Ehmm... who has written this Crap ? There is a Link to $wgGroupPermissions with no Instructions how to do it.
Can somebody please rewrite this Instructions how (?) to enable <html> at locked Sites?
- You do it exactly the same way, set
true. The bit about
$wgGroupPermissionsis to limit editing of the wiki to known / responsible users. Otherwise anybody can come along and insert what ever HTML code they like into your pages. Bit of a security problem that ;-) --Dr DBW | talk 22:45, 26 September 2007 (UTC)
"This is very dangerous"
- Full HTML also allows for inclusion of flash or java applets, which may open the wiki for additional attacks. -- Duesentrieb ⇌ 21:36, 23 October 2008 (UTC)
- Looks good! I think it really gets the point across now. --Lance E Sloan 16:03, 27 October 2008 (UTC)
- Is that really what the template's intended for? It didn't mention anything about extensions and it seemed to fit the context of the article for this raw HTML feature. We really do need something to grab the attention of users so they know that using this is a very bad idea. --Lance E Sloan 02:04, 28 October 2008 (UTC)
- It categorizes articles in Extensions with XSS vulnerabilities. The article has a single line explaining what the setting does; the rest of the article explains why you shouldn't change it and gives alternatives. The red warning exclamation mark is good. —Emufarmers(T|C) 02:14, 28 October 2008 (UTC)
it doesn't see to allow "RAW" unfiltered html.. it filters out style tags for instance.. or they're filtered out somewhere along the line.. --Frantik 08:15, 12 July 2009 (UTC)
Appears not to work in version 1.16.0
--220.127.116.11 14:11, 14 August 2010 (UTC)
- I think a bug should be filed as a result. However there seem to be security issues connected with this. I will try to find out and file a bug if necessary. Cheers --kgh 21:59, 20 August 2010 (UTC)
- I have found out that the point the variable is looked at was changed. Thus all extensions using this should be changed if no other extension doing the same or a similar job is available. I have been advised to avoid $wgRawHtml if possible. Cheers --kgh 21:36, 23 August 2010 (UTC)
This bloody thing doesn't work in 1.15 either!