we need to re-invoke the gadget on a different page
	89	+// NOTE this is REQUIRED for apiProxy to work across projects where the user has not universally enabled the gadget
	90	+mw.setConfig( 'Mw.AppendWithJS', 'withJS=MediaWiki:MwEmbed.js');
82	91
	92	+// Allow all wikimedia regEx domains matches to support api-proxy requests
	93	+// NOTE remember to put $ at the end of the domain or it would match en.wikipedia.org.evil.com
	94	+mw.setConfig( 'ApiProxy.DomainWhiteList',
	95	+ [ /wikimedia\.org$/ , /wikipedia\.org$/ , /wiktionary.org$/ , /wikinews.org$/ , /wikibooks.org$/ , /wikisource.org$/ , /wikiversity.org$/ , /wikiquote.org$/ ]
	96	+);
83	97
84	98
85	99	// Use wikibits onLoad hook: ( since we don't have js2 / mw object loaded )
86		~~-if( window.jQuery ){~~
	100	+if( window.jQuery ){
87	101	jQuery( document ).ready( doPageSpecificRewrite );
88	102	} else {
89	103	addOnloadHook( function() {

Status & tagging log

19:31, 21 November 2010 Reedy (talk | contribs) changed the status of r74961 [removed: new added: deferred]