Page MenuHomePhabricator
Create Task
Maniphest T410509

Display Z89/HTML fragments as rich content on Wikifunctions.org, after sanitisation
Closed, ResolvedPublic
Actions

Assigned To
DSmit-WMF
Authored By
Jdforrester-WMF
Nov 19 2025, 1:56 PM
Project Tags
Referenced Files
F71032294: Screenshot 2025-12-12 at 15.40.46.png
Dec 12 2025, 2:53 PM
F71032286: Screenshot 2025-12-12 at 15.40.26.png
Dec 12 2025, 2:53 PM
F71032269: Screenshot 2025-12-12 at 15.51.39.png
Dec 12 2025, 2:53 PM
F71032255: Screenshot 2025-12-12 at 15.51.43.png
Dec 12 2025, 2:53 PM
Subscribers
99of9
DSmit-WMF
Jdforrester-WMF
So9q

Description

Description

We show Z89/HTML fragments in raw code form to users on Wikifunctions.org. This is inimical to usage. Now that we have a sanitisation API, we should re-design how the component works on the front-end so that users can see the rich content, but there are use cases that also want the raw HTML, so we should provide for a mechanism to show that too / instead.

Desired behavior/Acceptance criteria

  • As a user, I should be able to see the rich text form when Z89/HTML fragment components are available, on evaluator results, on test cases, and elsewhere.
  • As a sysadmin, I should be confident that all rendered rich text fragments have been consistently sanitised to avoid XSS / etc. concerns.
  • As a user, I should be able to inspect the raw HTML underlying the fragment, so e.g. I can check the output of a Test case is exactly correct.

Devices and Design (URLs or screenshots)

  • Desktop: ...
  • Small screens/mobile: ...

Completion checklist

  • Functionality:
    • The solution meets the expected behavior/acceptance criteria described above
    • All the child tasks are closed
    • The issue has been peer reviewed
    • The issue has been merged
  • Engineering:
    • There are existing and passing unit/integration tests effectively testing its success and its failure
    • All new classes/methods are covered by unit tests
  • Design:
    • Design review of live version in accordance to design standards
  • Documentation:
    • All new functions/methods are annotated
  • Accessibility:
    • New functionality is compared against the Accessibility guide for developers
    • Accessibility concerns are either address or, if the work is sufficiently large, a new Phabricator ticket is created and linked to this ticket
    • All user facing strings are internationalized

Related Objects
Search...

Event Timeline

Jdforrester-WMF created this task.Nov 19 2025, 1:56 PM
DSmit-WMF subscribed.Nov 19 2025, 2:23 PM

Here are some considerations to take into account when working on this:
• CSS isolation and maintenance – Either we use a minimal generic styling (safe but not representative), or we try to approximate wiki styling. The latter is tricky: wiki CSS varies by skin, wiki, and extensions, and changes over time, so keeping a preview in sync would be a maintenance burden.
Apart from this we get also the risk of previews that are visually misleading.
• User experience/design considerations – Deciding how the toggle works (raw vs. rendered), how prominent it is, and what expectations users should have about its accuracy needs design input.

So9q renamed this task from Let Z89/HTML fragments to be displayed as rich content on Wikifunctions.org, after sanitisation to Display Z89/HTML fragments as rich content on Wikifunctions.org, after sanitisation.Nov 19 2025, 5:31 PM
So9q awarded a token.
So9q subscribed.Nov 19 2025, 5:33 PM
Jdforrester-WMF moved this task from To Triage to Product Backlog on the Abstract Wikipedia team board.Nov 19 2025, 6:42 PM
99of9 subscribed.Nov 19 2025, 9:22 PM
Jdforrester-WMF added a subtask: T411697: Provide an API by which Z89/HTML fragments can be rendered into safe HTML.Dec 3 2025, 9:56 PM
Jdforrester-WMF changed the status of subtask T411697: Provide an API by which Z89/HTML fragments can be rendered into safe HTML from Open to In Progress.Dec 9 2025, 9:36 PM
DSmit-WMF added a comment.Dec 12 2025, 2:53 PM

