Help:Tag extensions

Tag extensions are fully supported only for JAMWiki 1.2 and later, and only work with the default JFlex parser. In addition, this capability is still under development, so usage may change significantly between major releases.

Starting with JAMWiki 1.2, the default JFlex parser can be configured to support extensions to the base wiki syntax. For example, sites that wish to allow Facebook "like" buttons can do so by enabling the <facebook /> tag.

[Edit]Usage

There are several steps that must be taken to use parser extensions:

1. Parser extensions only work with the default JFlex parser, which can be selected from the "Parser Settings" tab of the Special:Admin page.
2. Several extensions are included in the default JAMWiki distribution in the jamwiki-jflex-parser-tags JAR file. If you wish to use an extension tag from another library then the required JAR file must be copied to your application server's class path.
3. To enable an extension tag, modify the /resources/jamwiki-configuration.xml file in the JAMWiki file system directory to include the tag class name and (optionally) the tag name by updating the jflex-parser-custom-tag section as follows:

     <jflex-parser-custom-tags>
       <custom-tag>
         <class>org.jamwiki.parser.jflex.addon.FacebookTag</class>
         <key>facebook</key> <!-- key is optional, defaults if not specified -->
       </custom-tag>
     </jflex-parser-custom-tags>
   

4. Restart your wiki instance.
5. The extension tag can now be included in wiki syntax as <tag_name />, where tag_name is either the default tag name or the name configured in step #3.

[Edit]FAQ

[Edit]Are there security concerns when using extension tags?

Many tags are implemented as extensions because they do have security concerns. For example, the iframe tag can be easily exploited by malicious users to implement a Cross-site scripting attack. In many cases such issues may not be a concern, for example when using the tag on an internal wiki, and in other cases security concerns can be mitigated by being vigilant about how the tags are used, or by implementing limitations on tag usage with tools such as the spam filter to prevent end users from utilizing the tag. See each tag description for a list of specific security issues to be aware of.

[Edit]Tags included with JAMWiki by default

[Edit]<facebook />

The facebook tag allows implementation of Facebook like / recommend buttons. See http://developers.facebook.com/docs/reference/plugins/like/ for additional details.

[Edit]Syntax

  <facebook data-href="http://www.example.com" />

data-href

The full URL of the page to like/recommend on Facebook. Defaults to the current page URL.

data-send

Either true or false, depending on whether to include a "Send" button. Defaults to false.

data-layout

The like/recommend button's layout style. Must be one of "button_count", "standard" or "box_count", with the default being "standard".

data-width

The width in pixels of the generate like/recommend box. Must be specified as an integer, with the default being 450.

data-show-faces

Either true or false, depending on whether to include profile pictures. Defaults to false.

data-action

Tag attribute name for the verb to use - either "like" or "recommend". Defaults to "like".

app-id

The Facebook application ID to tie the like/recommend to. Defaults empty.

locale

Locale used by the Facebook button, useful for localizing button text. Only locales that are supported by Facebook are valid. Example "en_GB". Defaults to "en_US".

[Edit]Configuration

  <jflex-parser-custom-tags>
    <custom-tag>
      <class>org.jamwiki.parser.jflex.addon.FacebookTag</class>
    </custom-tag>
  </jflex-parser-custom-tags>

[Edit]Security concerns

By enabling this tag malicious users could implement "like" buttons that reference sites other than the current site. Administrators should monitor usage of this tag carefully.

[Edit]<iframe />

The iframe tag allows use of HTML IFrames in wiki pages. The syntax is exactly the same as a normal HTML iframe tag.

[Edit]Syntax

  <iframe src="http://www.example.com" id="iframe_id" scrolling="yes"></iframe>

[Edit]Configuration

  <jflex-parser-custom-tags>
    <custom-tag>
      <class>org.jamwiki.parser.jflex.addon.IFrameTag</class>
    </custom-tag>
  </jflex-parser-custom-tags>

[Edit]Security concerns

Enabling iframes allows malicious users to implement cross-site scripting attacks, whereby the iframe is used to load an external page that can be used to fool users into entering password or other sensitive information.

[Edit]<twitter />

The twitter tag allows implementation of Twitter "tweet" buttons. See http://twitter.com/about/resources/buttons#tweet for additional details.

[Edit]Syntax

  <twitter data-href="http://www.example.com" />

data-href

The full URL of the page being Tweeted. Defaults to the current page URL.

data-count

The "count" layout for the button. One of "horizontal", "vertical" or "none", with "horizontal" being the default.

[Edit]Configuration

  <jflex-parser-custom-tags>
    <custom-tag>
      <class>org.jamwiki.parser.jflex.addon.TwitterTag</class>
    </custom-tag>
  </jflex-parser-custom-tags>

[Edit]Security concerns

By enabling this tag malicious users could implement "Tweet" buttons that reference sites other than the current site. Administrators should monitor usage of this tag carefully.

[Edit]Third-party tags

[Edit]<source>

Author: shar

The source tag will automatically highlight programming language syntax.

[Edit]Syntax

  <source lang="java">
  void main(){
     int i;
  }
  </source>

[Edit]Configuration

  <jflex-parser-custom-tags>
    <custom-tag>
      <class>org.jamwiki.parser.jflex.addon.SourceTag</class>
    </custom-tag>
  </jflex-parser-custom-tags>

The following JAR files must be in the classpath for this code to work:

• sourcehl.jar
• jhighlight.jar

Source code can be found at Jhighlight or downloaded directly as jhighlight src.zip

[Edit]Security concerns

None.