Manual:$wgAllowUserJs
| Seguridad: $wgAllowUserJs | |
|---|---|
| Allow user JavaScript pages |
|
| Introducido en la versión: | 1.3.0 (r4194) |
| Eliminado en la versión: | aún se usa |
| Valores permitidos: | (booleano) |
| Valor predeterminado: | false (1.3.10+, r7357)true (1.3.0-1.3.9) |
| Otras configuraciones: Alfabéticamente | Por Función | |
Descripción
Enables/disables user JavaScript pages. This enables a lot of neat customizations, but may increase security risk to users and server load. (Personal scripts can only be edited by the owner and interface administrators, but they may still serve as vectors for various social engineering based attacks.)
A related setting $wgAllowUserCss allows/disallows users to use their own CSS files.
Uso
To enable users to perform their own JavaScript, append the following line to your LocalSettings.php file:
$wgAllowUserJs = true;
To disable this function set $wgAllowUserJs to false or delete whole line.
Nota importante
Microsoft Internet Explorer and Mozilla/Firefox allow the embedding of JavaScript into stylesheets using HTC or XBL.
So in order to prevent users from defining JavaScript, you need to disable $wgAllowUserCss as well.