FANDOM


  • Edit: The retirement date has been pushed back to Friday, November 6th This has been edited below to reflect the new date.

    Verbatim is a Wikia tool to inject HTML code into pages with minimal effort and fuss. You’ve done some amazing things with it. It’s also insecure and dangerous.

    You may recall that we had a security issue back in August, which we talked about here in the forum. Since then, we’ve been performing a complete security audit on Wikia to ensure that the site is as secure as it can be. We’ve made a significant number of improvements on the back end already, and we’ll continue to roll out new features going forward, like the Javascript review process and MediaWiki whitelist and the new form to report security concerns.

    Unfortunately, one fact has become clear: Verbatim can’t survive on Wikia in its current form. It’s far too vulnerable to malicious code. That means we have to remove this particular functionality from Wikia, and we’re doing so on Monday, November 2nd Friday, November 6th.

    However! This may seem like I am bringing you a problem, but I am also bringing you solutions. We’ve devised a path forward for the vast majority of Verbatim use cases, and in many cases the solutions have already been well-documented on our help pages.

    Far and away, the most common use case for Verbatim is to embed Twitter feeds and posts. That’s why we’ll be using an script developed in conjunction with the Volunteer Developer team to convert all Twitter embeds that still use Verbatim into the new, safe format outlined on Help:Social media integration. This script will be run before Verbatim is retired, and you’re welcome to make the switch in the interim.

    I encourage you to take a look at our notes on personal and community CSS/JS, as they’ll be helpful going forward. The other most common uses are covered by existing features, all of which have help pages:

    These features represent the overwhelming majority of Verbatim usages. If you have questions - technical or otherwise - we can answer them below, and always feel free to contact Special:Contact.

      Loading editor
    • How can i add iframe code to wikia page from now on?

        Loading editor
    • You say it "injects HTML code", does this mean that typing coding directly into pages will no longer work? Because I like fancy font. :(:P

        Loading editor
    • Kirkburn
      Kirkburn removed this reply because:
      Duplicate info
      21:41, October 26, 2015
      This reply has been removed
    • Superman: as long as it's approved by the JavaScript review process, you can use JS for that.

      LordWeirdo: anything that MediaWiki renders is still fair game. As the Help page states, though, that means <a> (anchor), <script> and <style> tags are going away.

        Loading editor
    • I see. Danke.

        Loading editor
    • Has there been a fix to allow the new Twitter feed to work in MediaWiki:Community-corner like Verbatim currently allows?

        Loading editor
    • DEmersonJMFM wrote:
      Has there been a fix to allow the new Twitter feed to work in MediaWiki:Community-corner like Verbatim currently allows?

      We're aware of this use case and are currently looking at the best way to incorporate similar functionality long-term.

        Loading editor
    • DaNASCAT wrote:

      We're aware of this use case and are currently looking at the best way to incorporate similar functionality long-term.

      So this is likely not going to be fixed/added by the time verbatim is turned off? If so, that's a bummer to our rail.

        Loading editor
    • I don't understand, what was being unsecure about using such codes to present content from social sites?

        Loading editor
    • Is there anything you can do about w:c:mlp:MLP Personality Quiz (MW page)? I believe it's an asset you created or have access to. It has always been a little unstable, working for some users and not for others at various times.

        Loading editor
    • Emerson: probably not, but hopefully it will be sooner rather than later.

      Energy: since that code is being generated off-Wikia, we can't know what its effect is going to be when it's imported onto our pages. And that's unfortunately a big security hole.

        Loading editor
    • Speaking of HTML codes, there is what we call marquee here. If anyone may look closely at my message wall greeting here, you will notice a badge that slides from left to right repeatedly. And to totally tell, it is powered up by verbatim, as proven in these two pages. If verbatim will be disabled soon, could there be any easy solution to use any marquee HTML code sets, like the ones that were done for embedding SoundCloud and Spotify audio? As far as I believe, marquee is safe, as it can scroll any text and even images from side to side or up to bottom.

      Or should I contact Wikia about this?

        Loading editor
    • Pinkgirl234 wrote: Speaking of HTML codes, there is what we call marquee here.

      markee should die in a fire

        Loading editor
    • Ciencia Al Poder wrote:

      markee should die in a fire

      Why do you think so?

        Loading editor
    • Pinkgirl234 wrote:
      Speaking of HTML codes, there is what we call marquee here. If anyone may look closely at my message wall greeting here, you will notice a badge that slides from left to right repeatedly. And to totally tell, it is powered up by verbatim, as proven in these two pages. If verbatim will be disabled soon, could there be any easy solution to use any marquee HTML code sets, like the ones that were done for embedding SoundCloud and Spotify audio? As far as I believe, marquee is safe, as it can scroll any text and even images from side to side or up to bottom.

      Or should I contact Wikia about this?

      Tardis Data Core wiki has the same problem with Soundcloud, they cleaned up all the Verbatim links a few days ago, adding the relevant pages to a category so they can deal with it when a solution is found.

        Loading editor
    • It is quite unlikely we would add support for marquee, to be honest - but both CSS and JS provide options for animation. CSS animation in particular is likely a better replacement as it is simple, while often smoother and more flexible.

        Loading editor
    • Kirkburn wrote: It is quite unlikely we would add support for marquee, to be honest - but both CSS and JS provide options for animation. CSS animation in particular is likely a better replacement as it is simple, while often smoother and more flexible.

      Well Plants vs. Zombies Wiki actually uses some marquee MediaWiki pages. Right now I am researching for Marquee JavaScript codes, and if these are effective for Wikia use, then how does one use marquee on a specific area without affecting other areas? Like for a certain page? (Take note I only search for safe JavaScript code.)

        Loading editor
    • Pinkgirl234 wrote:

      Kirkburn wrote: It is quite unlikely we would add support for marquee, to be honest - but both CSS and JS provide options for animation. CSS animation in particular is likely a better replacement as it is simple, while often smoother and more flexible.

      Well Plants vs. Zombies Wiki actually uses some marquee MediaWiki pages. Right now I am researching for Marquee JavaScript codes, and if these are effective for Wikia use, then how does one use marquee on a specific area without affecting other areas? Like for a certain page? (Take note I only search for safe JavaScript code.)

      There is a difference between what JS affects and where it needs to run. If you want all users to see the JS in action, it needs to be in sitewide JS pages. As for restricting the effect to a specific page, you can do that with JQuery, since each page should have a body class based on its name.

        Loading editor
    • Fandyllic wrote:

      Pinkgirl234 wrote:

      Kirkburn wrote: It is quite unlikely we would add support for marquee, to be honest - but both CSS and JS provide options for animation. CSS animation in particular is likely a better replacement as it is simple, while often smoother and more flexible.

      Well Plants vs. Zombies Wiki actually uses some marquee MediaWiki pages. Right now I am researching for Marquee JavaScript codes, and if these are effective for Wikia use, then how does one use marquee on a specific area without affecting other areas? Like for a certain page? (Take note I only search for safe JavaScript code.)

      There is a difference between what JS affects and where it needs to run. If you want all users to see the JS in action, it needs to be in sitewide JS pages. As for restricting the effect to a specific page, you can do that with JQuery, since each page should have a body class based on its name.

      You can also do it without jQuery and page classes via wgPageName.

        Loading editor
    • what bout flag counters

        Loading editor
    • Idc much about verbatim, but it seems to me like verbatim makes it easier to get the code wrong than blocking JS, due to the fact that unsecure verbaitm tags can be abused by all community members. For example, this template over the Club Penguin Wiki had been powered by verbatim that allowed you to inject scripts for about a year, and only then we disabled it (fortunately it was never abused). So although it's good that verbatim's retirement is near, perhaps it would be a good idea to think it through, to make sure that there is no major increase in code review requests, as a result.

        Loading editor
    • Oh and speaking of verbatim, does anyone know of an incident where verbatim has been abused by using it for malicious coding?

        Loading editor
    • I personally do not know of any such time but leaving a known attack vector open is completely unacceptable.

        Loading editor
    • Are verbatim tags removed for ever?

        Loading editor
    • PhilippL wrote: Are verbatim tags removed for ever?

      How may i put this? Here's a hint:

      while (true) {
      	console.log("Verbatim still doesn't work");
      }

      The upper block of code would stop running before Verbatim is added back.
      (if you didn't get the joke, do me a favor and don't attempt to execute this please)

        Loading editor
    • This is too complex for me, I've tried multiple times to get our twitter feed working on Tokupedia for the transition. Can a Staff admin assist other sites in the transition?

        Loading editor
    • Ducksoup wrote: This script will be run before Verbatim is retired, and you’re welcome to make the switch in the interim.

      This is all we really need, especially because verbatim is used so often for twitter feeds.

        Loading editor
    • Kirkburn wrote:
      It is quite unlikely we would add support for marquee, to be honest - but both CSS and JS provide options for animation. CSS animation in particular is likely a better replacement as it is simple, while often smoother and more flexible.


      Hi George! Not sure if you remember me from another wiki, but I want to know if I'm getting the right conclusion... So, for now, the usage of FLAGcounter is officially out of question, correct? Also, to my understanding, a lot of the polls when it comes to Recipes Wiki were created using Verbatim, is there any way to keep those voting data?

        Loading editor
    • We use it for injecting page specific CSS, but I'll look into migrating that into the master CSS instead. Thanks for thinking of security first.

        Loading editor
    • Xxsammmsammmxx: send in poll examples to Special:Contact and we'll give them a look. The flag counter is interesting, but a privacy concern - we don't like data from Wikia visitors being served to unknown third parties. It would have to be approved by the JS review process, and it's quite possible it would fail the checks.

        Loading editor
    • Well. Though I'm a total JavaScript noob, I'm going to attempt to represent my mood using it.

      function mood (a, b) {
          return a * b;
      }
       
      if (mood > 10) {
          console.log("I'm fine with this");
      } if (mood < 10) {
          console.log("Screw this");
      } else {
          console.log("I don't even know");
      }
       
      mood(5, 2);
        Loading editor
    • So...how long would editing be down for this change, when the date strolls around?

        Loading editor
    • I don't think there should be any loss of editing time.

        Loading editor
    • The Crusader of Truth: I do not believe the change will require any downtime. Verbatim will simply stop having any effect, and no 'broken code' will even be left behind (it'll still be in the wikitext, but it won't render anything on the article).

        Loading editor
    • It would be nice if Wikia started a thread or some other support mechanism to help wikis who will have lost the functionality that verbatim provided and help them find alternative solutions. Something better or similar to my "MediaWiki pages that should be whitelisted, but aren't" thread.

        Loading editor
    • Penguin-Pal wrote:

      PhilippL wrote: Are verbatim tags removed for ever?

      How may i put this? Here's a hint:

      while (true) {
      	console.log("Verbatim still doesn't work");
      }

      The upper block of code would stop running before Verbatim is added back.
      (if you didn't get the joke, do me a favor and don't attempt to execute this please)

      I get the joke. In other words, good luck waiting for the return of Verbatim, right?

        Loading editor
    • Fandyllic: we're quite happy for this thread to be used for that purpose. Specific solutions can be broken out into their own threads, if/when it makes sense.

        Loading editor
    • Will the timer on my wiki break?

        Loading editor
    • Kirkburn wrote: Fandyllic: we're quite happy for this thread to be used for that purpose. Specific solutions can be broken out into their own threads, if/when it makes sense.

      Trust me, the name of the thread needs to match what it is used for... people don't think too hard when doing google or wiki searches... Someone could see "Verbatim's Future on Wikia" and think, "Yay, Verbatim has a future on Wikia... now where is that thread about Verbatim not working..."

        Loading editor
    • The Terra Battle Wiki currently uses verbatim with javascript for our daily trackers. We also have iframes for an embedded Google Spreadsheet and Form.

      Any tips on how to keep these functionalities?

        Loading editor
    • Looks like there's not too many on that rotation, so you could do this with a switch.

      See http://guildwars.wikia.com/wiki/Template:Nicholas_the_Traveler?action=edit

        Loading editor
    • Any word on Google+ widgets?

        Loading editor
    • I for one have no idea what Verbatim is/was, so… idc

        Loading editor
    • Will this Verbatim use be allowed?

      http://spongebob.wikia.com/wiki/User:AW10/countdown

        Loading editor
    • AW10 wrote: Will this Verbatim use be allowed?

      http://spongebob.wikia.com/wiki/User:AW10/countdown

      It is not a matter of allowing, after November 2 verbatim just completely stops working, rendering that page and the templates it uses unusable. Mainframe98 wall·edits

        Loading editor
    • A wiki I manage is hugely dependent on Javascript/jQuery injected via verbatim tags. How will I be able to restore the functionality of these features without verbatims? Is there some new way to apply JS to pages?

