iframe support?

[ryanj]

Need to consider the security implications for iframes.

Best use-cases:

• videos in presentations
• hacking

[ryanj]

Consider allowing a configuration flag that enables site admins to easily include iframes in the HTML element whitelist

[Rob-Rychs]

Same configuration flag could potentially allow <canvas> elements to be added to whitelist see #71 and #10

While these elements have been known to have security implications it'd be interesting to add this flag configuration option in combination with the export to gh-pages feature mentioned in #68 find new hosting

If the export to gh-pages function:

1. accepted optional flags for allowing iframes + canvas elements (maybe this is the only function which accepts those flags)
2. requested all of a user's gists
3. somehow identifies any gists which are not reveal.js presentations and ignores them (looks for the section element groupings in html? does include 'reveal' in reveal-gist.html filename and then removes it/sanitizes it? any other ideas?)
4. builds a static html site of all the users gist slides with the default theme (or flag) and pushes it to a gh-pages branch
5. adds a sidebar menu to html which can toggle display/hide and displays scrollable list of links to all the users presentations by gist.name

This would be a nice way to include the troublesome elements like canvas + iframe since gh-pages static hosting would reduce the security exposure/naughty opportunities (is that accurate?).

Sure it might not solve the rate-limiting issue with gh-pages but it would allow a user to build a static site archive of all his (public) slides to share, kind of cool!