X-Git-Url: https://scripts.mit.edu/gitweb/autoinstallsdev/mediawiki.git/blobdiff_plain/19e297c21b10b1b8a3acad5e73fc71dcb35db44a..6932310fd58ebef145fa01eb76edf7150284d8ea:/includes/media/SVGMetadataExtractor.php diff --git a/includes/media/SVGMetadataExtractor.php b/includes/media/SVGMetadataExtractor.php index 66ae1edf..9b22cbee 100644 --- a/includes/media/SVGMetadataExtractor.php +++ b/includes/media/SVGMetadataExtractor.php @@ -1,6 +1,6 @@ + * @author "Derk-Jan Hartman " * @author Brion Vibber * @copyright Copyright © 2010-2010 Brion Vibber, Derk-Jan Hartman * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License */ +/** + * @ingroup Media + */ class SVGMetadataExtractor { static function getMetadata( $filename ) { $svg = new SVGReader( $filename ); + return $svg->getMetadata(); } } +/** + * @ingroup Media + */ class SVGReader { const DEFAULT_WIDTH = 512; const DEFAULT_HEIGHT = 512; const NS_SVG = 'http://www.w3.org/2000/svg'; + const LANG_PREFIX_MATCH = 1; + const LANG_FULL_MATCH = 2; + /** @var null|XMLReader */ private $reader = null; + + /** @var bool */ private $mDebug = false; - private $metadata = Array(); + + /** @var array */ + private $metadata = []; + private $languages = []; + private $languagePrefixes = []; /** - * Constructor - * * Creates an SVGReader drawing from the source provided - * @param $source String: URI from which to read + * @param string $source URI from which to read + * @throws MWException|Exception */ function __construct( $source ) { global $wgSVGMetadataCutoff; @@ -55,12 +70,12 @@ class SVGReader { $size = filesize( $source ); if ( $size === false ) { throw new MWException( "Error getting filesize of SVG." ); - } + } if ( $size > $wgSVGMetadataCutoff ) { $this->debug( "SVG is $size bytes, which is bigger than $wgSVGMetadataCutoff. Truncating." ); $contents = file_get_contents( $source, false, null, -1, $wgSVGMetadataCutoff ); - if ($contents === false) { + if ( $contents === false ) { throw new MWException( 'Error reading SVG file.' ); } $this->reader->XML( $contents, null, LIBXML_NOERROR | LIBXML_NOWARNING ); @@ -68,135 +83,214 @@ class SVGReader { $this->reader->open( $source, null, LIBXML_NOERROR | LIBXML_NOWARNING ); } + // Expand entities, since Adobe Illustrator uses them for xmlns + // attributes (T33719). Note that libxml2 has some protection + // against large recursive entity expansions so this is not as + // insecure as it might appear to be. However, it is still extremely + // insecure. It's necessary to wrap any read() calls with + // libxml_disable_entity_loader() to avoid arbitrary local file + // inclusion, or even arbitrary code execution if the expect + // extension is installed (T48859). + $oldDisable = libxml_disable_entity_loader( true ); + $this->reader->setParserProperty( XMLReader::SUBST_ENTITIES, true ); + $this->metadata['width'] = self::DEFAULT_WIDTH; $this->metadata['height'] = self::DEFAULT_HEIGHT; + // The size in the units specified by the SVG file + // (for the metadata box) + // Per the SVG spec, if unspecified, default to '100%' + $this->metadata['originalWidth'] = '100%'; + $this->metadata['originalHeight'] = '100%'; + // Because we cut off the end of the svg making an invalid one. Complicated // try catch thing to make sure warnings get restored. Seems like there should // be a better way. - wfSuppressWarnings(); + MediaWiki\suppressWarnings(); try { $this->read(); - } catch( Exception $e ) { - wfRestoreWarnings(); + } catch ( Exception $e ) { + // Note, if this happens, the width/height will be taken to be 0x0. + // Should we consider it the default 512x512 instead? + MediaWiki\restoreWarnings(); + libxml_disable_entity_loader( $oldDisable ); throw $e; } - wfRestoreWarnings(); + MediaWiki\restoreWarnings(); + libxml_disable_entity_loader( $oldDisable ); } - /* - * @return Array with the known metadata + /** + * @return array Array with the known metadata */ public function getMetadata() { return $this->metadata; } - /* + /** * Read the SVG + * @throws MWException + * @return bool */ - public function read() { + protected function read() { $keepReading = $this->reader->read(); /* Skip until first element */ - while( $keepReading && $this->reader->nodeType != XmlReader::ELEMENT ) { + while ( $keepReading && $this->reader->nodeType != XMLReader::ELEMENT ) { $keepReading = $this->reader->read(); } if ( $this->reader->localName != 'svg' || $this->reader->namespaceURI != self::NS_SVG ) { - throw new MWException( "Expected tag, got ". + throw new MWException( "Expected tag, got " . $this->reader->localName . " in NS " . $this->reader->namespaceURI ); } $this->debug( " tag is correct." ); $this->handleSVGAttribs(); - $exitDepth = $this->reader->depth; + $exitDepth = $this->reader->depth; $keepReading = $this->reader->read(); while ( $keepReading ) { $tag = $this->reader->localName; $type = $this->reader->nodeType; - $isSVG = ($this->reader->namespaceURI == self::NS_SVG); + $isSVG = ( $this->reader->namespaceURI == self::NS_SVG ); $this->debug( "$tag" ); - if ( $isSVG && $tag == 'svg' && $type == XmlReader::END_ELEMENT && $this->reader->depth <= $exitDepth ) { + if ( $isSVG && $tag == 'svg' && $type == XMLReader::END_ELEMENT + && $this->reader->depth <= $exitDepth + ) { break; } elseif ( $isSVG && $tag == 'title' ) { $this->readField( $tag, 'title' ); } elseif ( $isSVG && $tag == 'desc' ) { $this->readField( $tag, 'description' ); - } elseif ( $isSVG && $tag == 'metadata' && $type == XmlReader::ELEMENT ) { + } elseif ( $isSVG && $tag == 'metadata' && $type == XMLReader::ELEMENT ) { $this->readXml( $tag, 'metadata' ); + } elseif ( $isSVG && $tag == 'script' ) { + // We normally do not allow scripted svgs. + // However its possible to configure MW to let them + // in, and such files should be considered animated. + $this->metadata['animated'] = true; } elseif ( $tag !== '#text' ) { $this->debug( "Unhandled top-level XML tag $tag" ); - if ( !isset( $this->metadata['animated'] ) ) { - // Recurse into children of current tag, looking for animation. - $this->animateFilter( $tag ); - } + // Recurse into children of current tag, looking for animation and languages. + $this->animateFilterAndLang( $tag ); } // Goto next element, which is sibling of current (Skip children). $keepReading = $this->reader->next(); } + $this->reader->close(); + + $this->metadata['translations'] = $this->languages + $this->languagePrefixes; + return true; } - /* + /** * Read a textelement from an element * - * @param String $name of the element that we are reading from - * @param String $metafield that we will fill with the result + * @param string $name Name of the element that we are reading from + * @param string $metafield Field that we will fill with the result */ - private function readField( $name, $metafield=null ) { - $this->debug ( "Read field $metafield" ); - if( !$metafield || $this->reader->nodeType != XmlReader::ELEMENT ) { + private function readField( $name, $metafield = null ) { + $this->debug( "Read field $metafield" ); + if ( !$metafield || $this->reader->nodeType != XMLReader::ELEMENT ) { return; } $keepReading = $this->reader->read(); - while( $keepReading ) { - if( $this->reader->localName == $name && $this->namespaceURI == self::NS_SVG && $this->reader->nodeType == XmlReader::END_ELEMENT ) { + while ( $keepReading ) { + if ( $this->reader->localName == $name + && $this->reader->namespaceURI == self::NS_SVG + && $this->reader->nodeType == XMLReader::END_ELEMENT + ) { break; - } elseif( $this->reader->nodeType == XmlReader::TEXT ){ + } elseif ( $this->reader->nodeType == XMLReader::TEXT ) { $this->metadata[$metafield] = trim( $this->reader->value ); } $keepReading = $this->reader->read(); } } - /* + /** * Read an XML snippet from an element * - * @param String $metafield that we will fill with the result + * @param string $metafield Field that we will fill with the result + * @throws MWException */ - private function readXml( $metafield=null ) { - $this->debug ( "Read top level metadata" ); - if( !