forrest-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicola Ken Barozzi <nicola...@apache.org>
Subject Re: [proposal] Doco
Date Tue, 28 Oct 2003 10:14:39 GMT
Stefano Mazzocchi wrote:

> 
> On Monday, Oct 27, 2003, at 15:35 Europe/Rome, Robert Koberg wrote:
> 
>>> nah, dude, look: doco has a very precise editing access point. You can
>>> *ONLY* modify xml content. So, changes to .htaccess, CGI scripts,
>>> servlet upload, sql injection, cross-site-scripting, and you next
>>> favorite attack will NOT work because the system prevents it by design
>>> [not saying it cannot happen, but if it does it's a bug, not a faulty
>>> design]
>>
>> FWIW, I agree. Perhaps the submit goes to a well-formedness check (or 
>> even
>> better?, schema/dtd validation). If it fails, it doesn't even enter the
>> approval process.
> 
> Absolutely. This wasn't mentioned, but planned. I will do relaxng 
> validation before allowing any xml data into the system. This should be 
> enough for documentation.

Forrest also uses other files as source formats:
  cwiki  (wiki)
  ihtml  (cleaned html)
  ehtml  (passthrough html)
  txt    (text files)

>> Perhaps a notification email is sent describing that an
>> invalid submittal was sent.
> 
> Nah, it would just fail and log the failure. No need to spam further 
> since it might well be a bug in the editing software ;-) [I have 
> experienced a few of them as well]
> 
>> The user is returned an error page saying the
>> post was rejected, in case it was just a mistake.
>>
>> On another note, can images/PDFs/other-binaries be uploaded?
> 
> Damn, forgot about this!
> 
> My suggestion would be to process the binary file and determine if it's 
> an image or not.
> 
> If not, reject it right away. [there should be *NO* need to upload any 
> other binary file ]

For uploads of binary resources, we can limit them to the ones we want 
to cater for as forrest content as images. For the other types of things 
that are to be rendered as "raw", like PDFs, tarballs, javadocs, etc, we 
will have to use the same method we use now.

-- 
Nicola Ken Barozzi                   nicolaken@apache.org
             - verba volant, scripta manent -
    (discussions get forgotten, just code remains)
---------------------------------------------------------------------



Mime
View raw message