Closed Bug 523521 Opened 12 years ago Closed 12 years ago

Finding a way to host bugzilla iFrames on (protected template?)


( Graveyard :: Server Operations: Projects, task)

Not set


(Not tracked)



(Reporter: faaborg, Assigned: fox2mike)


[not sure if this is the right component, please change if there is a better place to file bugs]

The Firefox team is now managing all work through, with each major area of work being given a project page.  Each project page is subsequently supposed to link to all of the relevant bugs on for implementation.

Ideally we would be able to use a protected template on that hosted Bugzilla dependency trees in an iFrame, so we wouldn't have to manually manage bug lists across two different sites. (which is tedious and error prone).

I know there are a lot of serious cross site scripting vulnerabilities involved with allowing html on a wiki, but is there anyway we could securely allow for inline dependency trees on
Assignee: server-ops → shyam
Probably the safest thing would be to implement some markup for it in an extension dedicated for that purpose.
Group: infra is pretty neat... Too bad it requires read access to the database, which won't ever happen.
Chris, this is basically looking for a custom MediaWiki extention - any security concerns?
Component: Server Operations: Web Content Push → Server Operations: Projects
(In reply to comment #3)
> Chris, this is basically looking for a custom MediaWiki extention - any
> security concerns?

So an extension that would connect to the bugzilla database to display bugs?
If that is the case, yeah there are security concerns.
I don't think this is going anywhere, been stuck at ideas for a while and we obviously can't allow access to the DB. 

Reopen with better ideas if any?
Closed: 12 years ago
Resolution: --- → INCOMPLETE
Product: → Graveyard
You need to log in before you can comment on or make changes to this bug.