MediaWiki
master
|
Api module to receive and log CSP violation reports. More...
Public Member Functions | |
execute () | |
Logs a content-security-policy violation report from web browser. More... | |
getAllowedParams () | |
isInternal () | |
Mark as internal. More... | |
isReadMode () | |
Even if you don't have read rights, we still want your report. More... | |
isWriteMode () | |
mustBePosted () | |
shouldCheckMaxLag () | |
Doesn't touch db, so max lag should be rather irrelavent. More... | |
Public Member Functions inherited from ApiBase | |
__construct (ApiMain $mainModule, $moduleName, $modulePrefix= '') | |
execute () | |
Evaluates the parameters, performs the requested query, and sets up the result. More... | |
getModuleManager () | |
Get the module manager, or null if this module has no sub-modules. More... | |
getCustomPrinter () | |
If the module may only be used with a certain format module, it should override this method to return an instance of that formatter. More... | |
getHelpUrls () | |
Return links to more detailed help pages about the module. More... | |
shouldCheckMaxlag () | |
Indicates if this module needs maxlag to be checked. More... | |
isReadMode () | |
Indicates whether this module requires read rights. More... | |
isWriteMode () | |
Indicates whether this module requires write mode. More... | |
mustBePosted () | |
Indicates whether this module must be called with a POST request. More... | |
isDeprecated () | |
Indicates whether this module is deprecated. More... | |
isInternal () | |
Indicates whether this module is "internal" Internal API modules are not (yet) intended for 3rd party use and may be unstable. More... | |
needsToken () | |
Returns the token type this module requires in order to execute. More... | |
getConditionalRequestData ($condition) | |
Returns data for HTTP conditional request mechanisms. More... | |
getModuleName () | |
Get the name of the module being executed by this instance. More... | |
getModulePrefix () | |
Get parameter prefix (usually two letters or an empty string). More... | |
getMain () | |
Get the main module. More... | |
isMain () | |
Returns true if this module is the main module ($this === $this->mMainModule), false otherwise. More... | |
getParent () | |
Get the parent of this module. More... | |
lacksSameOriginSecurity () | |
Returns true if the current request breaks the same-origin policy. More... | |
getModulePath () | |
Get the path to this module. More... | |
getModuleFromPath ($path) | |
Get a module from its module path. More... | |
getResult () | |
Get the result object. More... | |
getErrorFormatter () | |
Get the error formatter. More... | |
getContinuationManager () | |
Get the continuation manager. More... | |
setContinuationManager ($manager) | |
Set the continuation manager. More... | |
dynamicParameterDocumentation () | |
Indicate if the module supports dynamically-determined parameters that cannot be included in self::getAllowedParams(). More... | |
encodeParamName ($paramName) | |
This method mangles parameter name based on the prefix supplied to the constructor. More... | |
extractRequestParams ($parseLimit=true) | |
Using getAllowedParams(), this function makes an array of the values provided by the user, with key being the name of the variable, and value - validated value from user or default. More... | |
requireOnlyOneParameter ($params, $required) | |
Die if none or more than one of a certain set of parameters is set and not false. More... | |
requireMaxOneParameter ($params, $required) | |
Die if more than one of a certain set of parameters is set and not false. More... | |
requireAtLeastOneParameter ($params, $required) | |
Die if none of a certain set of parameters is set and not false. More... | |
getTitleOrPageId ($params, $load=false) | |
Get a WikiPage object from a title or pageid param, if possible. More... | |
validateToken ($token, array $params) | |
Validate the supplied token. More... | |
getWatchlistUser ($params) | |
Gets the user for whom to get the watchlist. More... | |
setWarning ($warning) | |
Set warning section for this module. More... | |
dieUsage ($description, $errorCode, $httpRespCode=0, $extradata=null) | |
Throw a UsageException, which will (if uncaught) call the main module's error handler and die with an error message. More... | |
dieBlocked (Block $block) | |
Throw a UsageException, which will (if uncaught) call the main module's error handler and die with an error message including block info. More... | |
