Hello guys,
I want to show my mediawiki in a frame like:
| top frame with links |
content of linked sites (mediawiki) |
But when I do this I can't edit sites or switch to special sites, because of security reasons. Is there an option to disable this?
Have a nice day,
Patrick
Hello everyone, I'm willing to do the exact same thing !
I tried this and this. I'm able to see "normal" pages, but no special pages like login or edit...
Could you please give us/me some directions before I get my hands dirty in the 57536 lines of code here ?
Thanks in advance !
I got the solution :
taken from the DefaultSettings.php :
/**
* The X-Frame-Options header to send on pages sensitive to clickjacking
* attacks, such as edit pages. This prevents those pages from being displayed
* in a frame or iframe. The options are:
*
* - 'DENY': Do not allow framing. This is recommended for most wikis.
*
* - 'SAMEORIGIN': Allow framing by pages on the same domain. This can be used
* to allow framing within a trusted domain. This is insecure if there
* is a page on the same domain which allows framing of arbitrary URLs.
*
* - false: Allow all framing. This opens up the wiki to XSS attacks and thus
* full compromise of local user accounts. Private wikis behind a
* corporate firewall are especially vulnerable. This is not
* recommended.
*
* For extra safety, set $wgBreakFrames = true, to prevent framing on all pages,
* not just edit pages.
*/
$wgEditPageFrameOptions = 'DENY';
I've set this to $wgEditPageFrameOptions = 'SAMEORIGIN'; since my wiki and the top frame with links is on the same domain, but you might have to set it to false (careful, anyone can then show your wiki inside any frame...)