https://www.mediawiki.org/wiki/Special:Code/MediaWiki/113297
Revision: 113297
Author: wikinaut
Date: 2012-03-07 21:06:35 +0000 (Wed, 07 Mar 2012)
Log Message:
-----------
fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but
htmlescaped'; tolerated controlled regression bug30377 'feed item length
limitation', because this now becomes very tricky when we allow some tags in
order to close bug 34763.
Modified Paths:
--------------
trunk/extensions/RSS/RELEASE-NOTES
trunk/extensions/RSS/RSS.php
trunk/extensions/RSS/RSSParser.php
Modified: trunk/extensions/RSS/RELEASE-NOTES
===================================================================
--- trunk/extensions/RSS/RELEASE-NOTES 2012-03-07 21:06:07 UTC (rev 113296)
+++ trunk/extensions/RSS/RELEASE-NOTES 2012-03-07 21:06:35 UTC (rev 113297)
@@ -11,6 +11,13 @@
(otherwise using the defaults - PHP will abort the entire program when your
memory usage gets too high)
+=== Version 2.12 2012-03-07 ===
+* bug fix 34763 "RSS feed items (HTML) are not rendered as HTML but
htmlescaped"
+* regression bug 30377 "Add a new parameter to limit the number of characters
+ when rendering the channel item <description>". Feed item string length
+ limitation is difficult when we allow HTML <a> or <img> tags, because a mere
+ content-unaware limitation breaks (can break) tags which results in
disastrous
+ rendering results.
=== Version 2.11 2012-02-29 ===
* function name typo correction
Modified: trunk/extensions/RSS/RSS.php
===================================================================
--- trunk/extensions/RSS/RSS.php 2012-03-07 21:06:07 UTC (rev 113296)
+++ trunk/extensions/RSS/RSS.php 2012-03-07 21:06:35 UTC (rev 113297)
@@ -4,7 +4,7 @@
*
* @file
* @ingroup Extensions
- * @version 2.11
+ * @version 2.12
* @author mutante, Daniel Kinzler, Rdb, Mafs, Thomas Gries, Alxndr, Chris
Reigrut, K001
* @author Kellan Elliott-McCrea <[email protected]> -- author of MagpieRSS
* @author Jeroen De Dauw
@@ -14,7 +14,7 @@
* @link http://www.mediawiki.org/wiki/Extension:RSS Documentation
*/
-define( "EXTENSION_RSS_VERSION", "2.11 20120229" );
+define( "EXTENSION_RSS_VERSION", "2.12 20120307" );
if ( !defined( 'MEDIAWIKI' ) ) {
die( "This is not a valid entry point.\n" );
@@ -93,5 +93,12 @@
// limit the number of characters in the item description
// or set to false for unlimited length.
-// $wgRSSItemMaxLength = false;
+// THIS IS CURRENTLY NOT WORKING (bug 30377)
$wgRSSItemMaxLength = false;
+
+// You can choose to allow active links in feed items; default: false
+$wgRSSAllowLinkTag = false;
+
+// If you want to see images in feed items, then you need to globally allow
+// image tags in your wiki by using the MediaWiki parameter; default: false
+// $wgAllowImageTag = true;
Modified: trunk/extensions/RSS/RSSParser.php
===================================================================
--- trunk/extensions/RSS/RSSParser.php 2012-03-07 21:06:07 UTC (rev 113296)
+++ trunk/extensions/RSS/RSSParser.php 2012-03-07 21:06:35 UTC (rev 113297)
@@ -312,6 +312,14 @@
return $ret;
}
+ function sandboxParse($wikiText) {
+ global $wgTitle, $wgUser;
+ $myParser = new Parser();
+ $myParserOptions = ParserOptions::newFromUser($wgUser);
+ $result = $myParser->parse($wikiText, $wgTitle,
$myParserOptions);
+ return $result->getText();
+ }
+
/**
* Render the entire feed so that each item is passed to the
* template which the MediaWiki then displays.