getErrorFromStatus ($status, &$extraData=null) | |
Get error (as code, string) from a Status object. More... | |
dieStatus ($status) | |
Throw a UsageException based on the errors in the Status object. More... | |
static | dieReadOnly () |
Helper function for readonly errors. More... | |
dieUsageMsg ($error) | |
Output the error message related to a certain array. More... | |
dieUsageMsgOrDebug ($error) | |
Will only set a warning instead of failing if the global $wgDebugAPI is set to true. More... | |
parseMsg ($error) | |
Return the error message related to a certain array. More... | |
getFinalDescription () | |
Get final module description, after hooks have had a chance to tweak it as needed. More... | |
getFinalParams ($flags=0) | |
Get final list of parameters, after hooks have had a chance to tweak it as needed. More... | |
getFinalParamDescription () | |
Get final parameter descriptions, after hooks have had a chance to tweak it as needed. More... | |
modifyHelp (array &$help, array $options, array &$tocData) | |
Called from ApiHelp before the pieces are joined together and returned. More... | |
makeHelpMsg () | |
Generates help message for this module, or false if there is no description. More... | |
makeHelpMsgParameters () | |
Generates the parameter descriptions for this module, to be displayed in the module's help. More... | |
getModuleProfileName ($db=false) | |
profileIn () | |
profileOut () | |
safeProfileOut () | |
getProfileTime () | |
profileDBIn () | |
profileDBOut () | |
getProfileDBTime () | |
getResultData () | |
Get the result data array (read-only) More... | |
Public Member Functions inherited from ContextSource | |
canUseWikiPage () | |
Check whether a WikiPage object can be get with getWikiPage(). More... | |
exportSession () | |
Export the resolved user IP, HTTP headers, user ID, and session ID. More... | |
getConfig () | |
Get the Config object. More... | |
getContext () | |
Get the base IContextSource object. More... | |
getLanguage () | |
Get the Language object. More... | |
getOutput () | |
Get the OutputPage object. More... | |
getRequest () | |
Get the WebRequest object. More... | |
getSkin () | |
Get the Skin object. More... | |
getStats () | |
Get the Stats object. More... | |
getTiming () | |
Get the Timing object. More... | |
getTitle () | |
Get the Title object. More... | |
getUser () | |
Get the User object. More... | |
getWikiPage () | |
Get the WikiPage object. More... | |
msg () | |
Get a Message object with context set Parameters are the same as wfMessage() More... | |
setContext (IContextSource $context) | |
Set the IContextSource object. More... | |
Public Attributes | |
const | MAX_POST_SIZE = 8192 |
These reports should be small. More... | |
Public Attributes inherited from ApiBase | |
string | $mModulePrefix |
const | GET_VALUES_FOR_HELP = 1 |
getAllowedParams() flag: When set, the result could take longer to generate, but should be more thorough. More... | |
const | LIMIT_BIG1 = 500 |
Fast query, standard limit. More... | |
const | LIMIT_BIG2 = 5000 |
Fast query, apihighlimits limit. More... | |
const | LIMIT_SML1 = 50 |
Slow query, standard limit. More... | |
const | LIMIT_SML2 = 500 |
Slow query, apihighlimits limit. More... | |
const | PARAM_DFLT = 0 |
(null|boolean|integer|string) Default value of the parameter. More... | |
const | PARAM_ISMULTI = 1 |
(boolean) Accept multiple pipe-separated values for this parameter (e.g. More... | |
const | PARAM_TYPE = 2 |
(string|string[]) Either an array of allowed value strings, or a string type as described below. More... | |
const | PARAM_MAX = 3 |
(integer) Max value allowed for the parameter, for PARAM_TYPE 'integer' and 'limit'. More... | |
const | PARAM_MAX2 = 4 |
(integer) Max value allowed for the parameter for users with the apihighlimits right, for PARAM_TYPE 'limit'. More... | |
const | PARAM_MIN = 5 |
(integer) Lowest value allowed for the parameter, for PARAM_TYPE 'integer' and 'limit'. More... | |
const | PARAM_ALLOW_DUPLICATES = 6 |
(boolean) Allow the same value to be set more than once when PARAM_ISMULTI is true? More... | |
const | PARAM_DEPRECATED = 7 |
(boolean) Is the parameter deprecated (will show a warning)? More... | |
const | PARAM_REQUIRED = 8 |
(boolean) Is the parameter required? More... | |
const | PARAM_RANGE_ENFORCE = 9 |
(boolean) For PARAM_TYPE 'integer', enforce PARAM_MIN and PARAM_MAX? More... | |
const | PARAM_HELP_MSG = 10 |
(string|array|Message) Specify an alternative i18n documentation message for this parameter. More... | |
