/** * Wraps the provided html code in a div and outputs it to the page * * @param Title $title * @param ParserOutput $pout * @param OutputPage $out */ private function showHtmlPreview(Title $title, ParserOutput $pout, OutputPage $out) { $lang = $title->getPageViewLanguage(); $out->addHTML("<h2>" . $this->msg('expand_templates_preview')->escaped() . "</h2>\n"); $out->addHTML(Html::openElement('div', array('class' => 'mw-content-' . $lang->getDir(), 'dir' => $lang->getDir(), 'lang' => $lang->getHtmlCode()))); $out->addParserOutputContent($pout); $out->addHTML(Html::closeElement('div')); }
/** * Wraps the provided html code in a div and outputs it to the page * * @param Title $title * @param ParserOutput $pout * @param OutputPage $out */ private function showHtmlPreview(Title $title, ParserOutput $pout, OutputPage $out) { $lang = $title->getPageViewLanguage(); $out->addHTML("<h2>" . $this->msg('expand_templates_preview')->escaped() . "</h2>\n"); if ($this->getConfig()->get('RawHtml')) { $request = $this->getRequest(); $user = $this->getUser(); // To prevent cross-site scripting attacks, don't show the preview if raw HTML is // allowed and a valid edit token is not provided (bug 71111). However, MediaWiki // does not currently provide logged-out users with CSRF protection; in that case, // do not show the preview unless anonymous editing is allowed. if ($user->isAnon() && !$user->isAllowed('edit')) { $error = ['expand_templates_preview_fail_html_anon']; } elseif (!$user->matchEditToken($request->getVal('wpEditToken'), '', $request)) { $error = ['expand_templates_preview_fail_html']; } else { $error = false; } if ($error) { $out->wrapWikiMsg("<div class='previewnote'>\n\$1\n</div>", $error); return; } } $out->addHTML(Html::openElement('div', ['class' => 'mw-content-' . $lang->getDir(), 'dir' => $lang->getDir(), 'lang' => $lang->getHtmlCode()])); $out->addParserOutputContent($pout); $out->addHTML(Html::closeElement('div')); $out->setCategoryLinks($pout->getCategories()); }