On Tue, 21 Dec 2004 16:32:29 -0800, Brion Vibber brion@pobox.com wrote:
Arbitrary HTML and JavaScript in the MediaWiki: messages is dangerous, and is something that's being phased out. There are a couple reasons for this.
The first is security: on our larger sites we have literally *hundreds* of sysops with permissions to edit these messages.
[snip etc.]
I thought this was likely to be the case.
It would probably be worthwhile to write up the special character inserter as a MediaWiki extension -- then it could be inserted into the wikitext message in a safe, secure way.
It would indeed. A lot of the characters needed for the dictionary are not easy for many people to access. Copy-and-paste is fine, but point-and- click would be much more convenient, if it can be securely reimplemented.
*Muke!