Requests for comment/Disable raw HTML on wikimediafoundation.org
This is a request for comment regarding disabling raw HTML ($wgRawHtml) on wikimediafoundation.org.
Currently wikimediafoundation.org allows raw HTML. This presents a number of problems:
- code reusability is more difficult (most wikis wisely choose not to enable raw HTML);
- it's a huge attack vector; and
- enabling raw HTML inhibits the (open) wiki model.
Search for instances of raw HTML on the wiki, evaluate them, and replace them with regular wikimarkup or specialized (safe) code. Once all the raw HTML is scrubbed, disable $wgRawHtml and profit!