MediaWiki

Requests for comment/Disable raw HTML on wikimediafoundation.org

< Requests for comment
Tracked in Phabricator
Task T201285

This is a request for comment regarding disabling raw HTML ($wgRawHtml) on wikimediafoundation.org.

Request for comment (RFC)
Disable raw HTML on wikimediafoundation.org
Component General
Creation date
Author(s) MZMcBride
Document status implemented
See Phabricator.

Background edit

Currently wikimediafoundation.org allows raw HTML. This presents a number of problems:

  • code reusability is more difficult (most wikis wisely choose not to enable raw HTML);
  • it's a huge attack vector; and
  • enabling raw HTML inhibits the (open) wiki model.

Resolution edit

Search for instances of raw HTML on the wiki, evaluate them, and replace them with regular wikimarkup or specialized (safe) code. Once all the raw HTML is scrubbed, disable $wgRawHtml and profit!

Retrieved from "https://www.mediawiki.org/w/index.php?title=Requests_for_comment/Disable_raw_HTML_on_wikimediafoundation.org&oldid=6185559"