Extension talk:Secure HTML

About this board

Discuss Extension:Secure HTML here:


Uziel302 (talkcontribs)

"Notice: Undefined index: in /var/www/html/meaning.wiki/public_html/h/extensions/SecureHTML/SpecialSecureHTML.php on line 40

Deprecated: Use of OutputPage::addWikiText was deprecated in MediaWiki 1.32. [Called from SpecialSecureHTML::execute in /var/www/html/meaning.wiki/public_html/h/extensions/SecureHTML/SpecialSecureHTML.php at line 62] in /var/www/html/meaning.wiki/public_html/h/includes/debug/MWDebug.php on line 309

Deprecated: Use of disabling tidy was deprecated in MediaWiki 1.32. [Called from OutputPage::addWikiText in /var/www/html/meaning.wiki/public_html/h/includes/OutputPage.php at line 1760] in /var/www/html/meaning.wiki/public_html/h/includes/debug/MWDebug.php on line "

Reply to "I got deprecated errors"

Dynamic values in <shtml/>

1
Jatin1697 (talkcontribs)

I am trying to use an anchor tag with a dynamic linnk provided by other template. But, it does shows the value. It only shows the var name {{{link}}}. Is this not implemented yet?

Thanks

Reply to "Dynamic values in <shtml/>"
Peachey88 (Flood) (talkcontribs)
Peachey88 (Flood) (talkcontribs)
Peachey88 (Flood) (talkcontribs)

Don't forget to edit your LocalSettings.php to include your primary and secondary key strings, otherwise you'll keep getting that error

Peachey88 (Flood) (talkcontribs)

I always get Error: invalid hash also, and I put in a primary and secondary key string in localsetting.php

Any suggestions?

Where does:

$shtml_keys = array(
      'primary key' => "key1",
      'another key' => "key2"
    );

Go in localsettings, or does it matter?

user:jldupont, I won't use Extension:SecureHTML because:

  1. I am running 1.7
  2. Installing two programs to make one program work seems like to much of a hassle. Why not combine both programs?

This post was posted by Peachey88 (Flood), but signed as Odessaukrain.

Peachey88 (Flood) (talkcontribs)

i also get the Error: invalid hash, i wonder if i've found the solution: in my case i've got confused with the fields key name and key, so i've put the key name in both. once i've copied the key string in the key field everything worked perfectly - i love this ingenious extension. i'm quite embarrassed to admit such a silly mistake, but i guess it could happens to others, so laugh with me! ^____^

This post was posted by Peachey88 (Flood), but signed as Eumeme.

Peachey88 (Flood) (talkcontribs)

I initially got "invalid hash" error too, later I recognized that I had a syntax error in my html code that I want to secure. After I correct that, everything works perfect. Thanks to the author!

This post was posted by Peachey88 (Flood), but signed as 24.6.151.20.

82.44.113.40 (talkcontribs)

I'm getting Error: invalid hash

Any advice?

Latest extension as of 25/09/12 I've even copied the code to test but it does not work!


$wgSecureHTMLSecrets = array(

 'Wiki admin' => 'foo',
 'developers' => 'bar',
 'Support department' => 'baz',

);


Was there something else i should put in the localsettings.php page? I've copied and pasted exactly what it says on the page into the localsettingsfile

27.57.47.146 (talkcontribs)

Hi all,

Not sure if anyone is still looking for solution but posting it for reference just in case.

The 'key secret' in the Special:SecureHTML page is the value of the array $wgSecureHTMLSecrets. Hopefully it helps.

Regards Arshdeep arsh_makker@yahoo.com

197.210.173.141 (talkcontribs)

Good morning I deposited 20 thousand in my acct and the has been removed and did not credit me,,it keep on saying harsh error

Reply to "'invalid hash' error"

Non-static method SecureHTML deprecated

2
DSwissK (talkcontribs)

Deprecated: Non-static method SecureHTML::secureHTMLRender() should not be called statically in /web/wiki/includes/parser/Parser.php on line 3867

Deprecated: Non-static method SpecialSecureHTML::trySubmit() should not be called statically in /web/wiki/includes/htmlform/HTMLForm.php on line 656

Any idea what's wrong ?