$metafield || $this->reader->nodeType != XmlReader::ELEMENT ) { + private function readXml( $metafield = null ) { + $this->debug( "Read top level metadata" ); + if ( !$metafield || $this->reader->nodeType != XMLReader::ELEMENT ) { return; } - // TODO: find and store type of xml snippet. metadata['metadataType'] = "rdf" - $this->metadata[$metafield] = trim( $this->reader->readInnerXML() ); + // @todo Find and store type of xml snippet. metadata['metadataType'] = "rdf" + if ( method_exists( $this->reader, 'readInnerXML' ) ) { + $this->metadata[$metafield] = trim( $this->reader->readInnerXml() ); + } else { + throw new MWException( "The PHP XMLReader extension does not come " . + "with readInnerXML() method. Your libxml is probably out of " . + "date (need 2.6.20 or later)." ); + } $this->reader->next(); } - /* - * Filter all children, looking for animate elements + /** + * Filter all children, looking for animated elements. + * Also get a list of languages that can be targeted. * - * @param String $name of the element that we are reading from + * @param string $name Name of the element that we are reading from */ - private function animateFilter( $name ) { - $this->debug ( "animate filter" ); - if( $this->reader->nodeType != XmlReader::ELEMENT ) { + private function animateFilterAndLang( $name ) { + $this->debug( "animate filter for tag $name" ); + if ( $this->reader->nodeType != XMLReader::ELEMENT ) { + return; + } + if ( $this->reader->isEmptyElement ) { return; } - $exitDepth = $this->reader->depth; + $exitDepth = $this->reader->depth; $keepReading = $this->reader->read(); - while( $keepReading ) { - if( $this->reader->localName == $name && $this->reader->depth <= $exitDepth - && $this->reader->nodeType == XmlReader::END_ELEMENT ) { + while ( $keepReading ) { + if ( $this->reader->localName == $name && $this->reader->depth <= $exitDepth + && $this->reader->nodeType == XMLReader::END_ELEMENT + ) { break; - } elseif ( $this->reader->namespaceURI == self::NS_SVG && $this->reader->nodeType == XmlReader::ELEMENT ) { - switch( $this->reader->localName ) { + } elseif ( $this->reader->namespaceURI == self::NS_SVG + && $this->reader->nodeType == XMLReader::ELEMENT + ) { + $sysLang = $this->reader->getAttribute( 'systemLanguage' ); + if ( !is_null( $sysLang ) && $sysLang !== '' ) { + // See https://www.w3.org/TR/SVG/struct.html#SystemLanguageAttribute + $langList = explode( ',', $sysLang ); + foreach ( $langList as $langItem ) { + $langItem = trim( $langItem ); + if ( Language::isWellFormedLanguageTag( $langItem ) ) { + $this->languages[$langItem] = self::LANG_FULL_MATCH; + } + // Note, the standard says that any prefix should work, + // here we do only the initial prefix, since that will catch + // 99% of cases, and we are going to compare against fallbacks. + // This differs mildly from how the spec says languages should be + // handled, however it matches better how the MediaWiki language + // preference is generally handled. + $dash = strpos( $langItem, '-' ); + // Intentionally checking both !false and > 0 at the same time. + if ( $dash ) { + $itemPrefix = substr( $langItem, 0, $dash ); + if ( Language::isWellFormedLanguageTag( $itemPrefix ) ) { + $this->languagePrefixes[$itemPrefix] = self::LANG_PREFIX_MATCH; + } + } + } + } + switch ( $this->reader->localName ) { + case 'script': + // Normally we disallow files with + //