Open main menu


This page is a translated version of the page Manual:$wgRawHtml and the translation is 24% complete.
Other languages:
English • ‎español • ‎magyar • ‎русский • ‎中文 • ‎日本語
HTML: $wgRawHtml


当维基设置$wgRawHtml = true;时,允许您插入原始未检查的HTML。 但是,您必须在<html>...</html>标记中嵌入html,以便MediaWiki可以区分它。

  警告: This is very dangerous on a publicly editable site, because it allows for arbitrary JavaScript code to be inserted, opening the door for session hijacking. Thus, you shouldn't enable RawHtml unless you've restricted editing to trusted users only with $wgGroupPermissions (version 1.3.x and 1.4.x can use $wgWhitelistEdit ). See 手册:阻止访问 for more information on restricting write access.
This option does not affect how wikicode outside of <html>...</html> tags is handled.
If you have $wgRawHtml turned on and you notice some HTML being stripped out, you may need to turn off $wgUseTidy .
MediaWiki版本: 1.29

Since MediaWiki 1.29, the raw HTML tag has no effect in namespace 8 (MediaWiki): phabricator:T156184.

Is enabling raw HTML necessary?

Some HTML tags are permitted in wikitext, even with $wgRawHtml=false. See m:Help:HTML in wikitext. The vast majority of fancy formatting seen on Wikimedia sites is achieved using these limited tags (e.g. tables with CSS style tags). If you can make do with these limitations (leave $wgRawHtml=false), your wiki will be more secure.

Also note that the "limited" wiki syntax is actually a deliberate design feature of wikis. It is a compact simplified markup which is easily understood even by non-technical users, easily visualised in diff displays, and discourages stylistic tinkering in favor of getting on with writing useful/interesting text.


There are a number of extensions which promise to allow more HTML flexibility, while improving the security situation. Some require setting $wgRawHtml=true in conjunction with using the extension, while others offer an alternative.

Another way get custom HTML appearing within your wiki articles is to develop your own tag extension. Do not be tempted to develop an extension which allows arbitrary HTML, otherwise the same serious security issues apply as with setting $wgRawHtml=true.