Hi!
A common approach to this is to use the MediaWiki I18N system. You
could define a message key (e.g. "my-iframe-whitelist").
On the Wiki users with the "edit-interface" permission (usually admins)
can then edit the page "MediaWiki:My-iframe-whitelist" and add list of
keys in form of wikitext.
In you extension code you can access this list by using `wfMessage('my-
iframe-whitelist')->plain()` and process it.
--
Robert Vogel
Am Freitag, den 05.04.2019, 05:18 -0700 schrieb Jan Steinman:
> >
> > From: Sigbert Klinke <[email protected]>
> >
> > for my Extension Iframe I have for security reasons a key
> > parameterā¦
> >
> > Is there a way how I can easily allow to edit the key list from
> > theĀ
> > wiki, e.g. for all users with admin rights?
> I don't know about "easily," but if you know some PHP, it shouldn't
> be too hard to make a special-purpose extension to do so, assuming
> the keys are stored in a global variable.
>
> I'd start by looking at existing extensions that do something similar
> to what you want to do, then modifying a copy.
>
> But in looking at your example, I don't really understand what
> security you are gaining by doing this. Surely, someone can guess the
> scheme and type URLs to the browser, no? Or am I missing something
> about this security scheme?
>
> Jan
>
>
> _______________________________________________
> MediaWiki-l mailing list
> To unsubscribe, go to:
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
