Using iframe or script tag in the gitlab wiki


#1

Hi

I would like to embed http://www.bibbase.org in my wiki page. Can I embed iframe or script tags in my gitlab wiki pages?

Or do I have to change the sanitization filter?

greets

Tobias


#2

I figured it out myself:

The following statements have to be added to .../gitlab/markdown/sanitization_filter.rb

# allow script tag and src attribute
whitelist[:remove_contents].delete('script')
whitelist[:elements].push('script')
whitelist[:attributes]['script'] = %w(src)

Then run gitlab-ctl reconfigure.

Please also have look at the docs: http://www.rubydoc.info/gems/html-pipeline/HTML/Pipeline/SanitizationFilter#WHITELIST-constant


#3

I tried to get this to work, and I can’t seem to get it. It just doesn’t show/display the iframe.


#4

Iframe is not a solution (is not possible if you dont want to break the auth system), I have to try a https://github.com/m4tthumphrey/php-gitlab-api, is a excellent piece of code but is like kill a fly with a gun.


#5

Hi @ tobiasschweizer
Where can I access .../gitlab/markdown/sanitization_filter.rb to change it?
Thanks.