MediaWiki 中的 JavaScript
我想在我的 wiki 页面上使用一些 Javascript,但我不知道如何做。我正在使用 Wikia 上的托管解决方案。所以我无法修改安装、添加扩展或修改设置。但我拥有 wiki 的管理员权限,因此我可以访问 MediaWiki 命名空间和 MediaWiki:Common.js。
我想要使用的 javascript (Tangle) 将包含多个页面通用的外部脚本(但不是 wiki 中的所有页面)以及一些特定于每个页面的代码,通常将这种代码内嵌在
问题是,Mediawiki 清理了
更新:新问题
显然 MediaWiki 还清理了 Tangle 严重依赖的 HTML5 数据属性。任何解决该问题的想法都非常受欢迎。
I'd like to use some Javascript on my wiki pages, but I haven't been able to figure out how. I'm using a hosted solution on Wikia. So I am unable to modify the installation, add extensions or hack the settings. But I have admin rights on my wiki so I can access the MediaWiki namespace and MediaWiki:Common.js.
The javascript I want to use (Tangle) will consist of an external script that will be common to a number of pages(but not all pages in the wiki) and some code that will be specific to each page, the kind you would normally put inline in the <script> tag.
The trouble is, Mediawiki sanitizes <script> tags, and I haven't been able to find a way to put them in. I'm trying to make this into an editor-friendly setup that will be used across the wiki, so I'm also trying to avoid hacks and find a proper solution.
Update: New problem
Apparently MediaWiki also sanitizes the HTML5 data attributes, which Tangle relies on heavily. Any ideas on solving that problem is very welcome.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
MediaWiki 不允许在页面中使用
您可以执行以下操作:
编写一些通用 JavaScript 代码,从 MediaWiki 页面上允许的内容(例如隐藏的 )中提取参数。代码>
将类似的内容添加到 MediaWiki:Common.js:
然后,每当用户访问页面“Foo”时,页面“MediaWiki:Tangle/Foo.js”将作为 JavaScript 加载。当然,该页面只能由管理员编辑,但这可能仍然足以满足您的需求。 (您可以使用相同的技巧从其他名称空间中的页面导入 JS,但这会打开一个数英里宽的安全漏洞。)
MediaWiki doesn't allow
<script>tags in pages for obvious reasons: if it did, anyone could use them to inject JavaScript into your wiki and e.g. steal login credentials.There are a couple of things you could do:
Write some generic JavaScript code to extract the parameters from something that is allowed on MediaWiki pages, such as a hidden
<div>. Be careful not to introduce security holes when doing that.Add something like this to MediaWiki:Common.js:
Then, whenever a user visits the page "Foo", the page "MediaWiki:Tangle/Foo.js" will be loaded as JavaScript. Of course, that page will only be editable by admins, but that might still be enough for your needs. (You could use the same trick to import JS from pages in other namespaces, but that would open a security hole miles wide.)