Stefahn (talkcontribs)

I get a similar warning every time Secure HTML is called: Strict Standards: call_user_func_array() expects parameter 1 to be a valid callback, non-static method SecureHTML::secureHTMLRender() should not be called statically in /mediawiki/includes/parser/Parser.php on line 4279

Just filed a bug report at https://phabricator.wikimedia.org/T180857

Reply to "Non-static method SecureHTML deprecated"

it wont work with the side bar

1
88.181.108.14 (talkcontribs)

Hi,

i am trying to add some html to side the sidebar and it is not taken,

does it works in the sidebar ?

Thanks

Reply to "it wont work with the side bar"
Peachey88 (Flood) (talkcontribs)

Hi, I want to restrict the special page made for this to only administrators of the wiki, can someone tell me how I do this?

Thanks.

This post was posted by Peachey88 (Flood), but signed as LittleRena.

Stefahn (talkcontribs)

Bumping this since I have the same question.

The manual says "As of version 2.1, the special page is restricted to users who have the 'edit' right".
I can't confirm this since I can access the special page even as an anon.
I didn't set $wgSecureHTMLSpecialRight.

Is this a bug?

Stefahn (talkcontribs)

Just for the record:
I found another way to restrict the special page by using Extension:Lockdown with this code:

$wgSpecialPageLockdown['SecureHTML'] = array('bureaucrat');

Replace "bureaucrat" with the user group that you would like to grant permission to the special page.

Reply to "Restrict Special Page?"

not working with more than 1 key?!

1
Peachey88 (Flood) (talkcontribs)

for me this extension was not working with more than one key in the array...

this is an "error" in the source of SecureHTML.php

$keyname = ($argv['keyname'] ? $argv['keyname'] : $keykeys[0]);

should be replaced with

$keyname = ($argv['hash'] ? $argv['hash'] : $keykeys[0]);

the other version doesnt make sense for me.

This post was posted by Peachey88 (Flood), but signed as 88.73.61.86.

Reply to "not working with more than 1 key?!"
Peachey88 (Flood) (talkcontribs)

When I tried to access "Special:SecureHTMLInput" I get the following error message.

"Fatal error: Cannot redeclare wfsecurehtmlextension() in /home/wiki/public_html/w/includes/specials/SpecialSecureHTMLInput.php on line 45".

This post was posted by Peachey88 (Flood), but signed as Aramsahai.

Peachey88 (Flood) (talkcontribs)

I also get an error and have crossed checked everything.

"Fatal error: Call to a member function addMessages() on a non-object in /home/content/42/4737242/html/wiki/extensions/SecureHTML/SecureHTML.php on line 52"

Furosh (talkcontribs)

I get this error as well upgrading an pretty old version 1.8.4 and performing a Wiki move from current server to new server. Got everything running on new server but Upgrading fails with this error:

[root@wikit maintenance]# php update.php
PHP Fatal error:  Call to a member function addMessages() on a non-object in /var/www/html/mediawiki/extensions/SecureHTML.php on line 52

Were you able to resolve this? If so what did you do?

I also read http://www.mediawiki.org/wiki/Manual_talk:Upgrading#Call_to_a_member_function_addMessage.28.29_on_a_non-object_in Stating "I just commented out the lines. It was no big deal." However, I'm not exactly sure what to comment out and where... =/

Reply to "Fatal error message"
Peachey88 (Flood) (talkcontribs)

Unless i'm missing something this extension is not really secure. The user knows both the key and the input and thus can generate their own hash quite easily. Really the server should have a secret key only it knows about. Bawolff 01:34, 23 April 2010 (UTC) nevermind i misread the code.

This post was posted by Peachey88 (Flood), but signed as Bawolff.

Reply to "not really that secure"
Christharp (talkcontribs)

Hi thanks for a great extension. I just started playing with it, but I was wondering if it's possible to use wikitext variables inside the secureHTML tags. See this thread about raw html:https://www.mediawiki.org/wiki/Thread:Project:Support_desk/template_variables_within_html_tags

Basically I'm looking to solve the same problem, but using this extension so I don't need to use raw html. Can one use the #tag function with this extension? If so any thoughts on how that is done? All the best.

Reply to "Mixing html and wikitext"
Return to "Secure HTML" page.