On my MediaWiki site I'm about to set
$wgRawHtml = true;
in order to allow YouTube and other embedded content. However, the
manual says (
http://www.mediawiki.org/wiki/Manual:$wgRawHtml):
Warning: This is very dangerous on a publicly editable site, so you
shouldn't enable it unless you've restricted editing to trusted users
only
When it says "very dangerous", what does this mean? Does it for
example enable an exploit that would let someone hack into the
MediaWiki site? Or does it merely allow Javascript that would allow a
malicious person to harm a user's computer if they view the page?
(I'm aware I could use an extension such as
http://www.mediawiki.org/wiki/Extension:VideoFlash but that would
limit me to embedding stuff from just thoase sites it allows.)
--
Philip Hunt, <cabalamat(a)googlemail.com>
Please avoid sending me Word or PowerPoint attachments.
See
http://www.gnu.org/philosophy/no-word-attachments.html