Replacements for the Widgets extension

From Miraheze Developers Wiki
Jump to navigation Jump to search

Following the permanent removal of the Widgets extension due to a security vulnerability, and the potential for future risk, here are some viable replacement options:


Extensions: the TimedMediaHandler, Video, or YouTube extensions may be viable replacements.


JavaScript:

$( '#discord-widget' ).html( '<iframe src="https://discord.com/widget?id={SERVER_ID}&theme=dark" width="{WIDTH}" height="{HEIGHT}" allowtransparency="true" frameborder="0" sandbox="allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts"></iframe>' );

HTML:

<div id="discord-widget"></div>
  • Add the JavaScript to either MediaWiki:{Skin}.js, or MediaWiki:Common.js
  • Add the HTML to any wiki page or template you wish to display the embedded IFrame.

Note: If the URL you are attempting to frame is blocked by the Miraheze content security policy, it will not work. The current URLs that will work (as of 23 May 2021) are listed below:

url1: '*.miraheze.org'
url2: '*.wikimedia.org'
url3: '*.wikipedia.org'
url4: '*.wikibooks.org'
url5: '*.wiktionary.org'
url6: '*.wikiquote.org'
url7: '*.wikisource.org'
url8: '*.wikiversity.org'
url9: '*.wikinews.org'
url10: '*.wikivoyage.org'
url11: '*.mediawiki.org'
url12: 'mediawiki.org'
url13: '*.wikidata.org'
url14: 'wikidata.org'
url15: '*.wmflabs.org'
url16: '*.google.com'
url17: '*.gstatic.com'
url18: '*.addthis.com'
url19: '*.youtube.com'
url20: '*.youtube-nocookie.com'
url21: 'maxcdn.bootstrapcdn.com'
url22: 'twitter.com'
url23: '*.creativecommons.org'
url24: 'images.uncyc.org'
url25: 'www.mikrodev.com' 
url26: '*.reviservices.com'
url27: '*.twitter.com'
url28: 'www.sciencedaily.com'
url29: '*.googleapis.com'
url30: '*.twimg.com'
url31: 'discordapp.com'
url32: '*.openstreetmap.org'
url33: '*.freenode.net'
url34: '*.sorcery.net'
url35: '*.fontawesome.com'
url36: '*.a.wmflabs.org'
url37: 'nenawiki.org'
url38: '*.cloudytheology.com'
url39: 'i.imgur.com'
url40: 'na.llnet.sims3store.cdn.ea.com'
url41: 'cdn.discordapp.com'
url42: 'm.media-amazon.com'
url43: 'image.tmdb.org'
url44: '*.stripe.com'
url45: '*.twitch.tv'
url46: '*.fastly.net'
url47: '*.facebook.com'
url48: '*.shields.io'
url49: '*.bilibili.com'
url50: '*.163.com'
url51: 'discord.com'
url52: 'googleusercontent.com'
url53: 'imgbox.com'
url54: 'cdnjs.cloudflare.com'
url55: 'cdn.jsdelivr.net'
url56: 'reddit.com'
url57: '*.reddit.com'
url58: 'redd.it'
url59: '*.redd.it'
url60: 'redditmedia.com'
url61: '*.redditmedia.com'
url62: 'dropbox.com'
url63: '*.dropbox.com'
url64: 'dropboxstatic.com'
url65: '*.dropboxstatic.com'
url66: 'disqus.com'
url67: '*.disqus.com'
url68: '*.nicovideo.jp'
url69: 'lh3.googleusercontent.com'
url70: 'db.onlinewebfonts.com'
url71: 'wikiapiary.com'
url72: '*.vimeo.com'
url73: '*.googleusercontent.com'
url74: '*.imgbox.com'
url75: 'www.gnu.org'
url76: 'www.desmos.com'
url77: 'www.recaptcha.net'
url78: 'snap.berkeley.edu'
url79: '*.netease.com'
url80: 'openlayers.org'
url81: 'wikiplus-app.com'
url82: 'minotar.net'
url83: '*.tile.openstreetmap.org'
url84: 'live.staticflickr.com'
url85: '*.pixabay.com'
url86: 'cdn.geogebra.org'
url87: 'docs.blender.org'
url88: 'scratchblocks.github.io'

edit list