On May 15, 2015 2:14 PM, "Jacek Wielemborek" <d33tah(a)gmail.com> wrote:
Hello,
I tried to discuss this on #wikimedia-mobile on Freenode, but nobody
could explain this to me:
I'm building a website that allows the users to view Wikipedia changes
correlated to rDNS names of their editors and I wanted to implement a
"random mode" that allows thm to see all edits made by a given rDNS
domain - the user would just press F5 and see the editor in context like
this:
http://wikispy.wmflabs.org/by_rdns_random/plwiki/.gov.pl
I would definitely prefer to use the mobile version of Wikipedia though
or at least Special:MobileEdit, but both disallow framing. Is there any
specific reason for that? I would guess that this is for security, but I
have to admit I don't know what could be gained by showing the
MobileDiff in a frame.
We're trying to avoid various clickjacking and redressing attacks. If you
prefill an edit form and position the iframe so it only shows the submit
button bellow a "comment form" on your website, you can get other people to
submit your vandalism.
It would be great if someone compiled the styles so that you could pull the
HTML via the api and have everything look right. But I don't know if anyone
has done that.
Cheers,
d33tah
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l