|Warning:||Using this extension can result in severe security holes! Know what you are doing! Activating the feature noesc can result in XSS attacks. Activating local file sources can allow users to view local files of the web server, potentially containing confidential data and passwords. Allowing to shell or php code poses a security risk by itself.|
Release status: experimental
|Description||Include external static content from the local file system, a remote URL, or SVN. External content can be included or embedded as an iframe.|
|Latest version||2.0 WIP (2019-08-14)|
|License||GPL3 or later|
|Check usage and version matrix.|
A few introductory remarksEdit
Be aware. This is work in progress.
SecureInclude is basically the original Include Extension fixed up to do Syntaxhighlighting again and some more.
<include> should be stable while the new tags
<php> are experimental for now. Be patient.
- install SyntaxHighlighting as described in Extension:SyntaxHighlight#Installation
<syntaxhighlight>attributes (as documented on Extension:SyntaxHighlight#Parameters) eg.
<include src="./tmp/duply.sh" lang="bash" line nocache nopre/>
The best documentation for now is in the header of secure-include.php.
- https://github.com/edeso/SecureInclude/archive/master.zip and place the file(s) in a directory called
- Add the following code at the bottom of your LocalSettings.php:
wfLoadExtension( 'SecureInclude' );
- Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.