Page MenuHomePhabricator

Tags like <embed> are needed
Open, LowPublicFeature

Description

Author: will.pittenger1+wikibugzilla

Description:
I know there are security concerns with <embed>, <object>, and <iframe>. So why not a version of <embed> that allows only files uploaded to Wikimedia servers? This would help me with problems like what I discussed at [http://commons.wikimedia.org/wiki/Commons:Graphic_Lab_School/Images_to_improve#Need_a_way_to_turn_21_seperate_images_into_a_single_app-like_image.]


Version: 1.14.x
Severity: enhancement

Details

Reference
bz16316

Event Timeline

bzimport raised the priority of this task from to Low.Nov 21 2014, 10:26 PM
bzimport set Reference to bz16316.
bzimport added a subscriber: Unknown Object (MLST).

(Just going through some old bugs and updating...)

Discussion linked above got archived to: https://commons.wikimedia.org/wiki/Commons:Graphic_Lab_School/Images_to_improve/Archive/Resolved_2#Need_a_way_to_turn_21_seperate_images_into_a_single_app-like_image.

This sort of request could be handled with something like the EmbedScript extension I did some experiments on last year:
https://www.mediawiki.org/wiki/Extension:EmbedScript

This allows writing arbitrary JavaScript code and HTML to be displayed in an <iframe>, using a separate domain as an in-browser security layer to isolate the running code from the rest of the wiki.

See also bug 54213, a newer tracking bug for more purpose-built systems that the multimedia group may be working on soon...

Aklapper changed the subtype of this task from "Task" to "Feature Request".Feb 4 2022, 11:01 AM
Aklapper removed a subscriber: wikibugs-l-list.