        Loading editor
    • TiberiumFusion wrote: A wiki I manage is hugely dependent on Javascript/jQuery injected via verbatim tags. How will I be able to restore the functionality of these features without verbatims? Is there some new way to apply JS to pages?

      I believe so but to try finding some ways could go cimplicated. I mean I wanted to have some marquee in my wiki but I am not sure if it may really work.

        Loading editor
    • Pinkgirl234 wrote:

      TiberiumFusion wrote: A wiki I manage is hugely dependent on Javascript/jQuery injected via verbatim tags. How will I be able to restore the functionality of these features without verbatims? Is there some new way to apply JS to pages?

      I believe so but to try finding some ways could go cimplicated. I mean I wanted to have some marquee in my wiki but I am not sure if it may really work.

      Well, marquee isn't even standardized in HTML, so it's really not a good idea to rely on it at all. According to MDN, it is still around only in favor of backwards compatibility... which is a bit strange, because most old websites that use it are probably old and are not being maintenanced.


      Anyway, you can use JS pages for creating and inserting elements, which can actually be better than relying on verbatim.

        Loading editor
    • A lot of JS functionality doesn't need to be run in page-specific contexts, and can be moved to the community JS pages - Help:Community CSS and JS. (As mentioned above, if the JavaScript review process is not already enabled on your community, just ask us to flip it on via Special:Contact/general.)

      FishTank: no current plans for Google+ widgets, though I wouldn't rule it out.

        Loading editor
    • <sarcasm>

      Wow.

      Thanks a lot.

      Goodjob staff.

      </sarcasm>

        Loading editor
    • No google plus support though. Not that I'll mess up much though.

      Edit: Does this mean you'll be unlocking all MediaWiki pages then (other than JS ones anyways) since we won't be able to inject them?

        Loading editor
    • Fewfre wrote:
      Does this mean you'll be unlocking all MediaWiki pages then (other than JS ones anyways) since we won't be able to inject them?
      Yes, please. I thought MW messages were already sanitized against alternative-to-wikitext HTML anyway! Is this the case?
        Loading editor
    • Removing Verbatim certainly does reduce the risk of unlocking MediaWiki namespace pages - but it does not eliminate the problem entirely, unfortunately. Security reviews of each message are still warranted, so we'll be continuing to expand the whitelist in the short term.

      We know whitelist expansion has slowed recently (due to limited developer resources), but we have a list that we're continuing to work down. I'll make sure it's at the forefront of the team's minds.

        Loading editor
    • Thanks for the reply! Any time estimate on when most of the pages will be whitelisted?

        Loading editor
    • Unfortunately not - each message can require a different amount of work to review (and, potentially, fix). It's very much an ongoing project - we've not set an end date.

        Loading editor
    • Is there a way to at least let us delete MW pages that aren't used anymore? We had some javascript and CSS MW pages that I have since moved into the the Common.css and whitelisted Javascript pages. But now the old pages are locked and I can't get rid of them.

        Loading editor
    • I've replaced the verbatim tags for the Twitter and Facebook widgets on Yu-Gi-Oh! (and as a result, w:c:ygo:MediaWiki:TwitterWidget and w:c:ygo:MediaWiki:FacebookEmbed can be deleted), but our main page still loads some CSS and JS via verbatim and I don't know if it's still needed.

        Loading editor
    • With inclusion of this... <script src="https://apis.google.com/js/platform.js" async defer></script> ... Google+ +1 buttons and all badges/widgets can be made with divs, just like Facebook.

      See: https://developers.google.com/+/web/badge/

        Loading editor
    • Kushieda minori wrote: Is there a way to at least let us delete MW pages that aren't used anymore? We had some javascript and CSS MW pages that I have since moved into the the Common.css and whitelisted Javascript pages. But now the old pages are locked and I can't get rid of them.

      Just send a note into Special:Contact/general with links, and we can get them deleted for you.

        Loading editor
    • For the most part, I'm fine with this move as it will make the Wikia domain more resistant to JS/DOM injection exploits and thus more secure.

      Am I the only one ditching a couple videos in some pages to make this move viable? I was also wondering what the error sign would look like for usage of "verbatim" in pages. I think it should be a transparent "page broken" logo that links to this thread or something.

      PS: When someone comments one something's future somewhere, I automatically imply that its dire. Sometimes, I am pleasantly surprised and its an update. This is a rare occurence of course.

        Loading editor
    • Speedit wrote: I was also wondering what the error sign would look like for usage of "verbatim" in pages. I think it should be a transparent "page broken" logo that links to this thread or something.

      Any visible effects of a Verbatim tag should simply disappear from the rendered page - no broken code or error message will be left in its place.

        Loading editor
    • Kirkburn wrote:

      Speedit wrote: I was also wondering what the error sign would look like for usage of "verbatim" in pages. I think it should be a transparent "page broken" logo that links to this thread or something.

      Any visible effects of a Verbatim tag should simply disappear from the rendered page - no broken code or error message will be left in its place.

      So verbatim will have CSS display:none; on it and the Wikia server will remove it from the page before transmitting it, right?

        Loading editor
    • No, Verbatim will no longer be parsed at all. If it was set to display:none; the code would be executed, just not displayed. That would still be enough to cause security errors. Verbatim just won't work period.

        Loading editor
    • How do I determine if the wiki I edit at is using Verbatim? I don't think it is, but much of the core infrastructure has been in place since before I started editing so I want to verify.

        Loading editor
    • use the Special:TagsReport on your wiki and select the Verbatim tag.

        Loading editor
    • Okay.

        Loading editor
    • Thanks, I verified there are non on the military wiki. Is there a report that lists the Wiki's that have a tag?

        Loading editor
    • RansomTime wrote: Looks like there's not too many on that rotation, so you could do this with a switch.

      See http://guildwars.wikia.com/wiki/Template:Nicholas_the_Traveler?action=edit

      Thanks. Looks like this will work.


      Still need an answer for our embedded Google spreadsheet/form. Will we still be able to do this?

        Loading editor
    • 64bit wrote:

      Still need an answer for our embedded Google spreadsheet/form. Will we still be able to do this?

      No, because that's based on an iframe, which will definitely NOT work.

        Loading editor
    • 64bit wrote:

      RansomTime wrote: Looks like there's not too many on that rotation, so you could do this with a switch.

      See http://guildwars.wikia.com/wiki/Template:Nicholas_the_Traveler?action=edit

      Thanks. Looks like this will work.


      Still need an answer for our embedded Google spreadsheet/form. Will we still be able to do this?

      Worst case scenario - you have a long night trying to recode it using the wikitable format. This may be your only answer - the move will plug some gaps but will kill a few features. Best case scenario (doubtful tho) - there is some other more direct way to get it in the page.  Speedit   talk contribs  20:43, October 28, 2015 (UTC)

      EDIT: Just realised that the only way to do so is the same - you're now stuck with wikitabling.  Speedit   talk contribs 

        Loading editor
    • Thanks for the answers, you two. For now, I guess I'll just leave the links to them and hope people don't mind opening a new window to fill in the spreadsheet.

        Loading editor
    • Yeah.CC is pretty helpful, especially you, Ducksoup.

        Loading editor
    • So none of this nonsense, then?

        Loading editor
    • Ducksoup wrote:
      Unfortunately, one fact has become clear: Verbatim can’t survive on Wikia in its current form. It’s far too vulnerable to malicious code. That means we have to remove this particular functionality from Wikia, and we’re doing so on Monday, November 2nd.


      its already been removed, hasnt it? it hasnt been usable on any wikis i edit on for several months.

        Loading editor
    • You could ask WIkia if you can get Extension:GoogleDocs4MW installed?

        Loading editor
    • Fandyllic wrote: You could ask WIkia if you can get Extension:GoogleDocs4MW installed?

      Oh, thanks for pointing this out! I hadn't noticed, but this extension and the Google Form Tag Extension were already installed on our wiki. Looks like we'll be able to retain these functionalities after all!

        Loading editor
    • I always use verbatim specially on the mainpage and it will get it's retirement. I need to rewrite everything on the mainpage. That is really a hardwork:(

        Loading editor
    • You're about to completely wreck my main page as well(not Twitter/Facebook-related). Don't you think less than a week is a bit short notice?

        Loading editor
    • LordTBT wrote: You're about to completely wreck my main page as well(not Twitter/Facebook-related). Don't you think less than a week is a bit short notice?

      That is true.
      They give us less than a week to arrange everything. I have so many things to do on real life.

        Loading editor
    • How can I post my Twitter feeds on my wiki if this was removed? 

        Loading editor
    • The deadline is getting near...

        Loading editor
    • Milkandchocolate wrote:

      LordTBT wrote: You're about to completely wreck my main page as well(not Twitter/Facebook-related). Don't you think less than a week is a bit short notice?

      That is true.
      They give us less than a week to arrange everything. I have so many things to do on real life.

      September 2, 2015 and, more so, September 16, 2015 were foreshadowing of Verbatim's demise.

        Loading editor
    • DEmersonJMFM wrote:

      Milkandchocolate wrote:

      LordTBT wrote: You're about to completely wreck my main page as well(not Twitter/Facebook-related). Don't you think less than a week is a bit short notice?

      That is true.
      They give us less than a week to arrange everything. I have so many things to do on real life.

      September 2, 2015 and, more so, September 16, 2015 were foreshadowing of Verbatim's demise.

      The Wikia staff have cited working for a long time on multiple security issues and upgrades in the MediaWiki block threads so this change was probably coming even longer before that.

      With thanks to the staff who prioritize the safety of users over the use of features on the domain.  Speedit   talk contribs 

        Loading editor
    • How can i put a searc bar to a page after it is removed?

        Loading editor
    • Quackerpingu wrote: How can i put a searc bar to a page after it is removed?

      You could add an inputbox:

      <inputbox>
      type=search
      </inputbox>
      

      Which gives:

        Loading editor
    • Penguin-Pal wrote:

      Quackerpingu wrote: How can i put a searc bar to a page after it is removed?

      You could add an inputbox:

      <inputbox>
      type=search
      </inputbox>
      

      Which gives:

      Thank you :)

        Loading editor
    • FYI: We've started up the Twitter conversion script, under the WikiaBot account. It'll likely take a little while to get round all of the usages.

        Loading editor
    • Kirkburn wrote: FYI: We've started up the Twitter conversion script, under the WikiaBot account. It'll likely take a little while to get round all of the usages.

      Though, a community that is unaware of this thread is probably inactive, and so can their twitter account be.

        Loading editor
    • Quackerpingu wrote:

      Penguin-Pal wrote:

      Quackerpingu wrote: How can i put a searc bar to a page after it is removed?

      You could add an inputbox:

      <inputbox>
      type=search
      </inputbox>
      

      Which gives:

      Thank you :)

      BTW, the first time i saw use of verbatim was here: http://catali2016.wikia.com/wiki/Test . MAKE TO BALLOONS!!!

        Loading editor
    • How do you do CSS/JC in general ?

        Loading editor
    • Withersoul 235 wrote: How do you do CSS/JC in general ?

      CSS and JS are commonly stored in MediaWiki:Wikia.css MediaWiki:Common.js, respectively (see this for more info about what pages are used for adding CSS/JS).

      If you want to start learning those languages, there are some really good guides online. There are some really good ones on YouTube as well, if you prefer videos. Give it a quick search (e.g. "css tutorial") and you'd get some good results.

        Loading editor
    • Penguin-Pal wrote:

      Withersoul 235 wrote: How do you do CSS/JC in general ?

      CSS and JS are commonly stored in MediaWiki:Wikia.css MediaWiki:Common.js, respectively (see this for more info about what pages are used for adding CSS/JS).

      If you want to start learning those languages, there are some really good guides online. There are some really good ones on YouTube as well, if you prefer videos. Give it a quick search (e.g. "css tutorial") and you'd get some good results.

      Some educational "spam": I found some great course-based learning opportunities from Codeacademy, which you may visit here. This site supports color-coding syntax and a modular lesson approach - very beginner-friendly and provides challenge to those who want it.

      PS: It requires a registration and login.  Speedit   talk contribs 

        Loading editor
    • Pinkgirl234 wrote: Oh and speaking of verbatim, does anyone know of an incident where verbatim has been abused by using it for malicious coding?

      Yes, on wikis here at Wikia. I will not discuss any specific security flaw in further detail, except to say that it cannot be fixed easily.

        Loading editor
    • And we quite thank you for that, Vandraedha!

        Loading editor
    • You closed down 73 doors for us, and only opened a few back up. How are we to include perfectly fine iframe embeds provided by the likes of Google Insight? I very much wish Wikia doesn't only cater to the majority. This is infringing the liberties and rights of the minority.

