Difference between revisions of "Issue:Option to only run DPL from protected pages"
From FollowTheScore
(New page: {{Issue |Type = Bug | Change Request <-- please select |Extension = DPL | Wgraph | aiSee | Call <-- please select |Version = ? |Description = Protect your wiki from DPL ...) |
m |
||
| Line 8: | Line 8: | ||
== Problem == | == Problem == | ||
| − | Note: I | + | Note: I talk about an option, not a must.<br> |
Some wiki admins may not like the idea that other users can run DPL from any page. E.g. I'm paranoid, somebody copies all my content, so I disabled all Export features etc. | Some wiki admins may not like the idea that other users can run DPL from any page. E.g. I'm paranoid, somebody copies all my content, so I disabled all Export features etc. | ||
Revision as of 22:38, 30 April 2009
| Description: | Protect your wiki from DPL abuse. E.g. "$wgProtectedDPL" as option to let DPL run only from protected pages. |
| Extension / Version: | DPL / ? |
| Type / Status: | Bug / open |
Problem
Note: I talk about an option, not a must.
Some wiki admins may not like the idea that other users can run DPL from any page. E.g. I'm paranoid, somebody copies all my content, so I disabled all Export features etc.
An option to give the full control to the admin is by letting DPL code only run from protected pages. Extension:SecureHTML uses it and it is so simple & safe at the same time. Advantages with "$wgProtectedDPL":
- To protect a page you have to be an administrator, i.e.
- normal users cannot create pages with DPL code
- normal users cannot manipulate existing DPL code, because they can't edit the page (also possible without this new feature though)
It may not seem to be important for you but surely for other wikis with sensible data.
