golem
/
Math
9
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Math library for MediaWiki (patched)
376 Commits 2 Branches 0 Tags 14 MiB
PHP 72.9%
JavaScript 23.2%
CSS 2.3%
TSQL 1.6%
Go to file
physikerwelt 6a0af8f3b4 Validate TeX input for all renderers, not just texvc 
The user input specified in the math tag a. la
<math>E=m <script>alert('attacked')</script>^2 </math>
is verified in PNG rendering mode, but not in plaintext, MathJax
or LaTeXML rendering mode. This is a potential security issue.

Furthermore, the texvc specific commands such as $\reals$
that is expanded to $\mathbb{R}$ might be rendered differently
depended on the rendering mode.

Therefore, the security checking and rewriting portion of texvc
have been extracted from the texvc source
(see I1650e6ec2ccefff6335fbc36bbe8ca8f59db0faa) and are
now available as a separate executable (texvccheck).

This commit will now enable this enhancement in security and
provide even more compatibility among the different rendering
modes.

Bug: 49169
Change-Id: Ida24b6bf339508753bed40d2e218c4a5b7fe7d0c
 		2014-01-22 10:07:27 +00:00
db Remove db2 support, core MW did this a while ago 2014-01-02 15:13:45 +00:00
math Fix comment about Math compnent to report bugs etc 2013-09-20 09:13:18 +00:00
mathoid Fix: Add missing xmlns 2013-10-13 14:43:37 +00:00
modules MathJax must not process every <strong class="error"> 2014-01-15 12:05:55 -05:00
tests Validate TeX input for all renderers, not just texvc 2014-01-22 10:07:27 +00:00
texvccheck Breakdown of texvc 2013-12-14 18:34:15 +00:00
.gitignore Buffer png writes and flush them all at once 2013-12-27 10:42:27 +00:00
.gitreview Adding .gitreview 2012-03-23 10:30:45 -07:00
.jshintignore Adding mathoid as tex to MathML and SVG renderer 2013-10-04 17:03:34 -07:00
Math.hooks.php Validate TeX input for all renderers, not just texvc 2014-01-22 10:07:27 +00:00
Math.i18n.php Localisation updates from https://translatewiki.net. 2014-01-21 19:51:59 +00:00
Math.php Validate TeX input for all renderers, not just texvc 2014-01-22 10:07:27 +00:00
MathInputCheck.php Validate TeX input for all renderers, not just texvc 2014-01-22 10:07:27 +00:00
MathInputCheckTexvc.php Validate TeX input for all renderers, not just texvc 2014-01-22 10:07:27 +00:00
MathLaTeXML.php Add profiling 2013-11-18 14:46:00 +04:00
MathRenderer.php Validate TeX input for all renderers, not just texvc 2014-01-22 10:07:27 +00:00
MathSource.php Introduce getter and setter for the MathRenderer 2013-05-03 21:12:36 +00:00
MathTexvc.php Validate TeX input for all renderers, not just texvc 2014-01-22 10:07:27 +00:00
README Check if media wiki core is capable of xml type checking 2013-07-18 20:49:09 +00:00
mathParserTests.txt mark parsertests with option 'texvc' 2013-06-26 14:14:52 +02:00

README 

This version (for MediaWiki 1.19) has some changes since previous versions:

* rendering options have been reduced to just 'Always PNG' and 'Leave it as TeX'
** all other rendering options will merge to PNG.
* initial experimental support for integrating MathJax client-side rendering

See the README in the math subdirectory for more info on setting up the
low-level conversion tools.

MathML support:
If you prefer MathML rather than images you can use LaTeXML to convert the
math tags to MathML. To use that feature you have to enable LaTeXML by setting
$wgUseLaTeXML = true;
It is possible to choose LaTeXML as default option (for anonymous user) by setting
$wgDefaultUserOptions['math'] = MW_MATH_LATEXML;
in the LocalSettings.php file.
The LaTeXML option requires php5-curl to be installed. Without php5-curl no proper
error handling can be guaranteed.
Furthermore, a core version of wmf/1.22wmf7 or newer is recommended.
Otherwise, errors in LaTeXML can lead to mal-formatted XML output and disturb the
page layout.

MathJax configuration:
Client-side configuration of MathJax can be done by specifying a mathJax.config
table, which takes a table as described in:
http://docs.mathjax.org/en/v1.1-latest/options/index.html#configuration

Example:
if ( typeof mathJax === 'undefined' ) {
  mathJax = {};
  mathJax.config = {
    showProcessingMessages: true
  };
}

For testing your installation run
php tests/phpunit/phpunit.php extensions/Math/tests/
from your MediWiki home path.