Opened 17 years ago
Last modified 14 years ago
#4536 new enhancement
render_unsafe_content in [4472] could be restricted to read-only pages.
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | unscheduled |
| Component: | wiki system | Version: | devel |
| Severity: | minor | Keywords: | unsafe content |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
In my case i don't want to allow the unsafe content to be available on all pages (the scripts are used to allow documentation to have special links for firefox browsers to load pkcs11 modules). So instead of turning this feature on wiki-wide I would be happy and more secure if i could turn it on for read-only pages only (as I'm willing to make that page read-only)
Attachments (0)
Change History (4)
comment:1 by , 17 years ago
| Milestone: | → 0.12 |
|---|
comment:2 by , 16 years ago
This sounds like a great enhancement, I would really like to have that.
Any progress on the issue?
comment:3 by , 16 years ago
No, it's not exactly clear either how this could be implemented cleanly.
Eventually (ab)using the permission system with a RENDER_UNSAFE_CONTENT capability and in the WikiProcessor, checking that permission for the formatter.resource. The advantage of such an approach would be to be able to modulate the render_unsafe_content on a per-resource basis.
It would also be possible to write an IPermissionPolicy plugin that would grant that "permission" for all read-only wiki page.
comment:4 by , 14 years ago
| Milestone: | next-major-0.1X → unscheduled |
|---|---|
| Owner: | removed |
I think it's a good idea.