Widget:Iframe: Difference between revisions
(Created page with "<noinclude>__NOTOC__ This widget allows you to embed any web page on your wiki page using an <code>iframe</code> tag. Created by [https://www.mediawikiwidgets.org/User:Sergey_Chernyshev Sergey Chernyshev]. == Using this widget == For information on how to use this widget, see [https://www.mediawikiwidgets.org/Iframe widget description page on MediaWikiWidgets.org]. <big>'''<font color="red">This widget should not be used on a publicly-editable wiki.</font>'''</big> W...") |
No edit summary |
||
| Line 15: | Line 15: | ||
== Copy to your site == | == Copy to your site == | ||
To use this widget on your site, just install [https://www.mediawiki.org/wiki/Extension:Widgets MediaWiki Widgets extension] and copy the [{{fullurl:{{FULLPAGENAME}}|action=edit}} full source code] of this page to your wiki as page '''{{FULLPAGENAME}}'''. | To use this widget on your site, just install [https://www.mediawiki.org/wiki/Extension:Widgets MediaWiki Widgets extension] and copy the [{{fullurl:{{FULLPAGENAME}}|action=edit}} full source code] of this page to your wiki as page '''{{FULLPAGENAME}}'''. | ||
</noinclude><includeonly><iframe src="<!--{$url|validate:url|escape:html|regex_replace:"#^(?!(https?:)?//).*#i":''}-->" style="border: <!--{$border|escape:html|default:0}-->" width="<!--{$width|escape:html|default:400}-->" height="<!--{$height|escape:html|default:300}-->"></iframe></includeonly> | </noinclude><includeonly><iframe src="<!--{$url|validate:url|escape:html|regex_replace:"#^(?!(https?:)?//).*#i":''}-->" style="border: <!--{$border|escape:html|default:0}-->" width="<!--{$width|escape:html|default:400}-->" height="<!--{$height|escape:html|default:300}-->" scrolling="no"></iframe></includeonly> | ||
Revision as of 06:39, July 3, 2023
This widget allows you to embed any web page on your wiki page using an iframe tag.
Created by Sergey Chernyshev.
Using this widget
For information on how to use this widget, see widget description page on MediaWikiWidgets.org.
This widget should not be used on a publicly-editable wiki.
While the URL is validated to be a valid URL, there is no way the widget can check the contents of the page that is included. When enabling this widget, you allow any user that can edit to include any page, including malicious pages (containing trojans, backdoors, viruses etc), pages that brake out of the iframe and pages that look like your site, but actually is a copy used for phishing.
Consider making a widget that is specific to the site you wish to iframe instead. You can also consider adding the sandbox and allow attribute to the iframe, which reduces but does not eliminate the risk of tricking users.
Copy to your site
To use this widget on your site, just install MediaWiki Widgets extension and copy the full source code of this page to your wiki as page Widget:Iframe.
