Extension:Ajax

Ajax allows to run Ajax applets by visiting a special page which references a JavaScript page in the system message space. The applets are built on the fly through a kind of minimal preprocessor which adapts the JavaScript according to defined system messages.

Installation
As is standard with other MediaWiki extensions, you may install this extension by extracting the extension somewhere (usually the extensions folder), and adding require_once( '/path/to/AbuseFilter/AbuseFilter.php' ); to LocalSettings.php.

Usage
The special page is called as any other special page, but with an additional JavaScript-page from the MediaWiki-space. Typically a call would be  where the JavaScript is expected to be found on the page   and the title for the page should be on page. The suffix must be present, if not the special page will give an error message. Likewise the title page must be present.

The special page uses a very limited cpp-like language to augment JavaScript. It concists of the pragmas #DEFINE and #INCLUDE, and the control structures #IFDEF, #IFNDEF, #ELSE and #ENDIF. Each such pragma should be on a separate line.

Note that all pragmas interacts with system messages, and that the namespace MediaWiki therefore should be protected from all you don't trust. Usually this namespace has an implicit protection and is only available to sysops.

Argv
A request can have parameters, which can be imported into the script, that is, a special construct can import it and bind it to a JavaScript variable. The process is initiated through using the pragma #ARGV, optionally in combination with keywords for type and source. The first set of keywords will trigger use of internal data type conversion functions, the later will trigger checks on how the data was delivered. In addition a variable name must be specified, the parameter name enclosed in angled brackets, and possibly a pattern to clean more diversed parameters.


 * Description

Define
A system message can be defined as a variable, that is, a special construct can import the system message for the interface language or the content language and bind it to a JavaScript variable. The process is initiated through using the pragma #DEFINE, optionally in combination with the keywords CONTENT or INTERFACE. Those keywords will limit the lookup of system messages to the defined languages, that is the languages used for the content or the interface. In addition a variable name must be specified and the name of a system message enclosed in angled brackets.

If a system message can't be resolved it will be left in the usual angled bracket form. System messages containing quotes will have those escaped.

Include
A system message can be included, that is, a special construct can import the system message for the interface language or the content language if it comes from a page with a proper JavaScript suffix. The process is initiated through using the pragma #INCLUDE, optionally in combination with the keywords CONTENT or INTERFACE. Those keywords will limit the lookup of system messages to the defined languages. In addition the name of a system message enclosed in angled brakets.

Note that the message name should have a proper js-suffix. If there is no such message to include, then a special code is included that will give an alert with the message name. There is no simple unified solution to how to do this, most likely critical code should be wrapped in #IFDEF.

Control structure
A few control structures are available for conditional evaluatiion of code, given the existence of system messages for the interface language or the content language. The process is initiated through using the pragma #IFDEF or #IFNDEF, optionally in combination with the keywords CONTENT or INTERFACE. Those keywords will limit the lookup of system messages to the defined languages. In addition the name of a system message enclosed in angled brakets. The controlled portion of the control structure is then run till #ELSE is found, in case the operation is negated, or the #ENDIF is found, in case further prosessing of this control structure is stopped.

Debug
As the code can be buggy, and the preprocessing will not make the debugging simpler the resulting code can be dumped by setting the action parameter to debug. The code after preprocessing will then be shown on the special page (debug) instead of evaluated (view).

Hello world
A typical "Hello world" has a simple solution with this extension. If coded as usual on Wikipedia it would include code for detecting a host page, code for querying system messages, and then finally code for rendering the result. With the previous pragmas this will be simplified.


 * Example

In the first line the binding between a JavaScript variable and a system message is defined. This variable is then used in the second line.

An example "Hello World" applet is available at Rallar.org: Hello World.

Bootstrap
A very usual construct is to localize some system messages, get some localized libraries and finally get the bulk of the code.


 * Example

This localizes all messages and adapts the later main code. This is either loaded from the local wiki or loaded from an external wiki.

An example "Weather data" applet is available at Rallar.org: Weather data.

Security issues
This kind of extension has a fundamental security problem because they allow inclusion of material on the page, possibly within executabel code. To avoid this the extension can only be configured for general use by sysops, or on an individual level by a single user loading pages from his own user space. The latter has the assumption that a single user knows what he is doing, if doing anything evil he will only harm himself, and therefor it is probably safe to let him play with the extension. If he wants to make his code generally available he must ask a sysop to move the actual pages. This covers the bulk of the code and should produce a fairly safe environment.

Still a minor part of the page is adapted through the request, the private data, and this opens a wormhole of possible attacks. It is the possibility to store code on the page that creates the problems. The main protection against this is to enforce validation of content from the outside before it reaches the page. This is done through type checks and pattern matching. If these checks fails then the page gives an error report. In addition to this the data reported back to the client are marked as tainted, and the client will refuse to give away such tainted data.

Bugs/Todo

 * Testing of cached messages should be more effective, but this has to be fixed in the main core
 * Caching added, but has not been thoroughly tested
 * Parameterpassing through cookies should be added (Security issues?)
 * Alternate parameter passing scheme could be embedding on the page itsef, if the page uses no-cache