Extension talk:SecureHTML

From MediaWiki.org

Jump to: navigation, search

Contents

[edit] Shouldn't this be written a different way

Shouldn't the localsettings.php lines be written like this:

require_once( "includes/DefaultSettings.php" );

In addition, I have wikipedia 1.7, can I use this program?

I do not know

Also, have you considered combining this program with the other stubs program? It would be easier to install. Odessaukrain 03:47, 30 March 2008 (UTC)

In terms of ease of installation, I would suggest using PEAR. Jean-Lou Dupont 11:39, 30 March 2008 (UTC)
Jean-Lou Dupont, thank you for your prompt response, what a wonderful surprise.
Sorry to be so dense, especially when the page clearly says 1.10, does this extension work for wikipedia 1.7?
Extension:SecureHTML and Extension:Anysite doesn't work, and Extension:Anysite has major security flaws, so I only have your extension to use.
I am trying to embed a blog into my webpage. Odessaukrain 18:42, 30 March 2008 (UTC)
I do not know if this works under 1.7 nor will I test this. Sorry. Jean-Lou Dupont 19:19, 30 March 2008 (UTC)
Why don't you test it? Nothing will explode I am sure ;-) Jean-Lou Dupont 19:32, 30 March 2008 (UTC)
Sure, I will let you know asap. I just didn't want to go through the hassle if other people have already tested it. Odessaukrain 09:31, 31 March 2008 (UTC)

Hi, Is there a way to set the width and height of the included html page on a case by case basis? How is that handled in this extension? e.g. to order to avoid scroll bars 118.92.110.162 07:45, 15 May 2008 (UTC)

Hi - the extension has nothing to do with scrollbars - you must control this behavior. Are you by any chance including an iframe?

Jean-Lou Dupont 10:12, 15 May 2008 (UTC)

Thanks for the quick response. I was just trying to compare it with the anysite extension. With anysite the height and width of the HTML you embed is controlled globally in the extension file. If you embed a page larger than the allowed area, then it puts scroll bars on it, so yes, I guess the anysite extension does put it into an iframe.
If I use securehtml, does it allow me to embed another URL into the page? If so, how is the height and width controlled for how that page appears - just by the surrounding mediawiki code?
130.195.86.36 22:42, 15 May 2008 (UTC)
It allows unrestricted HTML using <html> tag section on edit protected pages (see the protect tab on each page). If you require more information on HTML in general, I would suggest googling. Jean-Lou Dupont 23:48, 15 May 2008 (UTC)
Same for me as described above. onyl if ($wgRawHtml = false;) + protected template reading <html>... + Extension:ParserFunctionsHelper + {{#shtml:Template:...}} --Subfader 19:09, 9 July 2008 (UTC)

[edit] Functionality explained?

I am not a programmer and at the edge of my understanding when I read the description of this extension. Looking for a simple solution to include javascript and php code in pages without compromising security. When comparing this extension with Extension:HTMLets the latter seems less complicated. I don't need the functionality of SecureHTML that allows users to include widgets, at least not for now. Are there other options/functions I possibly might miss if I go for the simpler solution using HTMLets? --Kassoe 20:54, 15 May 2008 (UTC)

I am putting the finishing touches to Extension:SecureWidgets which should be helpful. I also commit to adding more details on Extension:SecureHTML shortly.
I do not have a side-by-side comparison with other extensions, sorry. Jean-Lou Dupont 23:49, 15 May 2008 (UTC)

[edit] MW 1.12.0 plus current secureHTML (SVN) - June 25, 2008 [SOLVED]

Jean-Lou:

Thanks for this extension! I'm trying to get it to work without full success.

I've created a protected template which includes the html code to display <iframe> content from another server. After saving the template, the <iframe> content displays nicely within the template (just the way I want it to display in an article). However, when I embed the template within the article, all one sees is the html code as it was written in the template and not the display of the <iframe>'s content.

Any ideas what to look at? Thanks. -- Rik

ps: I do have the stubmanager extension installed as well and listed above the "require_once" statement for secureHTML.

