Last modified: 2008-09-01 20:34:48 UTC
Created attachment 4516 [details]
Patch to MediaWiki 1.12 (r29322) which adds a wgAllowExternalImagesFromRegex variable.
We have the variable $wgAllowExernalImages to let us disable spam through externally embedded images.
And we have $wgAllowExternalImagesFrom to then allow a single start of a url to be whitelisted.
But that isn't enough.
Say we had our wiki:
And our images were at:
If we were to say set:
$wgAllowExernalImages = false;
$wgAllowExernalImagesFrom = 'http://www.example.com';
Then we can let people external embed using something like http://www.example.com/image/a/ab/Imagename.png.
However, if they tried to use say; http://example.com/image/a/ab/Imagename.png it wouldn't be allowed.
As for another example. Perhaps we might want to allow image hosting services, but wouldn't want to hotlink from non-hosting services. Unfortunately, we can only whitelist one url, and hosting services use more than one url starting.
So we need a better way to allow whitelisting image embeds. Either though an array or through Regex.
The attachment I have here is a patch to MediaWiki 1.12 (r29322), it allows the use of image whitelisting through the variable $wgAllowExternalImagesFromRegex. Didn't test it, but it's the simple sort of thing you just know works. Feel free to test it before applying.
Fixed in r40310