        Loading editor
    • Mfaizsyahmi wrote: This is infringing the liberties and rights of the minority.

      No it doesn't. Verbatim is a security attack vector and someone could use this to attempt to hack accounts or steal passwords from anyone who goes to a page with the vector placed in it. I am quite happy to see it go, there are way better methods for all the uses of it.

      If your use of verbatim can't be replicated, then ask yourself whether you really need that feature or if it is possible to do it in another method entirely that does not compromise the security of other users of the site.

        Loading editor
    • SuperSajuuk wrote:

      Mfaizsyahmi wrote: This is infringing the liberties and rights of the minority.

      No it doesn't. Verbatim is a security attack vector and someone could use this to attempt to hack accounts or steal passwords from anyone who goes to a page with the vector placed in it. I am quite happy to see it go, there are way better methods for all the uses of it.

      If your use of verbatim can't be replicated, then ask yourself whether you really need that feature or if it is possible to do it in another method entirely that does not compromise the security of other users of the site.

      Isn't leaving a security flaw alone infringing the rights of the users of the Wikia domain? And not hypothetically, by law - clause 4 of the EU Data Protection Directive and clause 7 of the UK Data Protection Act declare that personal data must be secured against unauthorised/unlawful loss, destruction or damage. EDIT: However as SuperSajuuk corrected in later post, Wikia hosts in the US and follows US law on data protections. The US legislation on these is based on precedent though companies have recieved sucessful lawsuits over this.

      However, I hope that any instances where the secure embedding of social networking or video elements not working are more deeply investigated.

       Speedit   talk contribs  18:29, October 29, 2015 (UTC)

        Loading editor
    • WOWE COLE

      Go to the hell
        Loading editor
    • Mfaizsyahmi wrote:
      You closed down 73 doors for us, and only opened a few back up. How are we to include perfectly fine iframe embeds provided by the likes of Google Insight? I very much wish Wikia doesn't only cater to the majority. This is infringing the liberties and rights of the minority.
      Your account and privacy may as well be on the other side of those 73 doors. Everyone else realizes the security risk, and that this "feature" is being removed for a very good reason. Please try to understand that reason.
        Loading editor
    • And wequite you 
      Télécharger (1)
        Loading editor
    • Ducksoup wrote: And we quite thank you for that, Vandraedha!

      You're quite welcome!

      I just wanted it to be known that this isn't a change that's being made as a whim by the Staff.

      BTW - Big thank yous to Staff for fixing this security hole.

        Loading editor
    • Well, I asked for help embedding a video and it promptly worked for me after the request - anyone having issues with the five tools in the original post should send a request to Special:Contact/general instead of attempting to use "verbatim".

      PS: The error I got was "Please enter a valid URL from a supported content provider." - it was fixed after request when I used the embed URL of the same Youtube video.

        Loading editor
    • Speedit wrote: Isn't leaving a security flaw alone infringing the rights of the users of the Wikia domain? And not hypothetically, by law - clause 4 of the EU Data Protection Directive and clause 7 of the UK Data Protection Act in the UK declare that personal data must be secured against unauthorised/unlawful loss, destruction or damage.

      However, I hope that any instances where the secure embedding of social networking or video elements not working are more deeply investigated.

      Wikia servers are hosted in the US, so US law applies. Local country laws don't apply to websites, as the laws that apply to a website is the location in which the data of that site is stored. This is why certain illegal websites host in countries where copyright law is near to non-existent.

      Your point about UK law would only apply if the data for Wikia was stored in the UK, which it isn't, so it doesn't apply.

        Loading editor
    • SuperSajuuk wrote:

      Speedit wrote: Isn't leaving a security flaw alone infringing the rights of the users of the Wikia domain? And not hypothetically, by law - clause 4 of the EU Data Protection Directive and clause 7 of the UK Data Protection Act in the UK declare that personal data must be secured against unauthorised/unlawful loss, destruction or damage.

      However, I hope that any instances where the secure embedding of social networking or video elements not working are more deeply investigated.

      Wikia servers are hosted in the US, so US law applies. Local country laws don't apply to websites, as the laws that apply to a website is the location in which the data of that site is stored. This is why certain illegal websites host in countries where copyright law is near to non-existent.

      Your point about UK law would only apply if the data for Wikia was stored in the UK, which it isn't, so it doesn't apply.

      The strange thing about US law is that data protection law only exists by precedent, but the US sees the most class-action lawsuits for large hacks. Your point is valid - I've edited my post to acknowledge this.

        Loading editor
    • MrBreada wrote:
      So none of this nonsense, then?

      span, font, b, etc. tags will not be affected, since they do not rely on verbatim. You'll still be able to do rainbow text like this in pages, posts, and signatures as long as you don't put the code in verbatim (which you shouldn't do regardless of it being disabled).

        Loading editor
    • http://ru.elderscrolls.wikia.com/wiki/%D0%9A%D0%B0%D1%80%D1%82%D0%B0_(Skyrim) — JavaScript in my profile, imported directly into Template by Verbatim.

      So, is future of Verbatim: «It's broken, and nothing we can do with it» ??

        Loading editor
    • It isn't broken, it just poses a huge security risk in its current form, and has already started to be abused.

        Loading editor
    • Vandraedha wrote:

      Pinkgirl234 wrote: Oh and speaking of verbatim, does anyone know of an incident where verbatim has been abused by using it for malicious coding?

      Yes, on wikis here at Wikia. I will not discuss any specific security flaw in further detail, except to say that it cannot be fixed easily.

      Wow that sucks. I bet removing malicious JavaScript is quite easier than removing all the harmful effects of any harmful verbatim-coded um what's t he word.....coding. Yeah, I think coding.

        Loading editor
    • With the new way to advertise the social networks pages created in Facebook and Twitter, will there be a tool for Google+ pages? I know there is a way, but what's going to happen with this method?

        Loading editor
    • Platybus wrote:
      With the new way to advertise the social networks pages created in Facebook and Twitter, will there be a tool for Google+ pages? I know there is a way, but what's going to happen with this method?

      Here's the quick way: Import dev:PlusOneButton/code.js, then use the <div> badges on https://developers.google.com/+/web/badge/ 

        Loading editor
    • FishTank wrote:

      Platybus wrote:
      With the new way to advertise the social networks pages created in Facebook and Twitter, will there be a tool for Google+ pages? I know there is a way, but what's going to happen with this method?

      Here's the quick way: Import dev:PlusOneButton/code.js, then use the <div> badges on https://developers.google.com/+/web/badge/ 

      Do you have this kind of thing working on AHS wiki?

        Loading editor
    • Fandyllic wrote:

      FishTank wrote:

      Platybus wrote:
      With the new way to advertise the social networks pages created in Facebook and Twitter, will there be a tool for Google+ pages? I know there is a way, but what's going to happen with this method?
      Here's the quick way: Import dev:PlusOneButton/code.js, then use the <div> badges on https://developers.google.com/+/web/badge/

      Do you have this kind of thing working on AHS wiki?

      Indeed. We have Google+ badges working on our main page without verbatim.

        Loading editor
    • There's already a release date¿?

      agg2 theme

        Loading editor
    • More time??


      Misunderstood Human (talk) 02:48, October 30, 2015 (UTC)

        Loading editor
    • This was an inevitability, unfortunate but clearly foreseen and frankly the right thing to do. I will also have a big chunk of rewriting to do, but it is code that didn't need to be written using verbatim (I just happened to choose it) and if I am honest I would admit that it needs some TLC anyway (so this provides a good excuse).

        Loading editor
    • Is there anyway to put a Set of Quiz on any wiki besides verbatim?. I want to replace the Quiz that I made after the verbatim retire. Please leave a message on my message wall or here.

        Loading editor
    • There would be people reviewing JavaScript changes that are submitted over the weekend, or as usual, no code review will be done until Monday, when the verbatim tags no longer works?

        Loading editor
    • Spottra wrote: ...and if I am honest I would admit that it needs some TLC anyway (so this provides a good excuse).

      Can we please stop using random acronyms that nobody know what they mean?

        Loading editor
    • Ciencia Al Poder wrote:

      Spottra wrote: ...and if I am honest I would admit that it needs some TLC anyway (so this provides a good excuse).

      Can we please stop using random acronyms that nobody know what they mean?

      TLC pretty commonly means "Tender Loving Care"

        Loading editor
    • Verba-what?

        Loading editor
    • Update: We've moved back the retirement date a few days to give editors more time to make updates - the new retirement date is Friday, Nov 6.

      Milkandchocolate: is Help:Poll something you could use instead?

        Loading editor
    • AustinD-3 wrote: Verba-what?

      varbe-dolan Dolan

        Loading editor
    • So when will you be letting us rename (move)/delete our widgets?

      Some of them I will have to delete, but others can be fixed by moving to templates and adding some JavaScript.

      Here's a list of stuff my wikis will be losing.

      • Embeddable BBC TV/Radio clips.
      • Embeddable Flicker images
      • Embeddable Getty images
      • Embedding content via embed.ly
      • Embedding of a single tweet (This can be fix with a bit of javascript)
        • Just had the javascript reviewed and approved so can now embed single tweets again Well on the wikis I founded anyway.

      I'm bored now that's enough of a list to be going with.

        Loading editor
    • Kirkburn wrote: Update: We've moved back the retirement date a few days to give editors more time to make updates - the new retirement date is Friday, Nov 6.

      How can we make the updates when the widgets pages are still locked?

      I need to move some to templates and delete others.
        Loading editor
    • For deleting pages in the MediaWiki namespace, just send a list of links in to Special:Contact and we can take care of them. Meanwhile, we're looking into creating a prefixed section of the MediaWiki namespace which can be used for simple custom messages.

      Regarding specific embeds: if they cannot be achieved using (safe!) community JS and there is wide appeal for it, we can look into creating Twitter-like tags for them. We won't be able to implement any more before Verbatim is retired, but that doesn't mean we can't look into creating more afterwards.

        Loading editor
    • Robcamstone wrote: So when will you be letting us rename (move)/delete our widgets?

      Some of them I will have to delete, but others can be fixed by moving to templates and adding some JavaScript.

      Here's a list of stuff my wikis will be losing.

      • Embeddable BBC TV/Radio clips.
      • Embeddable Flicker images
      • Embeddable Getty images
      • Embedding content via embed.ly
      • Embedding of a single tweet (This can be fix with a bit of javascript)

      I'm bored now that's enough of a list to be going with.

      External images can be fetched through a whitelist. Message Wikia through the contact link in the site footer for more help on embedding these images and whitelisting those sites.

      Seems like BBC and Twitter single tweet embedding is more of a widget feature request - which is cool.

      However, expecting embed.ly content to work is going to be impossible however as its essentially the same as including any iframe by verbatim tags. So the security hole such a feature gives is not worth it.

       Speedit   talk contribs  15:10, October 30, 2015 (UTC)

        Loading editor
    • Kirkburn wrote: For deleting pages in the MediaWiki namespace, just send a list of links in to Special:Contact and we can take care of them. Meanwhile, we're looking into creating a prefixed section of the MediaWiki namespace which can be used for simple custom messages.

      Regarding specific embeds: if they cannot be achieved using (safe!) community JS and there is wide appeal for it, we can look into creating Twitter-like tags for them. We won't be able to implement any more before Verbatim is retired, but that doesn't mean we can't look into creating more afterwards.

      Hey Kirkburn, a question for you.

      Why did Wikia not shut down the MediaWiki namespace function completely (deleting the namespace in essence)? With all the work Wikia has done and is still doing just to clean it up, this sounded like a real possibility during the summer. We may have ended up losing some features, but it would have pretty much jammed any potential security hole shut - forever.

      Another possibility would have been making it read-only permanently. Just wanted to make sure people understand - this would have been a real possibility with all the issues it's caused.

       Speedit   talk contribs  15:35, October 30, 2015 (UTC)

        Loading editor
    • My Thanks to Kirkburn and Speedit for the feedback.

        Loading editor
    • Speedit: Essentially, because the vast majority of the customizations are quite reasonable :) We want to try and find a balance between good security practices and continuing to allow each community to make their own choices and show individuality. All these tweaks are an ongoing process, of course.

        Loading editor
    • Kirkburn wrote: Speedit: Essentially, because the vast majority of the customizations are quite reasonable :) We want to try and find a balance between good security practices and continuing to allow each community to make their own choices and show individuality. All these tweaks are an ongoing process, of course.

      I see. In essence, the staff is working hard to ensure that we have as many customizable features as can be possible - just in a secure domain where we can all collaborate in peace =D  Speedit   talk contribs 

        Loading editor
    • Speedit: Aye, as much as our resources allow. In particular, Verbatim's retirement is very much about good security practices, rather than because we dislike how it was generally used. Our security audit itself is still an ongoing process (well, it'll never really end, in truth), and we'll post notes in Blog:Wikia Technical Updates if more user-facing tweaks will need to be made.

        Loading editor
    • Robcamstone wrote: My Thanks to Kirkburn and Speedit for the feedback.

      Oh yeah, you can contact the staff to request BBC embedding as well - I reckon I've messaged with a good three requests at once (my bad, Kirkburn =D) but I think you might be better off sending an individual message for each topic.

        Loading editor
    • Shining-Armor wrote:

      Ciencia Al Poder wrote:
      Can we please stop using random acronyms that nobody know what they mean?

      TLC pretty commonly means "Tender Loving Care"

      Yes, and that is what I meant. My apologies, I thought "TLC" was well enough in the general vernacular to not bother defining, and it didn't occur to me that someone might attach a "computerese" context to it (even though I used it in a thread with plenty of "computerese" in it).

      The code isn't buggy per se, but in some circumstances (due to data irregularities) doesn't always act like the user would expect, and it could use a couple of new features. I just haven't been able to drum up the motivation to fix it/add them. Now it appears I will have to. :)

        Loading editor
    • Milkandchocolate wrote: Is there anyway to put a Set of Quiz on any wiki besides verbatim?. I want to replace the Quiz that I made after the verbatim retire. Please leave a message on my message wall or here.

      Milkandchocolate, on our wiki one of our admins (Lugia101101) was kind enough to code up

      You can see an example of it here. Will this meet your needs?

        Loading editor
    • @Spottra: Would you and/or Lugia be interested in being volunteer Mentors for helping out with Portability transition over at Content Portability Wikia? We're trying to get that task force off the ground, but it'd be nice to have some interested parties.

      Also, I know that this is slightly off topic, but if anyone wants help in preparing or converting their infoboxes to be Portable, we now have a queue for getting consultants and guides to fix you up. I'm sure we can help with some other people's conversions from using Verbatim, too, since it relates to making things more Portable and secure. Put in requests for your wikias at Mentoring Requests and we'll do our best to get you squared away!

        Loading editor
    • FishTank wrote: @Spottra: Would you and/or Lugia be interested in being volunteer Mentors for helping out with Portability transition over at Content Portability Wikia? We're trying to get that task force off the ground, but it'd be nice to have some interested parties.

      Also, I know that this is slightly off topic, but if anyone wants help in preparing or converting their infoboxes to be Portable, we now have a queue for getting consultants and guides to fix you up. I'm sure we can help with some other people's conversions from using Verbatim, too, since it relates to making things more Portable and secure. Put in requests for your wikias at Mentoring Requests and we'll do our best to get you squared away!

      any wikis running it already, I've gotta check this out =D

        Loading editor
    • Steps to embeding a single tweet on your wiki.

      1. Add the following to your wikis mediawiki:Common.js

      /* JavaScript To embed single twitter tweets */
      window.twttr = (function(d, s, id) {
        var js, fjs = d.getElementsByTagName(s)[0],
          t = window.twttr || {};
        if (d.getElementById(id)) return t;
        js = d.createElement(s);
        js.id = id;
        js.src = "https://platform.twitter.com/widgets.js";
        fjs.parentNode.insertBefore(js, fjs);
       
        t._e = [];
        t.ready = function(f) {
          t._e.push(f);
        };
       
        return t;
      }(document, "script", "twitter-wjs"));

      2. copy the first line of the embed code for the tweet you wish to embed it will look something like this

      <blockquote class="twitter-tweet" lang="en-gb"><p lang="en" dir="ltr">An autumnal visit to Stoneleigh Abbey, the grandest house in Jane Austen's life. Did its chapel inspire Sotherton's? <a href="http://t.co/zAc4fqmaJt">pic.twitter.com/zAc4fqmaJt</a></p>— Lucy Worsley (@Lucy_Worsley) <a href="https://twitter.com/Lucy_Worsley/status/653228723081244672">October 11, 2015</a></blockquote>
      <script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>

      3. Discard the second line of code that looks like the following.

      Note it's not required that's what the JS in step 1 is for.

      <script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>

      4 Now copy that first line of code in the wiki's page or template you wish to embed tweet on and your done.

      5. Working example

      6. Original source for JS https://dev.twitter.com/web/javascript/loading

        Loading editor
    • How else may I create custom background images for certain pages? Example: w:c:theamazingworldofgumball:MediaWiki:GameBg4 in use on w:c:theamazingworldofgumball:User:Gameuser10

        Loading editor
    • Gameuser10 wrote: How else may I create custom background images for certain pages? Example: w:c:theamazingworldofgumball:MediaWiki:GameBg4 in use on w:c:theamazingworldofgumball:User:Gameuser10

      It's possible to add a background to just a single page using the following CSS:

      .page-NameHere .WikiaPage .WikiaPageBackground {
         background-image: url('IMAGE URL');
      }
      

      So if you want a background for only your userpage you could use

      .page-User_Gameuser10 .WikiaPage .WikiaPageBackground {
         background-image: url('http://orig08.deviantart.net/a140/f/2015/117/b/f/__the_overseer___by_scardoni_a-d8r9at1.jpg');
      }
      

      At least I think that should work

        Loading editor
    • What the hell!?!? DON'T REMOVE THAT!!!!

        Loading editor
    • Is it still possible to make checkboxes? On my Wiki I used verbatim tags to create checkboxes, and a MediaWiki page. But what can I do if the verbatim tags will be removed? Is it impossible to do that?

        Loading editor
    • You can still add it using JavaScript. If you use jQuery, you can make it even simpler to understand:

      $("#container-of-input").append(
      	'<input type="checkbox" id="checkbox1" /> Option #1<br />' +
      	'<input type="checkbox" id="checkbox2" /> Option #2<br />' +
      	'<input type="checkbox" id="checkbox3" /> Option #3<br />' +
      	'<input type="checkbox" id="checkboxetc" /> Option etc.'
      );

      Which will affect, on this example, the element with an id of "container-of-input", e.g.:

      <div id="container-of-input">
      	<!-- Any input added via JS will be inserted below this comment -->
      </div>
        Loading editor
    • How about any possible JavaScript to have marquee tags with tmaybe the use of <div> or <span>?

        Loading editor
    • JavaScript:

      $("#marquee-animation").append(
          '<marquee>Your Text</marquee>'
      );

      HTML:

      <span class="marquee-animation"></span>
        Loading editor
    • @PhilippL Thank you very much. But are you sure is this the only set I need? How about the JavaScript sets that includes options if I wont to scroll something up or down, left or right, or even how fast a marquee speed would go? Or are they already included in that JS set you provided?

        Loading editor
    • $("#marquee-animation").append(
          '<marquee scrolldelay="50">Your Text</marquee>'
      );

      You can add more functions after Scrolldelay. Here is a list of functions you can use: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/marquee

        Loading editor
    • @PhilippL I guess this one does not work on personal common.js, like I tried earlier. I had to wait for response to the submission my recent revision of a JS revision in common.js in my wiki before I add these marquee setups. Thanks still.

        Loading editor
    • Is it not working? If not, I don't know. I'm not good at JS. I almost no nothing.

        Loading editor
    • TheOtherGuest2 wrote: What the hell!?!? DON'T REMOVE THAT!!!!

      It's not an option to keep it. It is a security risk and to keep it would be unacceptable.

        Loading editor
    • Shining-Armor wrote:

      TheOtherGuest2 wrote: What the hell!?!? DON'T REMOVE THAT!!!!

      It's not an option to keep it. It is a security risk and to keep it would be unacceptable.

      Above that, Wikia staff have added most of the major uses of it in a safer form and will add more. Got any content that relies on embedding webpages or web content - that's not going to happen.

      PS: It would be nice to see Beatport and BBC embedding, but I'm willing to wait until Verbatim bites the dust.

        Loading editor
    • This is inconveniencing Survivor Wiki since we heavily rely on the verbatim tag. There are html coding there that would need the tag (i.e. the episode rating above the infobox). Are there any other solutions than editing 500+ episode pages manually?

        Loading editor
    • Unfortunately there is no other solution. But doing the work is for the best.

        Loading editor
    • IAmNothing712 wrote: This is inconveniencing Survivor Wiki since we heavily rely on the verbatim tag. There are html coding there that would need the tag (i.e. the episode rating above the infobox). Are there any other solutions than editing 500+ episode pages manually?

      JS solutions can possibly be found in Central, but I doubt the ratings you have will survive. See this thread and please attribute the code to the developer-user.

      PS: Hold up and message @MarkvA before following up with the import otherwise other wiki's rating systems could be broken. He will generate a hash for you so this doesn't happen.

        Loading editor
    • I forgot to ask, is there any other ways to add an iframe to a page without verbatim such as this, or are iframes totally dead now?

        Loading editor
    • ΜΖD wrote: I forgot to ask, is there any other ways to add an iframe to a page without verbatim such as this, or are iframes totally dead now?

      There are several ways- here's one: make a "placeholder" element where you want iframe to be inserted to the page, e.g.:

      Some previous text
      
      <span id="iframeloader-mimi16">Loading iframe content...</span>
      
      Rest of the content of the page
      

      And then use some JS to replace it with an iframe:

      $("#iframeloader-mimi16").replaceWith('<iframe width="150" height="344" id="swf" src="http://www.konami.jp/bemani/popn/blog/html/mimi16.html" scrolling="no" frameborder="0" />');
        Loading editor
    • HTML:

      <div id="swf-clock">Loading...</div>

      JavaScript:

      $(function() { 
          var swf = document.createElement('iframe');
              swf.setAttribute('width', '150');
              swf.setAttribute('height', '344');
              swf.setAttribute('id', 'swf');
              swf.setAttribute('scrolling', 'no');
              swf.setAttribute('frameborder', '0');
              swf.setAttribute('src', 'http://www.konami.jp/bemani/popn/blog/html/mimi16.html');
       
          document.getElementById('swf-clock').appendChild(swf);
      });
        Loading editor
    • Some say that iframes are secure methods of embedding content. =D

       Speedit   talk contribs 

        Loading editor
    • Speedit wrote: Some say that iframes are secure methods of embedding content. =D

       Speedit   talk contribs 

      Sometimes the only way to get the content you want is via iFrame, though if the content is served over HTTPS it is so much better. Though, HTTPS is not always available.

        Loading editor
    • IAmNothing712 wrote: This is inconveniencing Survivor Wiki since we heavily rely on the verbatim tag. There are html coding there that would need the tag (i.e. the episode rating above the infobox). Are there any other solutions than editing 500+ episode pages manually?

      You could possibly achieve your desired result by using the StarRatings template to call a polling template (see Help:Poll for more info) based on your wiki, instead of hosting the poll offsite.

      In your template, http://survivor.wikia.com/wiki/Template:StarRatings - if you:

      REPLACE

      <includeonly>{{#iferror: {{#expr: {{{series}}} + {{{episode}}}}}
      | <span class="error">series/episode must be numbers</span>
      | <div class="rw-ui-container rw-urid-{{#expr: {{{series}}}*1000 + {{{episode}}}}}" style="clear:right; float:right"></div>
      }}</includeonly>
      

      WITH

      <includeonly>{{#iferror: {{#expr: {{{series}}} + {{{episode}}}}}
      | <span class="error">series/episode must be numbers</span>
      | <div style="clear:right; float:right">{{Template:{{{series}}}-{{{episode}}}}}</div>
      }}</includeonly>
      

      It would automatically link to the episode poll.

      Each episode would still require a separate template to be created, but you would not need to edit all of the individual pages that used Template:StarRatings.

        Loading editor
    • FishTank wrote: @Spottra: Would you and/or Lugia be interested in being volunteer Mentors for helping out with Portability transition over at Content Portability Wikia? We're trying to get that task force off the ground, but it'd be nice to have some interested parties.

      Lugia is mostly inactive at this stage due to internet access difficulties, but I certainly can help out.

        Loading editor
    • We hope everyone is enjoying their Hallowe'en!

      Please remember that the JS solutions will have to pass the JavaScript review process, and we have to be fairly strict on code that references external content.

      Regarding animations (like marquee): personally, I would recommend looking into CSS animations rather than JS. Browsers have fairly good support for it, and it's often simpler and smoother than JS. Of course, I would also recommend keeping the animations themselves pretty low-key, to avoid annoying visitors :)

        Loading editor
    • Kirkburn wrote: We hope everyone is enjoying their Hallowe'en!

      Please remember that the JS solutions will have to pass the JavaScript review process, and we have to be fairly strict on code that references external content.

