Features / Usability

Forum List Topic List

Iframes Broken?

Posted by Epoch18 18 Aug 2008 17:09 GMT-0000 posts: 12

I just recently installed Tiki 2.0, and now whenever I add an iframe html tag into my page, I start to have problems.

I type in this:

Copy to clipboard

< iframe

... and when I save, it changes itself to this:

Copy to clipboard

< if< x >rame

(EDIT: Holy crap, it's happening here too! Even with the code tags, it still won't even display it how I typed it. Please disregard the spaces, but it's the only way I can get it all to show up.)

This used to work perfectly fine before I upgraded.

Just wondering if anyone knew what was going on and had any insight for me.

Much appreciated.

Reads: 6380

Messages: Style: Sort: Search:

Posted by darreln 18 Aug 2008 17:44 GMT-0000 posts: 7

yes, we have discovered this as well. Very annoying.

Is there a workaround to edit this out ? It keeps "reinserting" itself....🙄

Posted by Gary Cunningham-Lee 19 Aug 2008 05:49 GMT-0000 posts: 4664 Japan

This is unintended collateral damage from overzealous protection against script attacks on the site. Most of the vulnerable terms were fixed for normal use, but apparently this one was missed. I don't know of an easy fix/workaround; maybe there'll be a Tiki patch or version upgrade released to fix bugs.

-- Gary

Posted by darreln 19 Aug 2008 14:57 GMT-0000 posts: 7

thanks for the info, chibaguy.

I am new to Tiki; do they typically release a bugfix update after a major release, and if so, is this something that happens fairly quickly, or could this be a months-long wait?

Posted by Gary Cunningham-Lee 21 Aug 2008 02:47 GMT-0000 posts: 4664 Japan

When I asked about this on the dev mailing list, the response was that iframes are security risks for scripting attacks on the site and that a wikiplugin would be a better approach for iframes anyway. So iframe as an HTML tag will probably stay "sanitized" — i.e., this a feature, not a bug 😉.

As fate would have it, I made an iframe plugin a while back, so I committed it to the mods.tw.o repository and asked to have it looked over for any security or efficiency improvements. It's available at mods/wiki-plugins/wikiplugin_iframe and you can see zukakakina.com/wikiplugin_iframe for a demo and the syntax to use. Let me know if there's any problem with this. The plugin will probably either stay in the mods repository or be put in the libs/wiki-plugins-dist/ directory so it will not be immediately available for use in new Tiki installations, but will have to be moved into lib/wiki-plugins/ by the site admin, due to the possible security risk (presumeably there is risk when the site can't be sure of trusted page editors).

-- Gary

Posted by Epoch18 21 Aug 2008 23:59 GMT-0000 posts: 12

Thank you for the iframe mod. It works, however it doesn't seem to be working with what we're trying to use it for: Google Maps. I believe that it the URL may be too advanced, and it's seeing characters that it's not expecting. Here is the code:

Copy to clipboard

{IFRAME(width=425,height=350px,name=frame1,align=center,frameborder=0,marginheight=0px, marginwidth=0px,scrolling=no)}=http://maps.google.com/maps?f=q&amp;hl=en&amp;geocode=&amp;q=Firelake+Grand+Casino,+Shawnee,+OK&amp;ie=UTF8&amp;ll=35.472414,-97.02507&amp;spn=0.249054,0.415421&amp;z=11&amp;iwloc=A&amp;cid=35380463,-97059011,2764343524424922546&amp;output=embed&amp;s=AARTsJpJFP7w3p7cCrdsO6awHYKRPb-PYg{IFRAME}
View Larger Map

The frame itself works, however the URL turns bad.

Posted by Gary Cunningham-Lee 22 Aug 2008 01:54 GMT-0000 posts: 4664 Japan

I tried your url in an iframe plugin at my site and it worked. Notice the url as you pasted it here starts with an equal sign. That should be deleted.

In answer to your pm, the theme at my site is called Ohia and it can be downloaded here: ohia.tag.gz. See also New themes. Not all of these are ready for Tikiwiki 2 yet, though.

