Mabinogi World Wiki is brought to you by Coty C., 808idiotz, our other patrons, and contributors like you!!
Keep this wiki going by contributing to our Patreon!

Change this to a widget

Change this to a widget

We could create a page at Widget:AutoServerStatus and put this inside: <div class="center" style="width: 358px;"><object data="http://shywreaths.org/MabiServerStat/index.php" type="text/html" style="width: 358px; height: 210px; border-width: 0;" standby="Loading Server Statuses"></object></div>

And then on the homepage we would have {{#widget:AutoServerStatus}}. This removes the XSS risk of allowing anyone to use iframes but also makes the code valid XHTML 1.0 Strict because it uses the object tag instead. It also works on all modern browsers, including IE ~小太郎 TALKCONTRIBS 2011:10:11:05:30 (Tuesday)

~小太郎 TALK<sub style="margin-left:-26px 21:30, 10 October 2011

So precisely, what difference does it make?

͟͞ҡ͟͞ε͟͞ѵ͟͞ו͟͞͞η [͟͞т͟͞α͟͞ι͟͞κ]21:43, 10 October 2011
 

Visually, nothing. Apart from that, "This removes the XSS risk of allowing anyone to use iframes but also makes the code valid XHTML 1.0 Strict because it uses the object tag instead." ~小太郎 TALKCONTRIBS 2011:10:11:08:41 (Tuesday)

~小太郎 TALK<sub style="margin-left:-26px 00:41, 11 October 2011
 

i don't think it's needed, the reason we use the Widget extension instead of the Iframe extension is because it's made to be secure against that... http://www.mediawikiwidgets.org/Talk:Iframe#Security_risk.3F

Hengsheng120·TALKCONTRIBS06:48, 11 October 2011
 

What stops other users from making their own iframe widgets? If nothing, then doing this and removing the iframe widget would be safer. Just because the widget isn't as crazy insecure as the other one mentioned doesn't mean it's not a security hole. Though I'm not sure about the whole object tag thing. MediaWiki is HTML, not XHTML so that part is irrelevant.

Saiyr09:41, 11 October 2011

Users can create widget instances at will, so I deleted the iframe widget and made a server status widget. When the actual iframe contents are hosted on the wiki, I think we should be ok.

Saiyr13:16, 11 October 2011
 

OK, thanks. Just a quick question: How does the AutoServerStatus widget work? I had to include the "target" element in my script's links due to the iframe. Is that still needed?

Xcelled19413:28, 11 October 2011

It works the same as before, so yes.

Saiyr13:38, 11 October 2011
 

Thats something to be fixed then, 'Target' is not valid HTML strict... Perhaps we use AJAX instead?

Xcelled19413:50, 11 October 2011
 

Oh, I guess I was wrong. The wiki is supposed to be XHTML strict. I don't see a point in worrying about it because there are a zillion other errors anyway.

Saiyr13:58, 11 October 2011
 

Do what we can in the user code to make the wiki as valid as possible. Even if the wiki code itself is not valid, when they finally do become valid, it would be easier for us since our code is already valid ~小太郎 TALKCONTRIBS 2011:10:11:22:39 (Tuesday)

~小太郎 TALK<sub style="margin-left:-26px 14:39, 11 October 2011

I don't think it is possible to make it valid using iframes.

Saiyr14:54, 11 October 2011
 

Hence my suggestion of Ajax.

Xcelled19414:56, 11 October 2011

Using AJAX defeats the purpose of all of your JavaScript fallback code.

Saiyr15:03, 11 October 2011
 

Remember, using my method, we wouldn't be using iframes anymore, but objects ~小太郎 TALKCONTRIBS 2011:10:11:23:03 (Tuesday)

~小太郎 TALK<sub style="margin-left:-26px 15:03, 11 October 2011

That would make the main page validate but not the included page.

Saiyr15:06, 11 October 2011
 

The included page is counted as a completely different page, so it isn't really "de-validating" the wiki ~小太郎 TALKCONTRIBS 2011:10:11:23:31 (Tuesday)

~小太郎 TALK<sub style="margin-left:-26px 15:31, 11 October 2011
 

IMO, if you're going to worry about validating in the first place, you should be worried about *everything* validating. But my line of caring has crossed, so it's up to you guys.

Saiyr15:41, 11 October 2011
 
 

It looks like object tags don't respect width/height CSS. See the main page.

Saiyr15:11, 11 October 2011

Fixed it. Uses width/height attributes just like iframes.

Saiyr15:13, 11 October 2011
 

You forgot the standby="Loading Server Statuses" attribute! It shows the text when the page is being loaded ~小太郎 TALKCONTRIBS 2011:10:11:23:32 (Tuesday)

~小太郎 TALK<sub style="margin-left:-26px 15:32, 11 October 2011

Fixed.

Saiyr15:42, 11 October 2011
 

You forgot the standby="Loading Server Statuses" attribute! It shows the text when the page is being loaded ~小太郎 TALKCONTRIBS 2011:10:11:23:32 (Tuesday)

~小太郎 TALK<sub style="margin-left:-26px 15:32, 11 October 2011
 

Just tell me when I can remove the target attribute xD.

Xcelled19415:34, 11 October 2011
 

Try removing the target attribute in firebug on the wiki frontpage and then clicking it. If it works and changes the whole page, then you can safely remove it on your site ~小太郎 TALKCONTRIBS 2011:10:11:23:36 (Tuesday)

~小太郎 TALK<sub style="margin-left:-26px 15:36, 11 October 2011

Does not work.

Saiyr15:45, 11 October 2011
 

Google chrome would also work in place of firebug, would it not? That's my tool of choice.

Xcelled19415:55, 11 October 2011
 

Yes, that is what I used to test.

Saiyr16:06, 11 October 2011
 
 
 
Retrieved from "https://wiki.mabinogiworld.com/view/Thread:Template_talk:AutoServerStatus/Change_this_to_a_widget#Change_this_to_a_widget_6539"