Abstarct: This article introduce how to configure the GitLab and let the GitLab Wiki MarkDown support the iframe html element.

GitLab is a great software to deploy git repository and manage issues. Meanwhile, the wiki system is also awesome.

The wiki of GitLab support Markdown, AsciiDoc and RDoc, which nearly include all the syntax and presentation for a document even for formal thesis and paper.

Currently, most of the developers use the Markdown as the main document language, the GitLab not only support the standard MarkDown but also support other features. This markdown is called GitLab Flavour Markdown (GFM).

According to the official document, we can find that it supports the Inline HTML which means that we can add any HTML source code to render the Wiki. This feature can enhance the ability of representation of our document.

However, there are some limitations when using the HTML. Thinking about the security, there is a whitelist HTML syntax that can be rendered. If you use the HTML tag which is not in the whitelist, the DOM will be ignored.

This whitelist is based on the Sanitize which is Whitelist-based Ruby HTML and CSS sanitizer. The detailed document is HTML::Pipeline’s SanitizationFilter class.

Now the problem is that, is it possible to add some other HTML into the GitLab wiki (on-premise not cloud)? The answer is yes! We can customise the SanitizationFilter by ourselves.

## Sanitize official example

There is an example in the official document which adds the iframe with only support YouTube video.

## GitLab relative sanitization_filter file

The first and important thing to let GitLab wiki support the iframe is finding the corresponding configuration: sanitization_filter.rb

By using the Linux shell to search sudo find / -name "sanitization_filter.rb" we can find there are two files with this name.

By the way, the GitLab version is 11.1.4-33.

The second one is what we need to customise which is under the html-pipeline embedded lib.

## sanitization_filter update

The original file is as follows:

So what we need to do is to add new lambda in the transformers.

Then the final configure looks like as follows:

## Apply the configuration

In order to apply the change, we need to update the configuration:

## Other configuration

if you want to add more HTML support, you can reference the official document to update the sanitization_fileter.rb file