User talk:Magnus Manske/MediaWiki:Gadget-Check-usage.js

Which wikis are included, which are not? pfctdayelise (说什么?) 02:46, 6 July 2007 (UTC)Reply

Upon briefly examining the code, it looks like the following are missing:

Wikinews: ro, sd, ta

Wikiversity (all): beta, de, en, es, fr, it

Wikisources: all

Wikibooks: several

Wikipedias: several

Wiktionaries: all

Wikiquotes: all

And every other non-language domain except Commons and Meta

Sorry for the brief reply. It is only an semi-accurate assessment.  :\ I'll try to make some code for Magnus to add that will add more wikis. It is mere grunt work at this point (to make a list of all the language-prefixes for each project). --Iamunknown 06:11, 6 July 2007 (UTC)Reply

Shouldn't function get_usage_url encode the image name in order to work with file names containing '&'?

function get_usage_url ( language , project , image ) {
  var url = "http://commons.wikimedia.org/w/query.php?" ;
  if ( project != "wikimedia" || language != "commons" ) url += "proxysite=" + project + "&proxylang=" + language + "&" ;
  url +=    "format=xml" +
            "&what=imagelinks" +
            "&illimit=51" + // 51 links maximum
            "&titles=Image:" + encodeURIComponent (image);
  return url ;
}

Lupo 22:18, 20 September 2007 (UTC)Reply

Yes. Added. Now it works on Image:Forest & Bird headquarters.jpg. Thanks. Platonides 13:07, 21 September 2007 (UTC)Reply

{{Editprotected}} Please head to Image:Formaciones cársticas en El Torcal de Antequera (Málaga).jpg. You will notice the page throws an exception; according to Firefox, "Error: uncaught exception: [Exception... "Node cannot be inserted at the specified point in the hierarchy" code: "3" nsresult: "0x80530003 (NS_ERROR_DOM_HIERARCHY_REQUEST_ERR)" location: "http://commons.wikimedia.org/w/index.php?title=MediaWiki:Gadget-Check-usage.js&action=raw&ctype=text/javascript Line: 52"]". I believe this is because no image is present. This is a problem, because it breaks Javascript, and all the other Javascript functions are now dead for this page. Patstuart (talk) 13:25, 24 April 2008 (UTC)Reply

Same error produced at Image:MENDEL RECOPILACION.pdf (which, by the way, could use for speedy deletion as out of scope). It appears the gadget fails when a thumbnail is not present. Patstuart (talk)

Alerted Magnus and disabled editprotected. What do you propose be done? giggy _(:O) 02:22, 23 May 2008 (UTC)Reply

Not much I can do without an example to test it on. Both examples mentioned here have been deleted. --Magnus Manske 09:02, 23 May 2008 (UTC)Reply

Fixed. The problem was that it tried to insert its div into document.getElementById("filelinks").nextSibling;, but on these pages, this was a text node because the XHTML sent is formatted like this:

  <h2 id="filelinks">Links</h2>
  <div id='mw-imagepage-nolinkstoimage'>
  <p>There are no pages that link to this file.
  </p></div>

The line break between the H2 and the DIV results in some browsers in a tree H2-Text_Node-DIV, with the text node containing the line break. I've changed the code such that it doesn't try to insert its div into nextSibling but simply after the "filelinks" node. Lupo 09:23, 13 June 2008 (UTC)Reply

This script no longer works because it still uses query.php, which is no longer active. It should be rewritten to use api.php instead. There is a catch, though: api.php does not offer the proxying functionality that query.php had, and thus the script would have to make calls to the individual WMF projects it wants to check. However, since we're on wikimedia.org and the other projects are on other domains (*.wikipedia.org etc.), the security policies won't allow such cross-domain calls. Any solutions? Lupo 12:26, 31 August 2008 (UTC)Reply

Is this not a browser-specific setting? I think I have a script which makes calls to other domains, but I had to set up my browser specifically to allow that.  — Mike.lifeguard | ^@en.wb 00:19, 3 September 2008 (UTC)Reply

There is a draft proposal for this (see XMLHttpRequest Level 2 and Access Control for Cross-site Requests. For FF, see also Cross-Site XMLHttpRequest and [1]). Even if FF3 should already have this, older browsers (such as FF2.0.0.16, which isn't really that old) don't, and judging from Cross-Site XMLHttpRequest, the access control would need to be defined at the server site, too. AFAIK, the still current state-of-the-art is about this. Lupo 07:08, 3 September 2008 (UTC)Reply

Way over my head. Are we thinking of the same thing? This is from the script I was talking about:

//security override HTTP request
//ALSO, reduce IE security settings
//For FF/NS, go enable, see "http://esw.w3.org/topic/SparqlCalendarDemoUsage#FAQ"
//Basically, enable "signed.applets.codebase_principal_support" in about:config 
function makeRequestXML(url, parameters,type,parse) { 
	if(window.XMLHttpRequest){
		try {netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead"); } 
		catch (e) {alert("Permission UniversalBrowserRead denied."); } 
		http_request = false;
		http_request = new XMLHttpRequest(); 
		if (http_request.overrideMimeType) {
			http_request.overrideMimeType('text/xml');
		}
		if (!http_request) {
		alert('Cannot create XMLHTTP instance'); return false;
		} 
	http_request.onreadystatechange = alertContents;
	http_request.open(type, url + parameters, true); 
	http_request.send(null); 
	}
	else if (window.ActiveXObject){
	try{
		http_request = new ActiveXObject("Msxml2.XMLHTTP");} 
		catch (e){
			try	{
				http_request = new ActiveXObject("Microsoft.XMLHTTP");
			} 
			catch (e){}
		}
		if (!http_request) {showError(ERROR_XML);}
		http_request.onreadystatechange = alertContents;
		http_request.open(type, url + parameters, true); 
		http_request.send(null); 
	}
}

 — Mike.lifeguard | ^@en.wb 15:37, 3 September 2008 (UTC)Reply

Yes, we're talking about the same thing. I didn't know you could trick FF into lowering the security settings like this. We can't expect any user to make this very unsafe modification. The correct solution would be to bug the devs to add proxying support (within the WMF domains only) to the API. Lupo 20:39, 3 September 2008 (UTC)Reply

"Very unsafe" O.O Seeing as I basically don't use that script, I'm going to undo that :\

As you clearly understand this better than I, would you open a bug?  — Mike.lifeguard | ^@en.wb 21:47, 3 September 2008 (UTC)Reply

Yes, unsafe, as they point out clearly at the URL in that code snippet. Ok, I'll open an enhancement request at bugzilla. Lupo 21:54, 3 September 2008 (UTC)Reply

• This is now bugzilla:15469. Lupo 08:26, 4 September 2008 (UTC)Reply

• Meanwhile, just switch to API and use importScriptURI with API callback parameter. For examples of usage see e.g. w:User:Splarka/dabfinder.js. —AlexSm 13:42, 4 September 2008 (UTC)Reply

• • Neat script, nice technique, but it isn't cross-domain. Are you sure it'd work cross-domain? (Off-topic: I also found that in order to compare titles against hrefs, I needed to do a somewhat more elaborate "encoding hack" than Splarka did; a simple escape didn't work in all cases (especially involving strange character sets) in the upload form script.) Lupo 17:45, 4 September 2008 (UTC)Reply

    Yes, it is cross-domain because you can import scripts from anywhere (well, almost: as it turns out, Opera 9.5+ disallows local scripts for remote sites, so I can't use my localhost-based monobook.js in Opera anymore). —AlexSm 18:12, 4 September 2008 (UTC)Reply

    As for matching hrefs, escape is sure a bad choice. decodeURIComponent(href) seems to work fine on parenthesis. As far as I remember, I only had some issues with slashes. —AlexSm 18:12, 4 September 2008 (UTC)Reply

All right, I've done a proof-of-concept implementation of Alex's approach. It works (tested only in FF2), but of course, using script tags to do remote calls is not the same as using XMLHttp. In particular, the script doesn't get any feedback if something goes wrong. If the URL goes to a non-existing server (yes, there were such language prefixes in the list...), nothing happens, and due to the way this script is structured, it'll stop doing anything upon the tenth time this happens. (This could maybe be avoided using an additional timer per call that cancels the call if no reply is received within a few seconds, but setting that timeout is rather arbitrary and not a clean solution.) Same if anything else goes wrong. Also, if people are running NoScript or other extensions that forbid off-site scripts, it won't work unless all the WMF domains are whitelisted (.wikisource.org, .wikibook.org, .wikiversity.org, .wiktionary.org, .wikinews.org. It also needed a little hack to allow re-executing the script, otherwise importScriptURI refuses to re-load the same script (i.e., refuses to make the same call a second time). I'd much rather wait for the resolution of bugzilla:14024 and use this (in my perception rather ugly) workaround only if they decided on "wontfix". Lupo 09:02, 10 September 2008 (UTC)Reply

Template:JS migration Hello! This script has been detected as using deprecated parameters that need to be replaced with the updated version. Examples include addOnloadHook() needs to be replaced with $(); all wgGlobalVariables need to be properly gotten with mw.config.get( 'wgGlobalVariable' ); and addPortletLink needs to be called with mw.util.addPortletLink. Please see MW:ResourceLoader/Legacy JavaScript for details. Thank you. — {{U|Technical 13}} ^{(e • t • c)} 00:09, 19 January 2015 (UTC)Reply