Extension:NamespaceHTML
Warning: The code or configuration described here poses a major security risk. Site administrators: You are advised against using it until this security issue is resolved. Problem: Namespace detection code can be tricked allowing raw html to be unsafely executed. This is possible even for attackers who do not have any edit rights. Bawolff (talk) 04:17, 13 February 2023 (UTC) Solution: Use a different extension like extension:Widgets Bawolff (talk) 04:17, 13 February 2023 (UTC) |
This extension is currently not actively maintained! Although it may still work, any bug reports or feature requests will more than likely be ignored. If you are interested in taking on the task of developing and maintaining this extension, you can request repository ownership. As a courtesy, you may want to contact the author. You should also remove this template and list yourself as maintaining the extension in the page's {{extension}} infobox. |
 Release status: unmaintained |
|
|---|---|
| Implementation | Tag |
| Description | Allows raw HTML in specified namespaces |
| Author(s) | Ike Hecht (tosfostalk) |
| Latest version | 0.4 () |
| Compatibility policy | For every MediaWiki release that is a Long Term Support release there is a corresponding branch in the extension. |
| MediaWiki | 1.35, 1.39 |
| Database changes | No |
| License | GNU General Public License 2.0 or later |
| Download | |
|
$wgRawHtmlNamespaces |
|
|
<html> |
|
| Quarterly downloads | 5 (Ranked 171st) |
| Translate the NamespaceHTML extension if it is available at translatewiki.net | |
| Issues | Open tasks · Report a bug |
The NamespaceHTML extension allows raw HTML in specified namespaces. It is intended to work just like the $wgRawHtml setting. The difference is that this extension allows specifying which namespace(s) should be able to contain raw HTML, which allows administrators to restrict raw HTML to namespaces with sufficient edit protections.
This extension was created for WikiWorks.
UsageEdit
Embed raw html within <html>...</html> tags.
See Manual:$wgRawHtml for more information.
As a templateEdit
The extension allows inclusion from namespaces where HTML is allowed to namespaces where HTML is not. You can create a custom script namespace and allow HTML in that namespace. Then you can create pages in the script namespace that contain safe scripts which can be transcluded into any page.
Technically, you can use the #tag parser function to pass parameters to the template. See here for an example. However, it is a better idea to use the Widgets extension for that.
Widget examplesEdit
- To add a Pinterest feed: Extension:NamespaceHTML/Pinterest Widget
InstallationEdit
- Download and place the file(s) in a directory called
NamespaceHTMLin yourextensions/folder. - Add the following code at the bottom of your
LocalSettings.php:wfLoadExtension( 'NamespaceHTML' );
- Configure as required.
Note: $wgRawHtmlNamespaces = [];must be configured, see below.
Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.
ConfigurationEdit
- $wgRawHtmlNamespaces
- List of the namespaces where raw HTML should be enabled. See this page for more information about namespace constants. For example:
# allow raw HTML but only in the Project: & User: namespaces $wgRawHtmlNamespaces = [ NS_PROJECT, NS_USER ];
See alsoEdit
- HTML restriction - list of extensions that allow for the inclusion of raw HTML
- Extension:Secure HTML - adds "secret key" protection for html sections
- Extension:SaferHTMLTag - allows only sysops and certain user groups to edit pages containing the
<html>tag - Extension:HTMLets - Serves HTML from server files