const | PARAM_HELP_MSG_APPEND = 11 |
((string|array|Message)[]) Specify additional i18n messages to append to the normal message for this parameter. More... | |
const | PARAM_HELP_MSG_INFO = 12 |
(array) Specify additional information tags for the parameter. More... | |
const | PARAM_VALUE_LINKS = 13 |
(string[]) When PARAM_TYPE is an array, this may be an array mapping those values to page titles which will be linked in the help. More... | |
const | PARAM_HELP_MSG_PER_VALUE = 14 |
((string|array|Message)[]) When PARAM_TYPE is an array, this is an array mapping those values to $msg for ApiBase::makeMessage(). More... | |
const | PARAM_SUBMODULE_MAP = 15 |
(string[]) When PARAM_TYPE is 'submodule', map parameter values to submodule paths. More... | |
const | PARAM_SUBMODULE_PARAM_PREFIX = 16 |
(string) When PARAM_TYPE is 'submodule', used to indicate the 'g' prefix added by ApiQueryGeneratorBase (and similar if anything else ever does that). More... | |
Private Member Functions | |
error ($code, $method) | |
Stop processing the request, and output/log an error. More... | |
generateLogLine ($flags, $report) | |
Get text of log line. More... | |
getFlags ($report) | |
Get extra notes about the report. More... | |
getReport () | |
Get the report from post body and turn into associative array. More... | |
logReport ($flags, $logLine, $context) | |
Log CSP report, with a different severity depending on $flags. More... | |
verifyPostBodyOk () | |
Output an api error if post body is obviously not OK. More... | |
Private Attributes | |
$log | |
Api module to receive and log CSP violation reports.
Definition at line 30 of file ApiCSPReport.php.
|
private |
Stop processing the request, and output/log an error.
$code | String error code |
$method | String method that made error |
UsageException | Always |
Definition at line 171 of file ApiCSPReport.php.
References $code, ApiBase\dieUsage(), and ContextSource\getRequest().
Referenced by getReport(), and verifyPostBodyOk().
ApiCSPReport::execute | ( | ) |
Logs a content-security-policy violation report from web browser.
Definition at line 42 of file ApiCSPReport.php.
References $flags, generateLogLine(), getFlags(), ApiBase\getModuleName(), ApiBase\getParameter(), getReport(), ContextSource\getRequest(), ApiBase\getResult(), ContextSource\getUser(), logReport(), and verifyPostBodyOk().
|
private |
ApiCSPReport::getAllowedParams | ( | ) |
Definition at line 180 of file ApiCSPReport.php.
References false, ApiBase\PARAM_DFLT, ApiBase\PARAM_REQUIRED, and ApiBase\PARAM_TYPE.
|
private |
Get extra notes about the report.
$report | Array The CSP report |
Definition at line 86 of file ApiCSPReport.php.
References $flags, $source, ApiBase\getParameter(), and ContextSource\getRequest().
Referenced by execute().
|
private |
Get the report from post body and turn into associative array.
Definition at line 122 of file ApiCSPReport.php.
References $code, $status, error(), FormatJson\FORCE_ASSOC, ApiBase\getErrorFromStatus(), ContextSource\getRequest(), list, and FormatJson\parse().
Referenced by execute().
ApiCSPReport::isInternal | ( | ) |
Mark as internal.
This isn't meant to be used by normal api users
Definition at line 205 of file ApiCSPReport.php.
ApiCSPReport::isReadMode | ( | ) |
Even if you don't have read rights, we still want your report.
Definition at line 212 of file ApiCSPReport.php.
ApiCSPReport::isWriteMode | ( | ) |
Definition at line 198 of file ApiCSPReport.php.
|
private |
Log CSP report, with a different severity depending on $flags.
$flags | Array Flags for this report |
$logLine | String text of log entry |
$context | Array logging context |
Definition at line 70 of file ApiCSPReport.php.
References ContextSource\$context, and $flags.
Referenced by execute().
ApiCSPReport::mustBePosted | ( | ) |
Definition at line 194 of file ApiCSPReport.php.
ApiCSPReport::shouldCheckMaxLag | ( | ) |
Doesn't touch db, so max lag should be rather irrelavent.
Also, this makes sure that reports aren't lost during lag events.
Definition at line 221 of file ApiCSPReport.php.
|
private |
Output an api error if post body is obviously not OK.
Definition at line 104 of file ApiCSPReport.php.
References $req, error(), and ContextSource\getRequest().
Referenced by execute().
|
private |
Definition at line 32 of file ApiCSPReport.php.
const ApiCSPReport::MAX_POST_SIZE = 8192 |
These reports should be small.
Ignore super big reports out of paranoia
Definition at line 37 of file ApiCSPReport.php.