      Regarding animations (like marquee): personally, I would recommend looking into CSS animations rather than JS. Browsers have fairly good support for it, and it's often simpler and smoother than JS. Of course, I would also recommend keeping the animations themselves pretty low-key, to avoid annoying visitors :)

      Remember that CSS is hardware accelerated whereas JS is not. This means faster, smoother animations.

        Loading editor
    • Twitter feeds don't auto-expand photos when the widget has this feature activated.

        Loading editor
    • Thank's for the delay in the removal. We still have some things that need to be fixed.

        Loading editor
    • Does this mean that the following:

      <include></noinclude>,  <category></category>,  <gallery type=></gallery>,  <div style=></div>,  <poem></poem>,  <poll></poll>,  <br />

      will go to hell in a handbasket on Friday, November 6?

        Loading editor
    • Sammm鯊
      Sammm鯊 removed this reply because:
      question answered
      03:04, November 1, 2015
      This reply has been removed
    • Kirkburn wrote:
      Regarding animations (like marquee): personally, I would recommend looking into CSS animations rather than JS. Browsers have fairly good support for it, and it's often simpler and smoother than JS. Of course, I would also recommend keeping the animations themselves pretty low-key, to avoid annoying visitors :)

      The last time I checked PvZ Wiki's Wikia.js, they place this set of JavaScript there that enables images to rotate, specifically used for PvZ Wiki's gallery templates. If I am going to use marquee for CSS, that means I need to choose one area in my wiki to contain that moving marquee animation. However, in my case, I'd rather have some marquee to be used in <span> or <div> tags, the reason for searching JavaScript for marquee.

        Loading editor
    • Virago a-go-go wrote:
      Does this mean that the following:

      <include></noinclude>,  <category></category>,  <gallery type=></gallery>,  <div style=></div>,  <poem></poem>,  <poll></poll>,  <br />

      will go to hell in a handbasket on Friday, November 6?

      No. Those tags aren't at all related to Verbatim. In fact, a few are just basic HTML that you could even use on a fresh install of MediaWiki. Others aren't even HTML, but you could still use them on Wikipedia, which last I checked has never had plans nor the need to use Verbatim. The rest are Wikia features that were developed years ago.

      tl;dr: naaaah

        Loading editor
    • Xxsammmsammmxx wrote:

      Virago a-go-go wrote:
      Does this mean that the following:

      <include></noinclude>,  <category></category>,  <gallery type=></gallery>,  <div style=></div>,  <poem></poem>,  <poll></poll>,  <br />

      will go to hell in a handbasket on Friday, November 6?


      What? Why would you say that? (now alarmed) Doesn't it just apply to <verbatim> </verbatim>?

      Oh for crying out loud. Those are all still valid. The only tag that is dying is verbatim.

        Loading editor
    • Penguin-Pal wrote:

      Kirkburn wrote: FYI: We've started up the Twitter conversion script, under the WikiaBot account. It'll likely take a little while to get round all of the usages.

      Though, a community that is unaware of this thread is probably inactive, and so can their twitter account be.

      Not necessarily Penguin-Pal. There are many, many communities on Wikia that don't have a person keeping an eye on CC for them. I myself haven't come on for several weeks before today because of other demands on my time and feel pretty lucky to have caught this thread so soon after its creation. A massage sent out to all communities like Wikia did for the CreepyPasta contest would have been very handy to help keep all communities informed and have them get ready before all the content inserted into their wiki via verbatim is cut off.

      There are so many ways that creative and benevolent admins have inserted content into their wikis via verbatim tags, that it will be a shame to lose them. I understand the security requirements, but why not instead do a code review similar to what you're doing for JS? If somebody's using "forbidden" tags to manipulate content in harmless yet beneficial ways for the community, it should be allowed. There is after all only so many features that Wikia can include by default, and giving people more freedom to create their own things to complement existing MediaWiki features and extensions should be encouraged in my mind, for example a proof of concept we were performing on our wiki where we used the verbatim tags to insert a form that changed the URL parameters to allow the refinement of a DPL list. There's no native way to do that as far as I'm aware. Being able to have a review committee look at the MediaWiki page being transcluded and confirm that the content couldn't possibly cause any harm would allow many awesome features such as that to be built by the vast array of different communities on Wikia with different wikis and different requirements for each. It's already working for JS: why not verbatim?

        Loading editor
    • "Unfortunately enough iframes pose a security risk due to them loading external content. As such, loading iframes from other websites is disallowed."

      Welp that's the response I got for my attempt to replace verbatim. Dunno what I'll put in that empty spot now.

        Loading editor
    • A point of note: Some wikis have additional security policies on top of what Wikia mandates. There's an issue with Wikia's tool for twitter feeds where it uses HTTP instead of HTTPS. Wikis with separate security policies should be careful when using this feature, to avoid breaking any rules.

      In summary, before you go using the twitter tag to replace verbatim-ed feeds, make sure you check the wiki's rules.

        Loading editor
    • Can you also make an Instagram widget?

        Loading editor
    • Justine77 7 wrote: Can you also make an Instagram widget?

      If you post the current code you have that you use verbatim to embed I can create a script for you.

        Loading editor
    • Shining-Armor wrote:

      Justine77 7 wrote: Can you also make an Instagram widget?

      If you post the current code you have that you use verbatim to embed I can create a script for you.

      <script src="//instansive.com/widget/js/instansive.js"></script><iframe src="//instansive.com/widgets/a344e628a544d72488279f575f4d6b5edd10457f.html" id="instansive_a344e628a5" name="instansive_a344e628a5" scrolling="no" allowtransparency="true" class="instansive-widget" style="width: 100%; border: 0; overflow: hidden;"></iframe>

      I found it on the Ellie Goulding wiki.

        Loading editor
    • HTML:

      <div id="instagram-widget">Loading...</div>




      JavaScript:

      $(function() {
          if (document.getElementById('instagram-widget') !== null) {
              var node = document.createElement('iframe');
                  node.setAttribute('id', 'instansive_a344e628a5');
                  node.setAttribute('name', 'instansive_a344e628a5');
                  node.setAttribute('scrolling', 'no');
                  node.setAttribute('allowtransparency', 'no');
                  node.setAttribute('class', 'instansive-widget');
                  node.setAttribute('src', 'http://instansive.com/widgets/a344e628a544d72488279f575f4d6b5edd10457f.html');
                  node.style.width = '100%';
                  node.style.border = '0';
                  node.style.overflow = 'hidden';
       
              var script = document.createElement('script');
                  script.setAttribute('src', 'https://instansive.com/widget/js/instansive.js');
       
              document.getElementById('instagram-widget').appendChild(node);
              document.getElementsByTagName('head')[0].appendChild(script);
          }
      });




      Just a note. This widget does not support HTTPS unless you pay for it so I highly suggest that you find another widget that does support HTTPS by default.

        Loading editor
    • Here's some other widgets you can use as well: http://dev.wikia.com/wiki/Category:Social_Media_Integration

        Loading editor
    • Shining-Armor wrote:
      HTML:
      <div id="instagram-widget">Loading...</div>




      JavaScript:

      $(function() {
          if (document.getElementById('instagram-widget') !== null) {
              var node = document.createElement('iframe');
                  node.setAttribute('id', 'instansive_a344e628a5');
                  node.setAttribute('name', 'instansive_a344e628a5');
                  node.setAttribute('scrolling', 'no');
                  node.setAttribute('allowtransparency', 'no');
                  node.setAttribute('class', 'instansive-widget');
                  node.setAttribute('src', 'http://instansive.com/widgets/a344e628a544d72488279f575f4d6b5edd10457f.html');
                  node.style.width = '100%';
                  node.style.border = '0';
                  node.style.overflow = 'hidden';
       
              var script = document.createElement('script');
                  script.setAttribute('src', 'https://instansive.com/widget/js/instansive.js');
       
              document.getElementById('instagram-widget').appendChild(node);
              document.getElementsByTagName('head')[0].appendChild(script);
          }
      });




      Just a note. This widget does not support HTTPS unless you pay for it so I highly suggest that you find another widget that does support HTTPS by default.

      It doesn't work on HTPP as well. "Loading..." doesn't change into the script.

        Loading editor
    • Justine77 7 wrote:

      Shining-Armor wrote:
      HTML:
      <div id="instagram-widget">Loading...</div>




      JavaScript:

      $(function() {
          if (document.getElementById('instagram-widget') !== null) {
              var node = document.createElement('iframe');
                  node.setAttribute('id', 'instansive_a344e628a5');
                  node.setAttribute('name', 'instansive_a344e628a5');
                  node.setAttribute('scrolling', 'no');
                  node.setAttribute('allowtransparency', 'no');
                  node.setAttribute('class', 'instansive-widget');
                  node.setAttribute('src', 'http://instansive.com/widgets/a344e628a544d72488279f575f4d6b5edd10457f.html');
                  node.style.width = '100%';
                  node.style.border = '0';
                  node.style.overflow = 'hidden';
       
              var script = document.createElement('script');
                  script.setAttribute('src', 'https://instansive.com/widget/js/instansive.js');
       
              document.getElementById('instagram-widget').appendChild(node);
              document.getElementsByTagName('head')[0].appendChild(script);
          }
      });




      Just a note. This widget does not support HTTPS unless you pay for it so I highly suggest that you find another widget that does support HTTPS by default.

      It doesn't work on HTPP as well. "Loading..." doesn't change into the script.

      I fixed it. I mixed up href and src.

        Loading editor
    • im ok with that

        Loading editor
    • These features represent the overwhelming majority of Verbatim usages.

      What is this

      I'm rather baffled as someone who uses verbatim on everything BUT social sites.

        Loading editor
    • So pretty much Verbatim is what runs JS? I'm confused.

        Loading editor
    • Logologologol wrote:

      These features represent the overwhelming majority of Verbatim usages.

      What is this

      I'm rather baffled as someone who uses verbatim on everything BUT social sites.

      You're preaching to the choir. I had to rewrite most of the Schema script. The worst part is that dev wiki is having issues, so I can't publish the fixes.

      @AustinD-3 :

      Verbatim is just another tool to inject code, like templates. The difference is that Verbatim can inject raw HTML, CSS, and Javascript; whereas templates can only inject more wiki markup. You can use Javascript on here without it.

        Loading editor
    • Does somebody want to explain why the admits are being exploited by wikia to fix the damage done by they poor attempts to plug security issues?

      After any security issues are fixed surely all wikis should be intact as they were before wikia implemented the changes.

      Also like others have pointed out why is wikia only obsessed with social websites? apart from the obvious reason of self promotion?

      The JS review is poor I added some code which was reviewed and passed, but have now found that it conflicts with code in my personal global.js surely the review should be checking for conflicts as I'm new to JS I chose to remove the code as I would not know how to go about fixing it.

      So I use the history to undo the last edit and even though I removed code I still had to submit the code for review, Why?

      I have had to do this on 5 wikis.

      Sad I think I must have lost a number of visits as I have not added any new content for ages as I have been trying to deal with the damage done by your poor security plugs.

        Loading editor
    • Robcamstone: Wikia has thousands upon thousands of different communities. We cannot possibly go around every community and spend time rewriting their JS or Verbatim tags ourselves (especially not personal JS). It's not feasible, or reasonable.

      We created the Twitter, VK and Weibo widgets because they were some of the most common usages, along with Spotify and SoundCloud (which aren't exactly social websites).

      Removing code/reverting JS edits still requires approval because you may be reverting to a revision that has not been approved, and even code removal can potentially open a security hole.

      We certainly don't want to be taking time away from normal editing, but these changes are necessary.

        Loading editor
    • Kirkburn wrote:
      Robcamstone: Wikia has thousands upon thousands of different communities. We cannot possibly go around every community and spend time rewriting their JS or Verbatim tags ourselves (especially not personal JS). It's not feasible, or reasonable.

      We created the Twitter, VK and Weibo widgets because they were some of the most common usages, along with Spotify and SoundCloud (which aren't exactly social websites).

      Removing code/reverting JS edits still requires approval because you may be reverting to a revision that has not been approved, and even code removal can potentially open a security hole.

      We certainly don't want to be taking time away from normal editing, but these changes are necessary.

      If you fixed the code at the core of wika you would not need to go around making fixes to individual wikis.

      Spend time fixing the core code instead of plugging it.

      As for the verbatim tag if you fixed it's security issues or rebuilt it form the ground upwards then again you would not have to go around making edits to 1000's of individual wikis.

      I'm more then fed-up having to deal with your issues, but I care passionately about the subjects I work on.

      I think I may do away with adding content via JS widgets and if the content needs embedding then I'll just not use it and just provide a link to the related website instead.

      As we can't be sure that at a later date you will not make more changes.

      So back to basics for my wikis which will no doubt please wikia as by default they be more mobile friendly which is your current obsession.

        Loading editor
    • Ah, the problem is that the basic concept of the Verbatim tag is a security issue. In almost all cases, 'fixing' it would mean that the tag simply doesn't function any more.

      Certainly we can't guarantee no future changes around this area - security threats evolve, and so must Wikia. Again, though, I must stress that we're not doing this because we dislike what it was being used for, but because of the security problems it poses.

        Loading editor
    • Verbatim is by nature insecure. You cannot simply take something that was made to allow the direct injection of HTML and change it to be more secure while allowing it to directly inject HTML.

      You simply cannot have your cake and eat it too.

      It's also worth noting that Wikia's issues are your issues as well. If they have a security issue then you have a security issue. You having a security issue means that you are putting your readers at risk. If you really cared about the content you are producing on Wikia and your readers then you would know that it is unacceptable to put your readers at risk purely out of convenience.

      If you do away with JS then that is entirely up to you as an administrator. No wiki is forced to use JS to improve their wiki nor the experience of their readers.

        Loading editor
    • I couldn't even replace my verbatim with JS, this transition hasn't turned out as smooth as I hoped it would

      I simply don't use social media and have no reason to make any for my wiki cause it's about a fairly obscure game. Wish there were some other solutions, hopefully Wikia will consider more in the future.

        Loading editor
    • If you post the code you are currently verbatiming here I will convert it for you into something that will continue to work after verbatim is retired.

      The developers are here to help.

        Loading editor
    • It's 2 things that use iframes, I tried some solutions posted earlier that were rejected in the review (it seems iframes just aren't allowed) so I don't think there is a way, sadly.

        Loading editor
    • Robcamstone wrote: Does somebody want to explain why the admits are being exploited by wikia to fix the damage done by they poor attempts to plug security issues?

      After any security issues are fixed surely all wikis should be intact as they were before wikia implemented the changes.

      Also like others have pointed out why is wikia only obsessed with social websites? apart from the obvious reason of self promotion?

      The JS review is poor I added some code which was reviewed and passed, but have now found that it conflicts with code in my personal global.js surely the review should be checking for conflicts as I'm new to JS I chose to remove the code as I would not know how to go about fixing it.

      So I use the history to undo the last edit and even though I removed code I still had to submit the code for review, Why?

      I have had to do this on 5 wikis.

      Sad I think I must have lost a number of visits as I have not added any new content for ages as I have been trying to deal with the damage done by your poor security plugs.

      It's to my belief that the JS review is a security review by definition. If there are parsing or execution errors, code faults or conflicts, its not Wikia's problem and they will not edit your code to fix it. Such help is available on request by the experienced programmers of the Dev Wiki.

      If you're new to JS, then you should have another human developer or code-editing program check your code for safety as well as effectiveness. In any case, you can check for any conflicts by using the console tab in the developer tools of your browser - accessible through the F12 key.

      Trust me from my experiences - there is no point having lots of features when you pay for it with your safety and security. I can believe that Wikia wants the best for its users and readers - hence why this move is going through quite quickly.

      ΜΖD wrote: It's 2 things that use iframes, I tried some solutions posted earlier that were rejected in the review (it seems iframes just aren't allowed) so I don't think there is a way, sadly.

      @MZD, interestingly, the use of verbatim for external content is usually either iframe or object. So they are essentially the same thing for web content (<verbatim> and <iframe>), I reckon.

       Speedit   talk contribs  18:39, November 2, 2015 (UTC)

        Loading editor
    • Just a note about security, Verbatim tags, site's JavaScript and MediaWiki pages were always secure if we trust the users allowed to edit the MediaWiki interface. It has now been flagged as insecure because now Wikia doesn't trust admins anymore. And this has changed because some Wikia Staff were hacked by a rogue admin.

        Loading editor
    • Ciencia Al Poder wrote: Just a note about security, Verbatim tags, site's JavaScript and MediaWiki pages were always secure if we trust the users allowed to edit the MediaWiki interface. It has now been flagged as insecure because now Wikia doesn't trust admins anymore. And this has changed because some Wikia Staff were hacked by a rogue admin.

      The other people claiming it was a rogue admin were misinformed. Those responsible for any of this had scored less than 100 edits in total on the Wikia domain. The cause is not the problem, its the prevention and the effort to seal any and all security holes shut.

      I want my account and those of other editors & readers at Wikia to be safe from people who are willing to hunt to exploit security issues and Verbatim. Though I agree that initially the trust was there, this move is about security - not mistrust or a dislike of Verbatim.

      PS: When I found out about Verbatim, I thought such an ability was too good to be true - and finding that it is two months later is not much of a suprise.

       Speedit   talk contribs  18:54, November 2, 2015 (UTC)

        Loading editor
    • Ciencia Al Poder wrote: Just a note about security, Verbatim tags, site's JavaScript and MediaWiki pages were always secure if we trust the users allowed to edit the MediaWiki interface. It has now been flagged as insecure because now Wikia doesn't trust admins anymore. And this has changed because some Wikia Staff were hacked by a rogue admin.

      Do you trust admins?

        Loading editor
    • Speedit wrote:

      The other people claiming it was a rogue admin were misinformed. Those responsible for any of this had scored less than 100 edits in total on the Wikia domain. The cause is not the problem, its the prevention and the effort to seal any and all security holes shut.

      Do your words imply the cause is bad coding practices from wikia developers? Because if the ability to edit mediawiki messages was not the problem, there should be no reason to lock them

        Loading editor
    • PedroM wrote:

      Do you trust admins?

      On wikis where I edit, yes, of course. That's one of the security principles of MediaWiki. Of course, before Wikia allowed anyone to create random wikis automatically.

        Loading editor
    • PedroM wrote: Do you trust admins?

      The real question is, do you trust that the person who currently has access to the admin account is the person who actually owns the account. In the first of the recent security breaches, it was a compromised admin account, not a rogue admin, that was used to compromise the staff account.

      Even ignoring the question of whether you should automatically trust any admin on whatever random wiki you might find yourself viewing (you shouldn't, by the way, considering that virtually anyone can create a new wiki, or adopt an existing, inactive wiki, and in the process automatically gain admin rights (to say nothing of using social engineering and the like on active wikis to be made an admin)), there is no way for you to confirm that the person currently using an account is the same person that registered it, or that the controller isn't malicious and is competent.

        Loading editor
    • Ciencia Al Poder wrote: Just a note about security, Verbatim tags, site's JavaScript and MediaWiki pages were always secure if we trust the users allowed to edit the MediaWiki interface. It has now been flagged as insecure because now Wikia doesn't trust admins anymore. And this has changed because some Wikia Staff were hacked by a rogue admin.

      Anyone could create a wiki and gain access to the direct injection which would have allowed the same type of attacks and all it would do is require the attacker to lure you to their wiki in order to compromise your account.

      And frankly you should never have to worry about whether or not clicking a Wikia link is safe.

        Loading editor
    • Shining-Armor wrote: HTML:

      <div id="swf-clock">Loading...</div>

      JavaScript:

      $(function() { 
          var swf = document.createElement('iframe');
              swf.setAttribute('width', '150');
              swf.setAttribute('height', '344');
              swf.setAttribute('id', 'swf');
              swf.setAttribute('scrolling', 'no');
              swf.setAttribute('frameborder', '0');
              swf.setAttribute('src', 'http://www.konami.jp/bemani/popn/blog/html/mimi16.html');
       
          document.getElementById('swf-clock').appendChild(swf);
      });

      Whoops I just noticed this, must've missed it the other day. Hope this works.

        Loading editor
    • ΜΖD wrote:

      Shining-Armor wrote: HTML:

      <div id="swf-clock">Loading...</div>

      JavaScript:

      $(function() { 
          var swf = document.createElement('iframe');
              swf.setAttribute('width', '150');
              swf.setAttribute('height', '344');
              swf.setAttribute('id', 'swf');
              swf.setAttribute('scrolling', 'no');
              swf.setAttribute('frameborder', '0');
              swf.setAttribute('src', 'http://www.konami.jp/bemani/popn/blog/html/mimi16.html');
       
          document.getElementById('swf-clock').appendChild(swf);
      });

      Whoops I just noticed this, must've missed it the other day. Hope this works.

      Oddly enough the Japanese Konami does not support HTTPS.

        Loading editor
    • Huh so I guess no HTTPS means no dice.
      It'll probably get rejected then but I guess it was worth a shot, time to actually find something new then.

        Loading editor
    • It doesn't mean it will get rejected per sey but it is worth looking into an HTTPS alternative if at all possible.

        Loading editor
    • Ciencia Al Poder wrote:

      Do your words imply the cause is bad coding practices from wikia developers? Because if the ability to edit mediawiki messages was not the problem, there should be no reason to lock them.

      No, I appreciate that the loss of features is an inconvenience - it was my implication that these holes didn't exist until someone made them. An exploit must be developed, people don't lose their data and security in events independent of a willing human agent who has their own motivations for attacking the domain and worming their way in.

      The staff have cited the whole Mediawiki namespace (Mediawiki being the wiki software of Wikimedia not Wikia - which uses a modded version with more updates incoming) being a potential security risk fall 2015 on CC before initiating this onslaught of changes and that's the reason for a lot of the changes we're seeing now. Hence why this feature has to go. I'm willing to wait until we get Mediawiki back. I asked a staff member this on the thread:

      Speedit wrote:

      Hey Kirkburn, a question for you.

      Why did Wikia not shut down the MediaWiki namespace function completely (deleting the namespace in essence)? With all the work Wikia has done and is still doing just to clean it up, this sounded like a real possibility during the summer. We may have ended up losing some features, but it would have pretty much jammed any potential security hole shut - forever.

      Another possibility would have been making it read-only permanently. Just wanted to make sure people understand - this would have been a real possibility with all the issues it's caused.

      This is the answer I got, and it was a damn good one:

      Kirkburn wrote:

      Speedit: Essentially, because the vast majority of the customizations are quite reasonable :) We want to try and find a balance between good security practices and continuing to allow each community to make their own choices and show individuality. All these tweaks are an ongoing process, of course.

      I'm patient and I'm cool with something being rolled out if it's for my ultimate benefit. Just the other day, I came inches of having all my bank and contact details being released after a breach on my ISP's website (the hacker was arrested and the data dump was seized) - security is not a joke and the work of the Wikia staff is pre-emptive in this case with Verbatim.

       Speedit   talk contribs  23:59, November 2, 2015 (UTC)

        Loading editor
    • ΜΖD wrote: Huh so I guess no HTTPS means no dice.
      It'll probably get rejected then but I guess it was worth a shot, time to actually find something new then.

      What I said was probably wrong to some degree, because "iframe" can be used in ways that are more secure than "verbatim" or "object" tags. There could be ways to use iframe safely - best to try and submit the code for JS review.

        Loading editor
    • Hi

        Loading editor
    • By the way…
      Ducksoup wrote:
      Since [August], we’ve been performing a complete security audit on Wikia to ensure that the site is as secure as it can be.
      You might want to think about not having a login form in the Wikia bar on every page. That seems like a rather big hole in and of itself.
        Loading editor
    • @AgentMuffin: this is being worked on. The new login form is active on Community Central if you want to check it out.

        Loading editor
    • Oh okay. Didn't know this was being fixed ._.;

        Loading editor
    • Noticed it a few days back - definite improvement. Is that the new & promised architecture the login process is running?

        Loading editor
    • Is the new login form that different though? It feels basically the same, and it's still on every page, unless it's still undergoing changes.

      Also why doesn't Wikia use https?

        Loading editor
    • There's a lot of moving parts to the architecture changes - some are mostly invisible, while some are more obvious (like the login form).

      HTTPS support is a complex beast for a site like Wikia, but it's a goal we're working towards.

        Loading editor
    • ΜΖD wrote: Is the new login form that different though? It feels basically the same, and it's still on every page, unless it's still undergoing changes.

      Also why doesn't Wikia use https?

      Been also asking for 2FA on all elevated accounts (sysop, VSTF, staff) - both features would be really great. (I think you see the new login prompt if you login from Central, try it if you haven't and you'll recognise it for a circular Wikia logo spinner).

      I have faith some to all of these features will come in time seeing as the staff will be continually working for more security features.

       Speedit   talk contribs  17:52, November 3, 2015 (UTC)

        Loading editor
    • As Wikia's residential paranoid nutjob, and as a person who loves saying bad things about others, I feel the most qualified to say this: Wikia's security isn't great, but they're clearly trying their best to fix all the security issues and keep us safe.

      While I make fun of their degree of "success", "a justified thing to mock"; I am genuinely glad Wikia is now trying to protect us, and I'm glad that they're trying to deal with the massive backlog of security problems and that they're treating security as an actual priority.