That's probably because the target page isn't edit protected. In this case, use the #shtml parser function. Jean-Lou Dupont 10:22, 25 June 2008 (UTC)

Jean-Lou:

I installed ParserFunctionsHelper and that solved the problem for both protected and unprotected edits. Without ParserFunctionsHelper, I still can't get the protected edits to work. But since it works both ways with ParserFunctionsHelper installed, that solves the problem for me.

Thank you very much both for the great extensions and your help. -- Rik

My pleasure. Jean-Lou Dupont 00:52, 26 June 2008 (UTC)

[edit] php include?

Is there a way to include php files in teh protected templates without using iframes? I mean real includes <?php include 'mywikiroot/something.php'; ?> --Subfader 19:16, 9 July 2008 (UTC)

Use Extension:SecurePHP. Jean-Lou Dupont 02:21, 13 July 2008 (UTC)

[edit] Installation Problem

I have installed both stubmanager and securehtml... i think

Specail:version shows it as having been installed. But its not working right. I am trying to embed a Picasa slide show. In the wiki I put

<html/><embed type="application/x-shockwave-flash" src="http://picasaweb.google.com/s/c/bin/slideshow.swf" width="288" height="192" flashvars="host=picasaweb.google.com&RGB=0x000000&feed=http%3A%2F%2Fpicasaweb.google.com%2Fdata%2Ffeed%2Fapi%2Fuser%2Fjeffcrigler%2Falbumid%2F5240104383351226193%3Fkind%3Dphoto%26alt%3Drss" pluginspage="http://www.macromedia.com/go/getflashplayer"></embed></html>

When I hit "preview" it appears fine but when I save the page I just see the source, not the flash slideshow. I locked down the page so only my registered and trusted users can edit it, but no luck

Suggestions?

And the page is protected for the edit right, right? Jean-Lou Dupont 00:20, 31 August 2008 (UTC)

Yea. I have it Sysop only!

I don't know if this helps but here is what I have installed

Installed extensions

Special pages MultipleUpload Allows users to upload several files at once Travis Derouin Parser hooks

FlashMP3 (Version v0.91) Plays mp3-files in an embedded Flash-player Matthias Korn

Flickr Display Flickr image and link to photo page on Flickr as per their terms Edward Simpson Other

DiscussionThreading Add Threading to discussion (talk) pages Jack D. Pond

FCKeditor extension (Version fckeditor/mw-extension $Rev$ 2007) FCKeditor extension

Google Maps Extension (Version 0.9.1) Easily create maps with wiki-fied markers Evan Miller

SecureHTML (Version @@package-version@@) Enables secure HTML code on protected pages Jean-Lou Dupont

StubManager (Version 1.3.0) Provides stubbing facility for extensions handling rare events. Customization template: mediaWiki:ExtensionState. Extensions registered:

SecureHTML. Jean-Lou Dupont

And the require statement for StubManager appears *before* ones for my other extensions? Jean-Lou Dupont 07:03, 31 August 2008 (UTC)
This extension is pretty simple in nature: the problem you are experiencing is most probably due to unwanted interaction(s) with some other extension you have installed. I can't help at this point. Sorry. Jean-Lou Dupont 14:47, 2 September 2008 (UTC)

[edit] Does it work on 1.13?

Hello, I use MediaWiki 1.13 and it seems that SecureHTML doesn't work properly with this version. Is there something I can do to use this extension with 1.13 ? -- Marineam 12:07, 01 October 2008 (UTC)

Have you seen that you need the StubManager and the ParserFunctionsHelper extensions to get it working? --Subfader 14:35, 1 October 2008 (UTC)
I haven't tried 1.13 yet... I'll get around to it at some point though. Jean-Lou Dupont 01:48, 2 October 2008 (UTC)
I had no probs moving from 1.12 to 1.13 --Subfader 05:46, 2 October 2008 (UTC)
Retrieved from "http://www.mediawiki.org/wiki/Extension_talk:SecureHTML"
Personal tools