@@ -320,7 +328,7 @@
* @param $frame the frame param to pass to recursiveTagParse()
*/
function renderFeed( $parser, $frame ) {
-
+
$renderedFeed = '';
if ( isset( $this->itemTemplate ) && isset( $parser ) && isset(
$frame ) ) {
@@ -336,15 +344,15 @@
}
if ( $this->canDisplay( $item ) ) {
- $renderedFeed .= $this->renderItem(
$item ) . "\n";
+ $renderedFeed .= $this->renderItem(
$item, $parser ) . "\n";
$headcnt++;
}
}
- $renderedFeed = $parser->recursiveTagParse(
$renderedFeed, $frame );
+ $renderedFeed = $this->sandboxParse( $renderedFeed );
- }
-
+ }
+
return $renderedFeed;
}
@@ -353,7 +361,7 @@
*
* @param $item Array: an array produced by RSSData where keys are the
names of the RSS elements
*/
- protected function renderItem( $item ) {
+ protected function renderItem( $item, $parser ) {
$renderedItem = $this->itemTemplate;
@@ -385,12 +393,14 @@
$renderedItem = str_replace( '{{{date}}}',
$txt, $renderedItem );
break;
default:
- $str = $this->escapeTemplateParameter(
$item[$info] );
+ $str = $this->escapeTemplateParameter(
$item[$info] );
+ /***
if ( mb_strlen( $str ) > $this->ItemMaxLength )
{
$str = mb_substr( $str, 0,
$this->ItemMaxLength ) . " ...";
}
+ ***/
$txt = $this->highlightTerms( $str );
- $renderedItem = str_replace( '{{{' . $info .
'}}}', $txt, $renderedItem );
+ $renderedItem = str_replace( '{{{' . $info .
'}}}', $parser->insertStripItem( $str ), $renderedItem );
}
}
@@ -434,41 +444,60 @@
* to the other kinds of markup, to avoid user input ending a template
* invocation.
*
- * We change differently flavoured <p> and <br> tags to effective <br>
tags,
- * other tags such as <a> will be rendered html-escaped.
+ * If you want to allow clickable link Urls (HTML <a> tag) in RSS feeds:
+ * $wgRSSAllowLinkTag = true;
*
+ * If you want to allow images (HTML <img> tag) in RSS feeds:
+ * $wgAllowImageTag = true;
+ *
*/
protected function escapeTemplateParameter( $text ) {
- $text = str_replace(
- array( '[', '|', ']', '\'', 'ISBN ',
- 'RFC ', '://', "\n=", '{{',
'}}',
- ),
- array( '[', '|', ']', ''',
'ISBN ',
- 'RFC ', '://', "\n=",
'{{', '}}',
- ),
- htmlspecialchars( str_replace( "\n", "", $text ) )
- );
+ global $wgRSSAllowLinkTag, $wgAllowImageTag;
- // keep some basic layout tags
- $text = str_replace(
- array( '<p>', '</p>',
- '<br/>', '<br>', '</br>',
- '<b>', '</b>',
- '<i>', '</i>',
- '<u>', '</u>',
- '<s>', '</s>',
- ),
- array( "", "<br/>",
- "<br/>", "<br/>", "<br/>",
- "'''", "'''",
- "''", "''",
- "<u>", "</u>",
- "<s>", "</s>",
- ),
- $text
- );
+ if ( isset( $wgRSSAllowLinkTag ) && $wgRSSAllowLinkTag ) {
+ $extra = array( "a" );
+ } else {
+ $extra = array();
+ }
- return $text;
+ if ( ( isset( $wgRSSAllowLinkTag ) && $wgRSSAllowLinkTag )
+ || ( isset( $wgAllowImageTag ) && $wgAllowImageTag ) ) {
+
+ $ret = Sanitizer::removeHTMLtags( $text, null, array(),
$extra, array( "iframe" ) );
+
+ } else { // use the old escape method for a while
+
+ $text = str_replace(
+ array( '[', '|', ']', '\'',
'ISBN ',
+ 'RFC ', '://', "\n=", '{{',
'}}',
+ ),
+ array( '[', '|', ']', ''',
'ISBN ',
+ 'RFC ', '://', "\n=",
'{{', '}}',
+ ),
+ htmlspecialchars( str_replace( "\n", "", $text
) )
+ );
+
+ // keep some basic layout tags
+ $ret = str_replace(
+ array( '<p>', '</p>',
+ '<br/>', '<br>',
'</br>',
+ '<b>', '</b>',
+ '<i>', '</i>',
+ '<u>', '</u>',
+ '<s>', '</s>',
+ ),
+ array( "", "<br/>",
+ "<br/>", "<br/>", "<br/>",
+ "'''", "'''",
+ "''", "''",
+ "<u>", "</u>",
+ "<s>", "</s>",
+ ),
+ $text
+ );
+ }
+
+ return $ret;
}
/**
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
