Matthew Nuzum schrieb: > On Mon, Nov 17, 2008 at 10:55 AM, Rick Vanderveer > <[EMAIL PROTECTED]> wrote: >> Hey Waqas, >> After struggling for a long time, we were never able to get the EmbedObject >> macro to work reliably or predictably. We finally gave up and just escape >> to raw html. You need to download a 'raw' parser, as the built-in html >> parser doesn't allow full media control. This is fine for internal-only >> wiki's like ours, but if your wiki is public-facing it is highly advised not >> to use the raw macro (since a knowledgeable user can use it to write >> virtually any code they want, which can be dangerous). > > Creating macros isn't hard, so instead of using RAW another option is > to just create a macro that accepts a single param (the url to the > media file) and then writes the necessary HTML. If you suitably > check/sanitize the URL then it should be safe for public wikis too.
If this doessn't work for you <<EmbedObject(target=http://fredrik.hubbe.net/plugger/test.mpg,url_mimetype=video/mpeg)>> please file a bug report cheers Reimar > > Better yet would be to accept a relative url and let your macro > prepend the domain name. Someone in my company wrote a macro like this > for displaying graphs. > > My concern with the RAW, even in a closed wiki, isn't necessarily > malicious users but clueless/naive users. It's the age-old "blunt > instrument" analogy. Soon you'll your users putting <blink> tags in > your wiki. :-/ > ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Moin-user mailing list Moin-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/moin-user
