Last modified: 2006-08-29 11:24:10 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 3266 - MediaWiki site stay in iframes
MediaWiki site stay in iframes
Product: MediaWiki
Classification: Unclassified
General/Unknown (Other open bugs)
All All
: Normal normal with 2 votes (vote)
: ---
Assigned To: Nobody - You can work on this!
: 3267 (view as bug list)
Depends on:
  Show dependency treegraph
Reported: 2005-08-25 15:28 UTC by Ronald Beelaard
Modified: 2006-08-29 11:24 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Ronald Beelaard 2005-08-25 15:28:47 UTC
The file wikibits.js has a = window.location;
instruction to prevent e.g. wikipedia being framed into another page.
On the one side I understand the reason, on the other however I doubt the 
effectiveness and question whether this in line with the open character of 
Effectiveness: works ok with normal frames, but not with an iframe. In that 
case the browser (IE and MZ) only reports an error which is easily to be 
Btw: More harmful are sites such as, which take a page from wp 
and modify this on the server for their own benefit.

Why I bother:
I'm currently developing an enhanced integration between a catalogue search 
system in a public library. After the normal search the user will have the 
option to seamlessly lookup an article in wikipedia, provided one or more of 
the search words are present in one or more titles of articles. A further 
enhancement will be the implementation of correction algorithms in case of 
typos and alike (see also my paper, presented on wikimania 
entitled "Searching in a Public Library"). Depending on experiences acquired, 
wp may benefit from this in future.
Obviously there are alternatives conceivable as work around, but my main 
concern is potential vandalism in an environment such as a public library. 
Therefore I want to open wp in a frame set, where there is a hidden frame 
that ensures that always a registered (but restricted) user is logged on. I 
won't rely on the persistent presence of a cookie or the accidental log out 
of the anonymous users in that establishment.
Comment 1 Filip Maljkovic [Dungodung] 2005-08-25 15:40:14 UTC
*** Bug 3267 has been marked as a duplicate of this bug. ***
Comment 2 Antoine "hashar" Musso (WMF) 2005-08-25 15:40:37 UTC
This is intended behaviour of the MediaWiki software when used on
WikiMedia foundation. We do not bandwith to be stealed by others
so we untrap it from frames.

As for freeness of wikipedia, you can download a dump and install
a local copy of the content then you are free to do whatever you
want with it as long as your respect the license (GFDL).

The real bug here is that mediawiki does not untrap of iframes.
Changing summary to better reflect the issue.
Comment 3 Ronald Beelaard 2005-08-25 15:50:44 UTC
(In reply to comment #2)
> This is intended behaviour of the MediaWiki software when used onWikiMedia 
foundation. We do not bandwith to be stealed by othersso we untrap it from 
frames.As for freeness of wikipedia, you can download a dump and installa local 
copy of the content then you are free to do whatever youwant with it as long as 
your respect the license (GFDL).The real bug here is that mediawiki does not untrap 
of iframes.Changing summary to better reflect the issue.

Don't consider this "stealing". See my remark on That is stealing and 
subsequently earning money because of the ads.
Current implementation ( is indeed with downloaded db, but dumps 
are very rarely produced nowadays and formats are changing.
Comment 4 Zoran Obradovic 2005-11-15 17:42:53 UTC
I've been writing a JS category browser that would benefit greatly from using an
iframe. I understand and fully support the concerns about bandwidth stealing, I
don't see why we should be stopping wikipedia pages loading into frames INSIDE
other wikipedia pages. Changing 

if( != window ) = window.location;

to something like

if (!=window.location.hostname) {
= window.location;}

would permit pages to be shown in framesets and iframes ONLY if the document in
the top window is coming from the same host as the page itself. This should
allow us to write tools that need frames without increasing the risk of
bandwidth theft.
Comment 5 James Greenhalgh 2006-08-27 22:41:31 UTC
I understand that the original intended purpose of MediaWiki was and still is to
power Wikipedia. However, a reference should be provided so that this 'feature'
can be disabled when MediaWiki is used for private use and frames are required
for appropriate use. I want to add a framed navigation bar to the top of the
page and this isnt currently possible with the version of MediaWiki that I am

There used to be a solution for versions up to 1.5.8:

However now MediaWiki continues to block intentional frames as well. Editing
stylesheets/wikibits.js has no effect. MediaWiki still keeps popping out. Must
be something else somwhere else involved as well?

Preferably this should be configurable from the LocalSettings php file.
Comment 6 James Greenhalgh 2006-08-27 22:50:20 UTC
^^ Thank you in advance if this is possible.

(where are my manners ;)

Comment 7 Brion Vibber 2006-08-29 11:24:10 UTC
This is in the faq, and you may customize your files for the broken frames behavior if you like.

Note You need to log in before you can comment on or make changes to this bug.