Open
Bug 670290
Opened 14 years ago
Updated 1 year ago
Ability to include live bug tiles on wiki.mozilla.org
Categories
(Websites :: wiki.mozilla.org, enhancement)
Websites
wiki.mozilla.org
Tracking
(Not tracked)
NEW
People
(Reporter: faaborg, Unassigned)
Details
(Whiteboard: [mediawiki-bugzilla])
Attachments
(1 obsolete file)
I would like to be able to include inline mockups with live bug tiles on project pages at wiki.mozilla.org. Currently these are hosted elsewhere, for instance: http://areweprettyyet.com/4/firefoxMenu/
I know for security concerns we can't allow inline javascript, and similarly we can't allow iframes.
Is there anything we can do to get these types of mockups with live bug tiles working on wiki.mozilla.org pages? Perhaps whitelisting a particular server where they are hosted? A similar bug 523521 was set invalid a couple of years ago, but I wanted to check in again to see if there is anything we can do.
|
||
Comment 1•13 years ago
|
||
We have a similar extension under development to allow SmartSheet content to be embedded into wiki pages (bug 772192). Additionally, we now have some Bugzilla-Mediawiki integration completed in the form of an extension to MW, that makes it convenient to pull bug data from Bugzilla and embed it into a wiki page (generally in the form of a table or graph of bugs... so perhaps not what you want).
Does either of these sound like a feasible solution?
I think if we are to allow iframes for SmartSheet content, it would be only natural to allow them for your idea as well. The obvious caveat is that it has to be pretty locked-down as to what can be allowed. In the case of SmartSheet, you can only specify the ID of the page you want to embed... you'd probably need to have a similar mechanism.
If the former seems like a good fit for you, feel free to start up an extension (or gather resources for one) that does what you need, and get it reviewed by AppSec (https://wiki.mozilla.org/WebAppSec/Security_Review_Request). Perhaps you can look over what they're doing for SmartSheet and borrow some of that code. Once it's approved by AppSec, we can deploy it easily. :)
|
||
Comment 2•11 years ago
|
||
This sounds like something for the Wiki Working Group to handle.
Severity: normal → enhancement
Component: Server Operations: Projects → wiki.mozilla.org
Product: mozilla.org → Websites
|
||
Updated•11 years ago
|
QA Contact: mzeier
|
||
Updated•10 years ago
|
Whiteboard: [mediawiki-bugzilla]
|
||
Comment 4•1 year ago
|
||
(In reply to Bria Nelson from comment #3)
Created attachment 9381278 [details]
breakrexvembca19841892.txtThanks from liharderid1988.
Attachment is obviously spam but I do not seem to have the ability to delete it :(
|
||
Updated•1 year ago
|
Attachment #9381278 -
Attachment is obsolete: true
You need to log in
before you can comment on or make changes to this bug.
Description
•