Was reminded of oEmbed stuff recently; see bug 25854 for adding an oEmbed provider to MediaWiki.
It would also be useful in some situations to embed oEmbed-able resources from foreign sites. Simplest implementation would probably be as a parser function:
or to set an embedding size:
Of course there are difficulties with being a safe oEmbed client:
- embedding foreign HTML without sanitization can be dangerous
- performing sanitzation may remove the interesting bits, like the video player :P
Hosting the embed content on a foreign iframe can work nicely, but this is hard to generalize.
A basic extension should probably do:
- provide a domain whitelist control that can be modified by sysops
- consider allowing photos from any domain? (embedding raw images is safe, but of course is a potential image vandalism vector)
- provide some fairly generic-ish way for a 'serve embed data from alternate domain' setup
This will be easier to do if future oEmbed versions add native iframe URL support to the return data.
- T27854 becoming an oEmbed provider