It might be nice to be able to allow raw HTML on protected pages....
James
At 06:13 PM 1/26/05, Brion Vibber wrote:
---snip--- Only certain limited HTML is allowed directly in the wiki text (and it's all combed over for non-explosiveness).
You can embed raw HTML such as forms in <html>...</html> sections by enabling $wgRawHtml, but DO NOT DO THIS ON A PUBLICALLY EDITABLE WIKI! Arbitrary HTML can be used to do all sorts of scurillious things such as embed JavaScript to hijack users' wiki accounts and exploit unpatched browser vulnerabilities to potentially hijack the user's client computer. This is a wiki-wide option, so anyone who can edit must be trusted.
- -- brion vibber (brion @ pobox.com)