-- Gary

Posted by Xavier de Pedro 25 Aug 2008 18:04 GMT-0000 posts: 1817 Catalan Countries

Hi Gary,

A always, nice work you do (themes, useful plugins, etc.): I'm looking forward to cutomize Ohia theme for whatever new Tiki 2 I have to install.

Just a note on a tiny issue, FYI, I've just seen on Ohia (at least).

I was just checking whether tiki-index_p.php was still working (to snarf or get by iframe the central column wiout lateral columns from tiki sites), and it does.
But there must be some problem with css, because, for instance:ç
http://zukakakina.com/tiki-index_p.php?page=wikiplugin_iframe

using Ohia theme, seems to show the text inside the code plugin in black (only shown when selecting text). Tried with FF 3.0.1 under GNU/Linux. See screenshot attached.

Posted by Xavier de Pedro 25 Aug 2008 18:05 GMT-0000 posts: 1817 Catalan Countries

Oups, the attached file is gone (misteriously, after I uploaded it). I try again here

iframe_ohia_text_black_with_black_bg_tiki-index_p.png (71.93 Kb)

Posted by Xavier de Pedro 25 Aug 2008 18:07 GMT-0000 posts: 1817 Catalan Countries

Ah, ok, it was the preview, which previews the post, but loses the link to the attac hed file already oploaded. 😕
Well, anyway, here it is the screenshot:

Posted by void 17 Sep 2008 17:10 GMT-0000 posts: 3

I have the exact same problem - trying to include a "user map" based on gmaps within a wiki page. The only options I have been able to think of are

using an iframe in the wiki
using the script for gmap in the wiki
using an iframe in a dynamic content block
using the script in a dynamic content block
writing some custom php code for a dynamic content block

Unfortunately, all of these are defeated because of the security paranoia - both wiki edits and dynamic content block edits will mangle any script, php, or iframe tags 😑.
Have you been able to find any solutions? I'm okay hacking source files to disable the security tag stripping for admin users if somebody could point to the right files? Thanks.

Posted by GreenLifeInnovatorsAdmin 20 Nov 2008 21:10 GMT-0000 posts: 11

The link http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki/mods/trunk/wiki-plugins/iframe/wiki-plugins/wikiplugin_iframe.php
where the ifame plugin was supposed to be does not work any more.

Regards
Vidar Kristiansen
Oslo Norway.

Posted by dibdibdobs 16 Apr 2009 14:04 GMT-0000 posts: 10

Hi,

The iframe plugin link below is broken. Is it somewhere else or within the Tiki Wiki installation yet?

mods/wiki-plugins/wikiplugin_iframe

Regards,

Robin.

Posted by dibdibdobs 16 Apr 2009 14:55 GMT-0000 posts: 10

Oh I found a link, through another forum thread:-

For those interested:-
http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki/trunk/lib/wiki-plugins/wikiplugin_iframe.php

Regards,

Robin.

Posted by Benjamin Swem 30 Aug 2008 02:58 GMT-0000 posts: 1 United States

Ok I have the iframe plugin, how do I install it?

Posted by Gary Cunningham-Lee 30 Aug 2008 05:27 GMT-0000 posts: 4664 Japan

Just FTP or copy the plugin file to your lib/wiki-plugins/ directory.

Posted by p_rry 05 Apr 2009 15:49 GMT-0000 posts: 63

I tried to download the iframe plugin, but the link given in this thread doesn't seem to work anymore. I'm really interested in this plugin. Is there another place I can get it?

thanks,
Perry

Posted by Gary Cunningham-Lee 05 Apr 2009 16:57 GMT-0000 posts: 4664 Japan

This should work: http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki/trunk/lib/wiki-plugins/wikiplugin_iframe.php

-- Gary

Posted by p_rry 05 Apr 2009 18:29 GMT-0000 posts: 63

Nice! The plugin works great.

thanks,
Perry

Jump to forum:

Features / Usability

Iframes Broken?

About Tiki

Support

Community

Documentation

Development

Legal

Tiki Project Sites

Networks

Navigation and related functionality and content

Related content

Custom Share Module 0.1dev

Features / Usability

Thread actions