Issue:Option to only run DPL from protected pages

From FollowTheScore
Revision as of 21:45, 30 April 2009 by Subfader (talk | contribs)
Jump to: navigation, search
Description: Protect your wiki from DPL abuse. E.g. "$wgProtectedDPL" as option to let DPL run only from protected pages.
Extension / Version: DPL   /   ?
Type / Status: Change Request   /   open

Problem

Note: I talk about an option, not a must.
Some wiki admins may not like the idea that other users can run DPL from any page. E.g. I'm paranoid, somebody copies all my content, so I disabled all Export features etc.

An option to give the full control to the admin is by letting DPL code only run from protected pages. Extension:SecureHTML uses it and it is so simple & safe at the same time. Advantages with "$wgProtectedDPL":

  • To protect a page you have to be an administrator, i.e.
  • Normal users can't create pages with DPL code
  • Normal users can't manipulate existing DPL code, because they can't edit the page. This is also possible without this new feature but with "$wgProtectedDPL" they simply can't do things the admin didn't allow with his DPL functions.
  • Normal users can't create or manipulate DPL code. They can include a protected DPL page or a normal page including DPL code, but then? No abuse :)

It may not seem to be important for you but surely for other wikis with sensible data.

Reply