When $wgAllowImageTag is enabled, sysadmins and sysops should be able to manage what values for 'src' are permitted.

It believe $wgAllowImageTag should respect $wgAllowExternalImagesFrom & $wgEnableImageWhitelist.

IMO it should also respect $wgAllowImageTag . However if $wgAllowImageTag also used $wgAllowExternalImages , there is a small semantic change to the variable $wgAllowImageTag . e.g. a wiki might want <img src="..."> but does not want raw image links in the wikitext to be rendered as inline images.

Version: master
Severity: normal
See Also: T12809 T56144