Page MenuHomePhabricator

Tags like <embed> are needed
Open, LowPublicFeature


Author: will.pittenger1+wikibugzilla

I know there are security concerns with <embed>, <object>, and <iframe>. So why not a version of <embed> that allows only files uploaded to Wikimedia servers? This would help me with problems like what I discussed at []

Version: 1.14.x
Severity: enhancement



Event Timeline

bzimport raised the priority of this task from to Low.Nov 21 2014, 10:26 PM
bzimport set Reference to bz16316.
bzimport added a subscriber: Unknown Object (MLST).

(Just going through some old bugs and updating...)

Discussion linked above got archived to:

This sort of request could be handled with something like the EmbedScript extension I did some experiments on last year:

This allows writing arbitrary JavaScript code and HTML to be displayed in an <iframe>, using a separate domain as an in-browser security layer to isolate the running code from the rest of the wiki.

See also bug 54213, a newer tracking bug for more purpose-built systems that the multimedia group may be working on soon...

Aklapper changed the subtype of this task from "Task" to "Feature Request".Feb 4 2022, 11:01 AM
Aklapper removed a subscriber: wikibugs-l-list.