Manual talk:$wgAllowUserJs

From mediawiki.org
Latest comment: 15 years ago by 69.111.193.139 in topic Which file is this in?

Its sad to see that this setting isn't detailed enough. I have enabled this in our wiki and non of us yet have been able to understand how to use it. The same for $wgAllowUserCss.

Would someone please detail this setting so that others can use it please? --71.32.15.193 08:13, 25 March 2006 (UTC)Reply


Sorry, what kind of neat customizations?

-mg

--68.33.149.14 04:41, 23 May 2006 (UTC)Reply

See meta:Help:User_style for infos on what you can do with it. -- Tbleher 10:21, 22 January 2008 (UTC)Reply


Possible Risks?[edit]

I've been looking for information on the possible risks of enabling this - obviously vandals could use a script vandalize that much harder/faster, but that can be handled with a good sysop team. The only other thing I have come across is the possibility of someone putting "malicious" code in someone else's User Script - what does "malicious" here actually entail? What risk are my users at from this, assuming someone truly evil decides to mess with them?

Also, is there any risk to the Wiki itself? Can a user script damage it in any way? Can it do anything (outside of normal vandalizing) that will affect any users other than the one who has it installed?

A simple link, if one is available, would suffice - I simply haven't been able to find one, and I've been looking for over an hour now. Otherwise, I would really appreciate it if anyone could explain the possible dangers here to me.

Thanks,
DragoonWraith 20:21, 21 February 2008 (UTC)Reply

Addendum: Are there any legal risks here? I don't want users hosting malicious or illegal code on my domain, either. To what degree might code in monobook.js cause this kind of problem?
DragoonWraith 20:27, 21 February 2008 (UTC)Reply
Only Sysops can edit the scripts of other users, so as long as you trust your sysops, you should be fine. No user scripts directly affect the page for other users. --Skizzerz talk - contribs MediaWiki Support Team 22:04, 21 February 2008 (UTC)Reply

Which file is this in?[edit]

I'm trying to enable this, but I can't find out which file it's in. Could somebody be kind enough to help me? :) 69.111.193.139 01:09, 18 May 2008 (UTC)Reply

See Manual:LocalSettings.php. --Skizzerz talk - contribs 02:01, 18 May 2008 (UTC)Reply
Don't see anything, but I'm sure that's just me being oblivious. Could you please be more specific? Thanks! 69.111.193.139 03:23, 18 May 2008 (UTC)Reply
Ah, nevermind. I guess it's in DefaultSettings. Thanks for the suggestion! 69.111.193.139 03:29, 18 May 2008 (UTC)Reply