I did some sketches on this:

Screenshot 2025-12-12 at 15.51.43.png (1,284×1,018 px, 112 KB)
Screenshot 2025-12-12 at 15.51.39.png (1,272×1,074 px, 92 KB)
Wikifunctions: Show sourceWikifunctions: Show rendered
Screenshot 2025-12-12 at 15.40.26.png (1,416×1,010 px, 144 KB)
Screenshot 2025-12-12 at 15.40.46.png (1,418×1,010 px, 120 KB)
Visual Editor: Show sourceVisual Editor: Show rendered
Jdforrester-WMF triaged this task as Medium priority.Jan 7 2026, 3:24 PM
Jdforrester-WMF closed subtask T411697: Provide an API by which Z89/HTML fragments can be rendered into safe HTML as Resolved.
Jdforrester-WMF moved this task from Product Backlog to Engineering Backlog on the Abstract Wikipedia team board.
In T410509#11454775, @DSmit-WMF wrote:

I did some sketches on this:

Screenshot 2025-12-12 at 15.51.43.png (1,284×1,018 px, 112 KB)
Screenshot 2025-12-12 at 15.51.39.png (1,272×1,074 px, 92 KB)
Wikifunctions: Show sourceWikifunctions: Show rendered
Screenshot 2025-12-12 at 15.40.26.png (1,416×1,010 px, 144 KB)
Screenshot 2025-12-12 at 15.40.46.png (1,418×1,010 px, 120 KB)
Visual Editor: Show sourceVisual Editor: Show rendered

Looks great! This is now ready to be done whenever someone has the time.

gerritbot added a comment.Jan 13 2026, 2:26 PM

Change #1217769 had a related patch set uploaded (by Jforrester; author: Daphne Smit):

[mediawiki/extensions/WikiLambda@master] wip on html render toggle

https://gerrit.wikimedia.org/r/1217769

gerritbot added a project: Patch-For-Review.Jan 13 2026, 2:26 PM
DSmit-WMF changed the task status from Open to In Progress.Jan 13 2026, 4:03 PM
DSmit-WMF claimed this task.
DSmit-WMF moved this task from Engineering Backlog to 26Q3 (Jan–Mar) on the Abstract Wikipedia team board.Jan 14 2026, 1:21 PM
DSmit-WMF edited projects, added: Abstract Wikipedia team (26Q3 (Jan–Mar)); removed: Abstract Wikipedia team.
DSmit-WMF moved this task from Incoming to In Engineering on the Abstract Wikipedia team (26Q3 (Jan–Mar)) board.
DSmit-WMF moved this task from In Engineering to In Code review on the Abstract Wikipedia team (26Q3 (Jan–Mar)) board.
gerritbot added a comment.Jan 15 2026, 4:37 PM

Change #1217769 had a related patch set uploaded (by Jforrester; author: Daphne Smit):

[mediawiki/extensions/WikiLambda@master] Add HTML fragment render toggle with sanitization

https://gerrit.wikimedia.org/r/1217769

Jdforrester-WMF moved this task from In Code review to Ready to deploy on the Abstract Wikipedia team (26Q3 (Jan–Mar)) board.Jan 20 2026, 5:51 PM
Jdforrester-WMF added a project: MW-1.46-notes (1.46.0-wmf.13; 2026-01-27).
Jdforrester-WMF moved this task from Ready to deploy to Needs Sign-off on the Abstract Wikipedia team (26Q3 (Jan–Mar)) board.Feb 9 2026, 12:40 PM
Jdforrester-WMF closed this task as Resolved.Feb 9 2026, 12:49 PM
DSantamaria added a project: Essential-Work.Apr 7 2026, 1:50 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits