On Jan 20, 2015 4:22 PM, "James Forrester" <jforres...@wikimedia.org> wrote: > > On 20 January 2015 at 12:04, Jeroen De Dauw <jeroended...@gmail.com> wrote: > > > > > > - Get rid of wikitext on the server-side. > > > - HTML storage only. Remove MWParser from the codebase. All > > > extensions that hook into wikitext (so, almost all of them?) will > > > need to > > > be re-written. > > > > > > > Just to confirm: this is not actually on the WMF roadmap right? :) > > > > It's certainly not what I'm working on for the next year or so. It is > unlikely to be something we do for WMF usage; it's more valuable to people > that want VisualEditor but want PHP-only (or don't want Node) for the > server. > > J. > --
Hypothetically how would this work? Wouldnt you still need parsoid to verify the html corresponds to some legit wikitext? Otherwise how would you know its safe? Since we are somewhat having a discussion about this (i recognize that this isnt a "real" discussion in the sense that there isnt a full technical proposal, or any concrete plans to actually do it in near future, just a wild idea that some people like), one of the reasons im somewhat skeptical about this idea, is if there is an xss issue, you seem much more screwed with html storage, since now the bad stuff is in the canonical representation, instead of wikitext storage where you can just fix the parser, potentially purge parser cache, and then you are 100% certain your wiki is clean. My second reason for being skeptical is im mostly unclear on what the benefits are over wikitext storage (this is the first time ive heard of the ve w/o parsoid thing. Are there other benefits? Simplifying parser cache by not having parser cache?) I may be misinterpreting how such a thing is proposed to work. Im not very familar with parsoid and associated things. --bawolff _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
