Comments (2)
ryanj
commented on June 8, 2024
Consider allowing a configuration flag that enables site admins to easily include iframes in the HTML element whitelist
from gist-reveal.
Rob-Rychs
commented on June 8, 2024
Same configuration flag could potentially allow <canvas> elements to be added to whitelist see #71 and #10
While these elements have been known to have security implications it'd be interesting to add this flag configuration option in combination with the export to gh-pages feature mentioned in #68 find new hosting
If the export to gh-pages function:
- accepted optional flags for allowing iframes + canvas elements (maybe this is the only function which accepts those flags)
- requested all of a user's gists
- somehow identifies any gists which are not reveal.js presentations and ignores them (looks for the section element groupings in html? does include 'reveal' in reveal-gist.html filename and then removes it/sanitizes it? any other ideas?)
- builds a static html site of all the users gist slides with the default theme (or flag) and pushes it to a gh-pages branch
- adds a sidebar menu to html which can toggle display/hide and displays scrollable list of links to all the users presentations by gist.name
This would be a nice way to include the troublesome elements like canvas + iframe since gh-pages static hosting would reduce the security exposure/naughty opportunities (is that accurate?).
Sure it might not solve the rate-limiting issue with gh-pages but it would allow a user to build a static site archive of all his (public) slides to share, kind of cool!
from gist-reveal.
Related Issues (20)
- concurrency indicator, audience counter
- Embedded "setting started" guide / Nav Howto / Usage Info HOT 2
- Action required: Greenkeeper could not be activated 🚨
- status Badges for days HOT 1
- RevealJS 3.6 is available HOT 1
- Find new hosting HOT 3
- editors?
- [Question] Need help/advice getting my reveal-js theme to work best with gist-reveal-it HOT 5
- broken link on line 63 in readme HOT 1
- Feature Request: Local Development mode
- Feature Request: Only send slide transition events to viewers that have a matching gist_id
- switch to ubi node base image HOT 1
- An in-range update of sanitize-html is breaking the build 🚨 HOT 6
- An in-range update of reveal.js is breaking the build 🚨 HOT 3
- An in-range update of request is breaking the build 🚨 HOT 1
- publish ARM images HOT 1
- move cache folder under /tmp
- Add a "Copy" button to example commands (see kubernetesbyexample.com) HOT 1
- reveal.js 4.4 now available HOT 1
- Is this still maintained? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gist-reveal.