forrest-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefano Mazzocchi <stef...@apache.org>
Subject Re: [proposal] Doco
Date Tue, 28 Oct 2003 11:16:30 GMT

On Tuesday, Oct 28, 2003, at 11:14 Europe/Rome, Nicola Ken Barozzi 
wrote:

> Stefano Mazzocchi wrote:
>
>> On Monday, Oct 27, 2003, at 15:35 Europe/Rome, Robert Koberg wrote:
>>>> nah, dude, look: doco has a very precise editing access point. You 
>>>> can
>>>> *ONLY* modify xml content. So, changes to .htaccess, CGI scripts,
>>>> servlet upload, sql injection, cross-site-scripting, and you next
>>>> favorite attack will NOT work because the system prevents it by 
>>>> design
>>>> [not saying it cannot happen, but if it does it's a bug, not a 
>>>> faulty
>>>> design]
>>>
>>> FWIW, I agree. Perhaps the submit goes to a well-formedness check 
>>> (or even
>>> better?, schema/dtd validation). If it fails, it doesn't even enter 
>>> the
>>> approval process.
>> Absolutely. This wasn't mentioned, but planned. I will do relaxng 
>> validation before allowing any xml data into the system. This should 
>> be enough for documentation.
>
> Forrest also uses other files as source formats:
>  cwiki  (wiki)
>  ihtml  (cleaned html)
>  ehtml  (passthrough html)
>  txt    (text files)

Linotype will generates XHTML only and this is what forrest will have 
to process.

>>> Perhaps a notification email is sent describing that an
>>> invalid submittal was sent.
>> Nah, it would just fail and log the failure. No need to spam further 
>> since it might well be a bug in the editing software ;-) [I have 
>> experienced a few of them as well]
>>> The user is returned an error page saying the
>>> post was rejected, in case it was just a mistake.
>>>
>>> On another note, can images/PDFs/other-binaries be uploaded?
>> Damn, forgot about this!
>> My suggestion would be to process the binary file and determine if 
>> it's an image or not.
>> If not, reject it right away. [there should be *NO* need to upload 
>> any other binary file ]
>
> For uploads of binary resources, we can limit them to the ones we want 
> to cater for as forrest content as images. For the other types of 
> things that are to be rendered as "raw", like PDFs, tarballs, 
> javadocs, etc, we will have to use the same method we use now.

No. File upload will be limited to images for now. Too risky to allow 
anything else.

--
Stefano.


Mime
View raw message