iframe support

[CosteaPaul]

I'm curious what the consensus is on allowing iframes to be dropped into posts.
In my "setup", each post is linked to a unique entity which i would like to further decorate with information live-pulled from other sources. Having a small, stand-alone page that i could drop in is the cleanest way i can think of doing this. (obviously, a link-out would also work, but that's no the ideal solution; would prefer that the user is met with as much data as possible and doesn't have to click around too much).

Thus the question: will the iframe tag ever be supported? Is there a way to enable that in specific circumstances to mitigate most of the security issues that come with it?

Thanks!
-Paul

[dessalines]

Wrong repo.

[dessalines]

I think it might be possible, I'm not sure all the security-type things we'd have to disable. I won't have time to work on this for a while tho, but I'd welcome a PR or console logs for what doesn't currently work.

[CosteaPaul]

Thanks @dessalines . I'll poke at this a bit and see if i can figure out where to issue is.
I'm new to this code-base so i'm flying blind.

[CosteaPaul]

After a bit more poking around, this looks actually pretty easy to fix.

Now, by default, all html is off in the markdown (see #650). This seems to be just a matter of turning the parsing on/off completely here:
https://github.com/LemmyNet/lemmy-ui/blame/main/src/shared/utils.ts (line 102).

Would it be possible to have this as a conf option? Added somewhere here:
https://join-lemmy.org/docs/en/administration/configuration.html

So that one can decide to turn on the html tags and live with the consequences?

If i force-drop my iframe tag into the html of a post it loads just fine. Just that should just work out of the box

Thanks,
-Paul

[RokeJulianLockhart]

Why is this a discussion now, @alectrocute? I want to only subscribe to issue closure, so this is rather an annoyance.

[alectrocute]

Moved all questions into discussions to clean up current issues. Feel free to make a PR, or create a new feature request that's less of a discussion.