$wgUserHtml = true;
# Allow raw, unchecked HTML in <html>...</html> sections.
-# THIS IS VERY DANGEROUS on a publically editable site.
-# Don't enable it unless you've restricted editing to trusted
-# users only.
+# THIS IS VERY DANGEROUS on a publically editable site, so
+# you can't enable it unless you've restricted editing to
+# trusted users only with $wgWhitelistEdit.
$wgRawHtml = false;
# $wgUseTidy: use tidy to make sure HTML output is sane.
# prefix for escaping, used in two functions at least
define( 'UNIQ_PREFIX', 'NaodW29');
+#define( 'UNIQ_PREFIX', "\x07NaodW29");
# Constants needed for external link processing
define( 'URL_PROTOCOLS', 'http|https|ftp|irc|gopher|news|mailto' );
#$text = str_replace( $uniq_prefix, wfHtmlEscapeFirst( $uniq_prefix ), $text );
# html
- global $wgRawHtml;
- if( $wgRawHtml ) {
+ global $wgRawHtml, $wgWhitelistEdit;
+ if( $wgRawHtml && $wgWhitelistEdit ) {
$text = Parser::extractTags('html', $text, $html_content, $uniq_prefix);
foreach( $html_content as $marker => $content ) {
if ($render ) {