      Yes, there's been a large number of recent attacks. But Wikia has noticed these attacks, and they're at least TRYING to prevent future ones.

      Yes, 2FA is something that should have been rolled out over a year ago. Yes, HTTPS should have been made mandatory and supported years ago. Yes, the login procedures are broken. Yes, there's all kinds of little ways to bypass the permission management system and lockdown tools. These things need to be fixed. But it's obvious Wikia is genuinely trying. Most of their efforts seem to be directed to the last one, but I understand and appreciate the effort.

      Thank you Wikia, for this work that is worthy of a C-, but is clearly some of your best effort, and a mark of major improvement.

        Loading editor
    • > Yes, there's been a large number of recent attacks...

      There have only been perhaps 3 unique attacks recently and all of them have been made known by Wikia.

      > Yes, 2FA is something that should have been rolled out over a year ago.
      > Yes, HTTPS should have been made mandatory and supported years ago.

      These things could not have just been rolled out, especially if they have not created them/done proper testing. Using HTTPS on a site like Wikia is not simply just a flip of the switch an it is done. There are a lot of infrastructure issues that need to be dealt with in order to accommodate the use of HTTPS. One major thing that I can name off is importing resources from destinations that may not be secure (HTTP). All of these thing need to be found, patched, and tested properly before any such change can simply be rolled out.

      > Yes, the login procedures are broken.

      They are not "broken" as you say. The current, and most popular, method of logging in to Wikia is not as secure as it should be but is by no means broken.

      > Yes, there's all kinds of little ways to bypass the permission management system and lockdown tools.

      Special:Contact/general

        Loading editor
    • It may not seem like it because of the thread numbering issue, but this thread has hundreds and hundreds of replies, and is coming up on the 500 reply limit. Suggest a split, especially one for on-topic solutions. 

        Loading editor
    • There are only 223 replies to this forum, not even half-way.

        Loading editor
    • Two days left now - what help or guidance will those who realize the "verbatim" tag has been pulled on Sunday? I'm expecting quite a significant number of people flooding this thread, making new ones or sending bug reports unaware of the "verbatim" tag no longer parsing.

        Loading editor
    • I will continue to help people move widgets to JS.

        Loading editor
    • As it stands I still can't replace my verbatim lol...oh well, at least it only affects one thing on my wiki

      Wonder how wikis that heavily rely on it will work it out. Seems like not everything is replaceable with JS

        Loading editor
    • ΜΖD wrote: As it stands I still can't replace my verbatim lol...oh well, at least it only affects one thing on my wiki

      Wonder how wikis that heavily rely on it will work it out. Seems like not everything is replaceable with JS

      Everything is replaceable using JS.

      Whether or not it will be accepted is another thing. Your script was recreated just fine using JS, it just so happens that your resource comes from an insecure location.

        Loading editor
    • The message I got was simply "loading iframes from other sites is disallowed", so I feel like even if I had a secure location I'd get nothing.

      If I do find an HTTPS replacement to try out I will, but at this point it feels like nothing will work anyways so idk, probably isn't worth the wasted time for one thing.

        Loading editor
    • Ah, so if its from a secure location, iframe JS will pass the review process? This is good news guys, the indiscriminate use of verbatim has been replaced with JS code importing vetted secure resources as shown in the thread. So Wikia is protecting us and allowing use of features in a safe way.

      I'm gonna pop this code in Notepad just in case I run into a bad hole with embedding secure content I may need. Thanks for the help, @Shining-Armor.

        Loading editor
    • That mean tommorow the verbatim tag'll be deleted. Is there a JS code that let's me put every HTML tag that I like? (I only should add the HTML code that I like between the JS)

        Loading editor
    • PhilippL wrote: That mean tommorow the verbatim tag'll be deleted. Is there a JS code that let's me put every HTML tag that I like? (I only should add the HTML code that I like between the JS)

      Could you provide a link to this verbatim feature? Perhaps it would also be good to post it in a new board thread, to prevent confusion with other messages.

        Loading editor
    • Winter7073
      Winter7073 removed this reply because:
      17:01, November 5, 2015
      This reply has been removed
    • I like to make a textbox, one checkbox, a radio checkbox, (more html tags). How can I do that HTML tags in JS that it'll work on Wikia?

        Loading editor
    • PhilippL wrote: I like to make a textbox, one checkbox, a radio checkbox, (more html tags). How can I do that HTML tags in JS that it'll work on Wikia?

      The best thing is to have an anchor in the point at which you want to insert your form, and then let JavaScript replace it with your own HTML code. For instance:

      Wiki code
      <!--
      an optional text "Loading..." will be visible while loading or
      if JS is not available/disabled
      -->
      <span id="customform-1">Loading...</span>
      
      Loading...
      JavaScript
      $("#customform-1").replaceWith(
      	'<div>' +
      		'<input type="text" />' +
      		'<input type="checkbox" /> checkbox' +
      		'<br />' +
      		'<input type="radio" name="customform-1-radio-1" id="customform-1-radio-1-option1" /> Radio 1' +
      		'<input type="radio" name="customform-1-radio-1" id="customform-1-radio-1-option2" /> Radio 2' +
      		'<input type="radio" name="customform-1-radio-1" id="customform-1-radio-1-option3" /> Radio 3' +
      		'<input type="radio" name="customform-1-radio-1" id="customform-1-radio-1-optionetc" /> Radio etc' +
      	'</div>'
      );

      It's just an example, though. There can be more elegant ways of doing this, but if the role of the form is unknown, it's a pretty general way to write it. You may also want to add a submit button and/or use JS to further customize the inserted content.

        Loading editor
    • Oh shoot. It is already Nov. 6 in my place... (And my birthday is just two days away.)

        Loading editor
    • Pinkgirl234 wrote: Oh shoot. It is already Nov. 6 in my place... (And my birthday is just two days away.)

      Hey, early happy birthday! ...but too bad wikia took the gift instead of replacing it. Oh, well, things happen.

        Loading editor
    • It won't be disabled until Nov 6 in Europe and America.

        Loading editor
    • We are currently running the process that disables Verbatim on the communities that still had it enabled. Caching will likely mean some usages remain working until the article updates.

        Loading editor
    • If I use JavaScript to create checkboxes, textboxes (etc.), the only way is to put it into my own JS page. What can I do that this code will work to all users? Is it impossible? Does it mean that I'm to only one that will see this check/textboxes?

        Loading editor
    • PhilippL wrote: If I use JavaScript to create checkboxes, textboxes (etc.), the only way is to put it into my own JS page. What can I do that this code will work to all users? Is it impossible? Does it mean that I'm to only one that will see this check/textboxes?

      Put it in MediaWiki:Wikia.js and MediaWiki:Common.js, or ask the local admins to do it for you if you cannot edit these pages. They are site-wide scripts, and therefore will affect everyone, just like verbatim tags do (unless they view it in the mobile skin or have JS disabled in their browser).

        Loading editor
    • But they're locked! Staff locked them since August up to know! Didn't you know that?

      Custom JavaScript is disabled on this wikia.


      Why do you tell me? I'm not VSTF or Staff.

        Loading editor
    • They are not locked if Help:JavaScript review process is enabled on your community. If needed, you can request it via Special:Contact/general.

        Loading editor
    • If it's not essential that all users have access to JS, but only for those who are going to use the script, you could put the source of the code in some project page, which will allow to those who are interested to copy & paste it in their custom JS pages.
      Otherwise, you can request review beta access via Special:Contact/general.

        Loading editor
    • 452

      LordTBT wrote:

      Don't you think less than a week is a bit short notice?

      Especially when they had already made the decision weeks ago:

      However, I'm going to level with you - we are removing Verbatim from our servers in the next few weeks.
      ~ Sep 18, 2:56 AM


      As soon as they made the decision, the responsible thing to do would have been to make a public announcement - much like this thread - to give everyone as much time as possible to come up with alternate solutions. Instead of waiting over a month to do so with around a week remaining.

      Whenever there is a major change, people always ask for more communication and advanced notice, but apparently that still hasn't gotten through to them.

      Luckily, I saw Deadcoder's blog post a month ago, and it gave me enough notice to come up with alternate solutions for all but one of my uses - and that remaining one is impossible. But if I had waited until Wikia's announcement, I would have been screwed: At the time, I could still edit the MediaWiki pages which used verbatim tags - I tried to edit one of those pages yesterday, and it is now locked.


      The first time I used verbatim, I immediately recognised that it could be used maliciously, and I thought it was great that Wikia trusted everyone with it, and that everyone was responsible enough not to abuse it. I don't know how many years it has been available, but I've found people talking about it in 2010, which means that there has been the potential for abuse for at least 5 years, but suddenly it's really urgent that it's turned off now.

      For the length of time verbatim has been available without issue, or Wikia caring about the potential for abuse, you'd think they would be able to give people a little more time to make changes.

        Loading editor
    • LordTBT wrote: The first time I used verbatim, I immediately recognised that it could be used maliciously, and I thought it was great that Wikia trusted everyone with it, and that everyone was responsible enough not to abuse it. I don't know how many years it has been available, but I've found people talking about it in 2010, which means that there has been the potential for abuse for at least 5 years, but suddenly it's really urgent that it's turned off now.

      ^This. Now, being able to embed pretty much ANYTHING on your Wiki with a one-size-fits-all is a fantastic feature and everyone really appreciated it - as much of a hole as it would be. But its time to say goodbye, close it and actually report when the built-in solutions don't work.

      LordTBT wrote: For the length of time verbatim has been available without issue, or Wikia caring about the potential for abuse, you'd think they would be able to give people a little more time to make changes.

      While a month would have been better, it may have been greenlighted by staff after the Mediawiki and Javascript changes. Which did take until the middle of October to get through to a significant amount - even though they're still ongoing and there are more new security features than the JS review process to come.

       Speedit   talk contribs  18:53, November 6, 2015 (UTC)

        Loading editor
    • We had hoped to give somewhat more notice, but unfortunately some technical issues caused difficulties with that.

      However, this was not something we that could be delayed forever - as a real security concern, it had to be dealt with sooner rather than later. There was reasonable cause to disable it much more quickly than this, but we felt that making sure the JS review process was widely available first would allow more a much more reasonable transition.

        Loading editor
    • Shining-Armor wrote:
      HTML:
      <div id="instagram-widget">Loading...</div>




      JavaScript:

      $(function() {
          if (document.getElementById('instagram-widget') !== null) {
              var node = document.createElement('iframe');
                  node.setAttribute('id', 'instansive_a344e628a5');
                  node.setAttribute('name', 'instansive_a344e628a5');
                  node.setAttribute('scrolling', 'no');
                  node.setAttribute('allowtransparency', 'no');
                  node.setAttribute('class', 'instansive-widget');
                  node.setAttribute('src', 'http://instansive.com/widgets/a344e628a544d72488279f575f4d6b5edd10457f.html');
                  node.style.width = '100%';
                  node.style.border = '0';
                  node.style.overflow = 'hidden';
       
              var script = document.createElement('script');
                  script.setAttribute('src', 'https://instansive.com/widget/js/instansive.js');
       
              document.getElementById('instagram-widget').appendChild(node);
              document.getElementsByTagName('head')[0].appendChild(script);
          }
      });




      Just a note. This widget does not support HTTPS unless you pay for it so I highly suggest that you find another widget that does support HTTPS by default.

      Shining, can you also do a flag counter using the code above and below?

      <a href="http://s06.flagcounter.com/more/E8">
      <img src="http://s06.flagcounter.com/map/E8/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/" alt="Flag Counter" border="0"></a>
        Loading editor
    • If only there is a safe alternative tag for verbatim. And no matter how much that safe alternative tag is tried being used for anything malicious, nothing will work, as if that alternative tag recognizes what harm it intends to do so it rejects it.

      Also, is verbatim dead now? Because it's already November 7 in my place here (and my birthday is already tomorrow).

        Loading editor
    • Crossovers wrote:

      Shining-Armor wrote:
      HTML:
      <div id="instagram-widget">Loading...</div>




      JavaScript:

      $(function() {
          if (document.getElementById('instagram-widget') !== null) {
              var node = document.createElement('iframe');
                  node.setAttribute('id', 'instansive_a344e628a5');
                  node.setAttribute('name', 'instansive_a344e628a5');
                  node.setAttribute('scrolling', 'no');
                  node.setAttribute('allowtransparency', 'no');
                  node.setAttribute('class', 'instansive-widget');
                  node.setAttribute('src', 'http://instansive.com/widgets/a344e628a544d72488279f575f4d6b5edd10457f.html');
                  node.style.width = '100%';
                  node.style.border = '0';
                  node.style.overflow = 'hidden';
       
              var script = document.createElement('script');
                  script.setAttribute('src', 'https://instansive.com/widget/js/instansive.js');
       
              document.getElementById('instagram-widget').appendChild(node);
              document.getElementsByTagName('head')[0].appendChild(script);
          }
      });




      Just a note. This widget does not support HTTPS unless you pay for it so I highly suggest that you find another widget that does support HTTPS by default.

      Shining, can you also do a flag counter using the code above and below?

      <a href="http://s06.flagcounter.com/more/E8">
      <img src="http://s06.flagcounter.com/map/E8/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/" alt="Flag Counter" border="0"></a>

      HTML:

      <div id="flagcounter-widget">Loading...</div>




      JavaScript:

      $(function() {
          if (document.getElementById('flagcounter-widget') !== null) {
              var link = document.createElement('a');
                  link.setAttribute('href', 'http://s06.flagcounter.com/more/E8');
       
              var image = document.createElement('img');
                  image.setAttribute('src', 'http://s06.flagcounter.com/map/E8/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/');
                  image.setAttribute('alt', 'Flag Counter');
                  image.setAttribute('border', '0');
       
              link.appendChild(image);
              document.getElementById('flagcounter-widget').appendChild(link);
          }
      });
        Loading editor
    • So Verbatim's gone now? …for now, at least?

        Loading editor
    • Yes, Verbatim has been disabled now, and we've updated the help page to reflect that. Note that caching will likely mean some effects are not immediate.

        Loading editor
    • Shining-Armor wrote:

      Crossovers wrote:


      Shining-Armor wrote:
      HTML:
      <div id="instagram-widget">Loading...</div>




      JavaScript:
      $(function() {
          if (document.getElementById('instagram-widget') !== null) {
              var node = document.createElement('iframe');
                  node.setAttribute('id', 'instansive_a344e628a5');
                  node.setAttribute('name', 'instansive_a344e628a5');
                  node.setAttribute('scrolling', 'no');
                  node.setAttribute('allowtransparency', 'no');
                  node.setAttribute('class', 'instansive-widget');
                  node.setAttribute('src', 'http://instansive.com/widgets/a344e628a544d72488279f575f4d6b5edd10457f.html');
                  node.style.width = '100%';
                  node.style.border = '0';
                  node.style.overflow = 'hidden';
       
              var script = document.createElement('script');
                  script.setAttribute('src', 'https://instansive.com/widget/js/instansive.js');
       
              document.getElementById('instagram-widget').appendChild(node);
              document.getElementsByTagName('head')[0].appendChild(script);
          }
      });





      Just a note. This widget does not support HTTPS unless you pay for it so I highly suggest that you find another widget that does support HTTPS by default.
      Shining, can you also do a flag counter using the code above and below?
      <a href="http://s06.flagcounter.com/more/E8">
      <img src="http://s06.flagcounter.com/map/E8/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/" alt="Flag Counter" border="0"></a>
      HTML:
      <div id="flagcounter-widget">Loading...</div>





      JavaScript:
      $(function() {
          if (document.getElementById('flagcounter-widget') !== null) {
              var link = document.createElement('a');
                  link.setAttribute('href', 'http://s06.flagcounter.com/more/E8');
       
              var image = document.createElement('img');
                  image.setAttribute('src', 'http://s06.flagcounter.com/map/E8/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/');
                  image.setAttribute('alt', 'Flag Counter');
                  image.setAttribute('border', '0');
       
              link.appendChild(image);
              document.getElementById('flagcounter-widget').appendChild(link);
          }
      });


      Thanks! Your help is greatly appreciated!

        Loading editor
    • Are there any plans to create a timezone Wikia widget? I run 2 MMORPG Wikis which rely on this to inform international players of times for different servers and the disabling of Verbatim pretty much took that away. I understand that there's a JS clock feature, but it's not customizable enough to suit this need.

        Loading editor
    • Post the code you are using now and I will see what I can do for you.

        Loading editor
    • As someone who made use of the YouTubePlayer template and its associated MediaWiki pages, neither the video embed tool nor the <youtube></youtube> tags are suitable replacements. What made YouTubePlayer so great was its ability to play whole playlists of videos automatically without user input, as well as its ability to make the video player invisible; very useful for userpage music, which proved popular on the wiki I administrate.

      How could this be replicated without using verbatim?

        Loading editor
    • Shining-Armor wrote:
      Post the code you are using now and I will see what I can do for you.


      <div style="border-radius: 10px; overflow: hidden;padding:0px 3px;padding-top:3px; width:190px; margin:auto; align:center; text-align:center;"><iframe src="http://localtimes.info/timediff.php?lcid=USCA0138&cp=000000,FFFFFF&uc=0" seamless="" style="background:white" frameborder="0" height="44" width="190"></iframe><a target="_top" href="http://localtimes.info/difference/?lcid=USCA0138" title="Time Converter & Time Difference" style="color: rgb(0, 0, 0);"><span style="font-size:10px; font-family:verdana;geneva;line-height:18px;">Time Converter</span></a></div>

        Loading editor
    • NOOOOOOOOOOOOOOOOOOO! VERBATIM IS GONE!!!!!!!!!!!!! WIKIA YOU WILL GONNA PAY FOR THIS!!!! >:(

        Loading editor
    • TheOtherGuest2 wrote: NOOOOOOOOOOOOOOOOOOO! VERBATIM IS GONE!!!!!!!!!!!!! WIKIA YOU WILL GONNA PAY FOR THIS!!!! >:(

      lol

        Loading editor
    • TheOtherGuest2 wrote:
      NOOOOOOOOOOOOOOOOOOO! VERBATIM IS GONE!!!!!!!!!!!!! WIKIA YOU WILL GONNA PAY FOR THIS!!!! >:(

      Yeah, no.

        Loading editor
    • Shining-Armor wrote:
      Post the code you are using now and I will see what I can do for you.
      Hello, sorry to bug you, but can you make some JS so I can successfully embed a Twitter timeline in my wiki's MediaWiki:Chat-entry-point-guidelines? Something like this:
      Twitter in chat
        Loading editor
    • PlasmoidThunder wrote: As someone who made use of the YouTubePlayer template and its associated MediaWiki pages, neither the video embed tool nor the <youtube></youtube> tags are suitable replacements. What made YouTubePlayer so great was its ability to play whole playlists of videos automatically without user input, as well as its ability to make the video player invisible; very useful for userpage music, which proved popular on the wiki I administrate.

      How could this be replicated without using verbatim?

      Template:
      <div style="{{{Style|height: {{{Height|23px}}}; width: {{{Width|417px}}}; border: 3px outset #0f0f0f}}}"><div id="MPC">{{{1}}}</div></div>
      Common.js:
      $("#MPC").replaceWith(function(){return '<iframe width="100%" height="100%" src=" http://www.youtube.com/'+$(this).text()+'?version=3&hl=en_US&theme=dark&color=white&loop=1&showinfo=0&autohide=0&disablekb=1&autoplay=0" frameborder="0" allowfullscreen=0></iframe>';});
        Loading editor
    • @Crossovers: is the basic idea that you want to have a Twitter module in the right rail? If so, could you send it in to Special:Contact for further discussion? Thanks!

      Regarding the YouTube player: we are not keen on invisible music players, but the idea of supporting playlists is something we like. We plan to investigate adding native support for that.

        Loading editor
    • Kirkburn wrote: @Crossovers: is the basic idea that you want to have a Twitter module in the right rail? If so, could you send it in to Special:Contact for further discussion? Thanks!

      Regarding the YouTube player: we are not keen on invisible music players, but the idea of supporting playlists is something we like. We plan to investigate adding native support for that.

      It's also posible to embed an autoplaying mp3/ogg audio file into the page as a background element. (However, this can be annoying as hell to the reader if you choose a earsplitting clip or make it long).

        Loading editor
    • White Power Ranger wrote:

      PlasmoidThunder wrote: As someone who made use of the YouTubePlayer template and its associated MediaWiki pages, neither the video embed tool nor the <youtube></youtube> tags are suitable replacements. What made YouTubePlayer so great was its ability to play whole playlists of videos automatically without user input, as well as its ability to make the video player invisible; very useful for userpage music, which proved popular on the wiki I administrate.

      How could this be replicated without using verbatim?

      Template:
      <div style="{{{Style|height: {{{Height|23px}}}; width: {{{Width|417px}}}; border: 3px outset #0f0f0f}}}"><div id="MPC">{{{1}}}</div></div>
      Common.js:
      $("#MPC").replaceWith(function(){return '<iframe width="100%" height="100%" src=" http://www.youtube.com/'+$(this).text()+'?version=3&hl=en_US&theme=dark&color=white&loop=1&showinfo=0&autohide=0&disablekb=1&autoplay=0" frameborder="0" allowfullscreen=0></iframe>';});

      Thank you so very much! With a bit of alteration to both the YoutubePlayer and MPC templates, I was able to replicate the functions of the original setup.

        Loading editor
    • Wow, supporting solutions to the disabling of Verbatim by forum thread... ugly.

        Loading editor
    • Hello there, admin of Nuclear Throne wiki here. I've read through this thread with possible solutions and replacement for Verbatim but mine was used for Twitch, it showed channels that are currently streaming the game. Is there any replacement for that kind of code ?

        Loading editor
    • Fandyllic wrote:
      Wow, supporting solutions to the disabling of Verbatim by forum thread... ugly.

      I get that you're against people using this thread to request alternatives to their verbatim stuff, but if the folks who run this place are OK with it, then I don't see the need to be so sour about it ;P

      For the record, I was going to make a new thread entirely, but the OP mentions about using the video embed tool as an alternative to YoutubePlayer (albeit not directly) when it barely comes close to its functionality, so my post effectively doubles up as a notice about how limited the embed tool is and how it's not really a suitable replacement for YoutubePlayer.

        Loading editor
    • Gieron wrote: Hello there, admin of Nuclear Throne wiki here. I've read through this thread with possible solutions and replacement for Verbatim but mine was used for Twitch, it showed channels that are currently streaming the game. Is there any replacement for that kind of code ?

      We don't have a native solution for Twitch - but that's an interesting one. I've not seen others mention Twitch so far, but it's certainly an extremely popular platform for gaming. That said, wouldn't most who want to view streams simply go to Twitch itself, given that streams are intermittent?

        Loading editor
    • Kirkburn wrote:

      We don't have a native solution for Twitch - but that's an interesting one. I've not seen others mention Twitch so far, but it's certainly an extremely popular platform for gaming. That said, wouldn't most who want to view streams simply go to Twitch itself, given that streams are intermittent?

      I mean why don't they go to twitter or youtube or any other page that verbatim used ? You don't have a solution, that sux. Guess I'm getting rid of that.

        Loading editor
    • Penguin-Pal wrote:

      TheOtherGuest2 wrote: NOOOOOOOOOOOOOOOOOOO! VERBATIM IS GONE!!!!!!!!!!!!! WIKIA YOU WILL GONNA PAY FOR THIS!!!! >:(

      lol

      THATS NOT FUNNY!!! >:(

        Loading editor
    • Kirkburn wrote:

      We don't have a native solution for Twitch - but that's an interesting one. I've not seen others mention Twitch so far, but it's certainly an extremely popular platform for gaming. That said, wouldn't most who want to view streams simply go to Twitch itself, given that streams are intermittent?

      I think the script being referred to is a status image that tells viewers if a Twitch channel is livestreaming or not. I used to have this on my Wiki to inform people of livestreams held by a gaming company and this change hinders the advertisement of them and the games they're promoting.

        Loading editor
    • I could slap together a Twitch replacement.

        Loading editor
    • Deadcoder wrote:
      I could slap together a Twitch replacement.


      That would be sweet. Plz try, good luck !

      Mine showed the streamer account's name, number of viewers he has currently on the right side and a small twitch icon on the left. That's all. Clicking on the name brought you straight to that stremers channel on twitch.

        Loading editor
    • Please post links to your current code, so I can figure out how to do this.

        Loading editor
    • Deadcoder wrote: Please post links to your current code, so I can figure out how to do this.

      http://nuclear-throne.wikia.com/wiki/MediaWiki:LiveTwitchStreams

      and this was on the front page:

      <div id="LiveOnTwitch"><verbatim>LiveTwitchStreams</verbatim></div>

        Loading editor
    • Done.

      http://dev.wikia.com/wiki/TwitchStuff

      Slap this into your MediaWiki:Common.js file: :importScriptPage('TwitchStuff/FeedListGenerator.js', 'dev');

      You can call this with this blob of text:

      <span class="TwitchFeedList" data-widget-id="kraken/streams?game=Nuclear+Throne" ></span>

      This should work until I can put together something better.

        Loading editor